| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
ticket: 7377
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use a global dump (the default dump file) for full syncs for iprop.
When a slave asks for a fullsync we kprop the existing global dump to it
if that is good enough, else we dump the DB and send the new global
dump.
Before this change kadmind would run kdb5_util dump -i... each time a
slave asked for a full dump. This was done in a sub-process,
thankfully, but it was still a waste of time and storage (e.g., if one
has a huge KDB).
Also, long dump times might cause a slave to give up (the timeout for
this is now configurable). But since iprop dumps bear a serial number
and timestamp and since slaves will resync from that point forward, it
doesn't matter if the dump we send a slave is fresh as long as it is
fresh enough (i.e., that its sno and timestamp are in the ulog).
Also:
- Rename dumps into place instead of unlink, create, write (but we
still keep the dump ok files as lock files and as a method of
signaling to kprop that the dump is complete).
ticket: 7371
|
| |
|
|
|
|
|
| |
Add additional debug output and syslogs. Remove "kpropd:" from
syslogs. Always call openlog(). Clean up C style of a few messages.
[ghudson@mit.edu: split and combine commits; commit message]
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Make kpropd in iprop mode fork a child to listen for kprops from the
master. The child writes progress and outcome reports to the parent
for each kprop. This fixes a race between asking for a full resync
and setting up a listener socket for it.
- Add runonce (-t) for kpropd do_standalone() too.
- Add a new iprop parameter: iprop_resync_timeout. kpropd will keep
asking for incremental updates while waiting for a full resync to
finish, and will re-request a full resync if kadmind continues to
indicate that one is needed after this timeout passes since the
previous full resync was requested.
- Allow polling intervals less than 10 seconds.
[ghudson@mit.edu: split out debug output changes; note polling interval
change in commit message]
ticket: 7373
|
| |
|
|
|
|
|
|
|
|
|
| |
util/cstyle-file.py checks a file for C style issues and displays
line-by-line output. It is not terribly sophisticated, and can
probably be improved upon (e.g. by doing an emacs batch-reindent of
the file and checking for differences in indentation).
util/cstyle.py produces diffs using git, runs the file checker on each
modified C source file in each diff, and displays the output lines
attribute to the diff.
|
| |
|
|
|
|
|
|
|
|
|
| |
RFC 6680 requires that gss_export_name_composite begin the output
token with 04 02. So we must produce a composite token even if the
name has no authdata, and be able to consume a composite token with no
authdata attributes.
[ghudson@mit.edu: expanded commit message]
ticket: 7400 (new)
|
| |
|
|
|
|
|
|
|
|
| |
An interposer mech needs to be able to handle multiple mechanisms.
When importing a mech token for a name, cred, or context, the
interposer mech needs to know the mech type of the token being
imported. To make this work, add SPI calls which accept a mech type
argument.
[ghudson@mit.edu: Stylistic changes, commit squashing, commit message]
|
| |
|
|
|
|
|
|
|
|
| |
Wherever a GSSAPI mechglue function accepts a mech OID from the
caller, use gssint_select_mech_type() to choose the mechanism to use.
Wherever a mechglue function outputs a mech OID to the caller, use
gssint_get_public_oid() or gssint_make_public_oid_set() to expose the
public mech OID.
[ghudson@mit.edu: Stylistic changes, commit squashing, commit message]
|
| |
|
|
|
|
|
|
|
|
| |
Add gssint_select_mechanism() to determine what mechanism to use for a
caller-specified OID, gssint_get_public_oid() to determine what
mechanism to expose to the caller, and gssint_make_public_oid_set to
translate an array of mech OIDs into a set of public OIDs. In
gssint_get_mechanism(), match interposed OIDs as well as real ones.
[ghudson@mit.edu: Stylistic changes, commit squashing, commit message]
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Extend the syntax of the gss mech config file to allow a module type
delimited by triangle brackets. If the module type is "interposer",
flag the mechanism entry as being an interposer mechanism. A module
marked as an interposer is loaded immediately (so it can interpose a
built-in mechanism) and produces a list of OIDs to interpose.
Interposer mechanisms are not exposed to applications.
[ghudson@mit.edu: Stylistic changes, commit squashing, commit
message]
|
| |
|
|
|
|
|
|
|
|
| |
Changes in r25660 inadvertently failed to insert TGS-REPs into the
lookaside cache. Call finish_dispatch_cache() at the end of
dispatch() to handle this case.
ticket: 7388 (new)
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
|
|
| |
Executables and shared libraries should have a file version, so
that the upgrade process works as expected.
ticket: 7386 (new)
tags: pullup
target_version: 1.10.4
|
| |
|
|
|
|
|
|
|
|
| |
Actually expand the OUTPRE variable instead of just using a literal
string.
ticket: 7387 (new)
subject: Windows build leaves (OUTPRE)/krb5ccNN.res in ccapi/lib/win/srctmp
tags: pullup
target_version: 1.10.4
|
| |
|
|
|
| |
FILES is unused in util/{ss,et}/Makefile.in; some other unused
variables were nearby.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It has been unloved and broken repeatedly for many years, requiring
updating of several variables whenever new directories are added
and similar tedia. It was originally intended to avoid the need
for Unix utilities on Windows, but Microsoft provides the Utilities
and SDK for UNIX-based Applications which is enough rope to do a
native build.
Leave behind a warning message to anyone who does try to build the
target.
Clean up some now-unused infrastructure in the build system.
ticket: 7367 (new)
|
| |
|
|
|
|
| |
NT is long-gone; we don't need to keep a special-case error message
around telling people not to use it.
Clean out the unneeded code from the Makefile.in
|
| |
|
|
|
|
|
| |
It's been a long time since systems were limited to 8.3 format
for file names. No one should be thinking to try and build this
target, and if they do, we don't need a custom error message anymore.
Clean out the unneeded code from the Makefile.in.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Note that windows/wshelper/* was removed from the list, as it doesn't
exist.
The kerbsrc.zip target is slated for removal, but attempt to make it
more correct before removing it should it need to be revived.
Submitted by: Blaine Elzey blaine.elzey at alcatel-lucent.com
ticket: 7364 (new)
|
| |
|
|
|
|
| |
windows/leashdll/include contains only a krb4 directory.
We have a dubious need for the latter through AFSroutines.c,
but the former can be eliminated.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The build instructions have changed somewhat, as have the requirements
for a build environment.
The default behavior for KRB5_CONFIG and KRB5CCNAME has also changed.
Attempt to remove mention of overly specific Windows versions that
are now quite old when the behavior persists in newer versions of Windows.
Document the usage of DNS by default and the reduced need for a large
krb5.ini file.
Talk a little more about the LSA cache.
The kerbsrc.win target is no longer supported.
ticket: 7363 (new)
target_version: 1.10.4
tags: pullup
|
| |
|
|
|
|
|
| |
Unlike most GSS test programs, t_s4u2proxy_krb5 uses a cleanup
handler, so we have to be careful to initialize everything we clean
up--particularly service2_name, which is initialized after a possible
goto. Also, remember to release acceptor_name.
|
| | |
|
| |
|
|
|
| |
krb5_rc_resolve_full, krb5_rc_resolve_get_name, and
krb5_rc_resolve_get_type are also now used in the krb5 mech.
|
| |
|
|
|
|
| |
krb5_rc_recover_or_initialize is not a public function, but is now
used by the krb5 mechanism when importing a credential. Mark it as
PRIVATE GSSAPI in the export list.
|
| |
|
|
|
|
|
|
|
|
| |
It might have been safe to access the krb5 verifier cred without a
lock before constrained delegation, but it is less likely to be safe
now that we might access both the initiator and acceptor parts of the
cred. Hold a lock on the cred for the full accept_sec_context
operation.
ticket: 7366 (new)
|
| |
|
|
|
|
|
|
|
| |
If the verifier cred handle is of type GSS_C_BOTH, we need to resolve
the initiator part of it in order to create a s4u2proxy delegated
credential handle. (If it's of type GSS_C_ACCEPT, kg_resolve_cred
won't do anything beyond locking and validating the credential.)
ticket: 7356
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The NSIS installer appears to have only ever existed as a 32-bit
software. As such, unconditionally check the 32-bit registry tree
for an uninstall string; the architecture of the current package
being installed is not relevant to what was previously installed.
ticket: 7362 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| |
|
|
| |
Use helper functions to shorten and clarify loadConfigFile.
|
| |
|
|
|
|
|
| |
Get rid of gssint_get_mechanisms, gssint_mech_to_oid, and
gssint_oid_to_mech, which constructed a list of mechanism names and
mapped between mech names and OIDs. These functions were only used by
gss_inquire_mechs_for_name, which now uses gss_indicate_mechs instead.
|
| |
|
|
|
|
|
|
|
| |
Use gss_indicate_mechs instead of gssint_get_mechanisms and
gssint_mech_to_oid to iterate over the list of mechanism OIDs. Use a
static helper to determine whether a mech supports a name type,
avoiding most of the work done in the for loop. Use a cleanup
handler. Don't leave partial results in the output parameter on
error.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Failure handling during the postprocessing of
mech->gss_accept_sec_context was inconsistent. In one case we delete
the output token but leave the partly-constructed context present in
*context_handle (violating RFC 2744 if this is the first call); in
other cases we leave the output token in the caller's buffer but do
destroy the partly-constructed context. Make this more consistent by
always destroying the output token and partly-constructed context.
(RFC 2744 prefers, but does not require, leaving the
partly-constructed context present on error if it was present on
entry. At the moment we are ignoring that preference.)
[ghudson@mit.edu: Rewrote commit message with more details]
|
| |
|
|
|
|
| |
Declarations of gss_OID_desc mech_krb5, etc. in tests/gssapi/common.h
can result in multiple definitions when the test programs are linked.
Prefix the declarations with "extern" to prevent this.
|
| |
|
|
|
| |
This function wasn't used anywhere. Also remove the declaration for
osa_adb_close_policy(), which doesn't exist.
|
| |
|
|
|
|
|
|
| |
Factor out some common functions used by multiple test programs. Use
a common argument format for importing names (p:princname,
h:hostbasedname, or u:username) and adjust the Python tests to match
it. Use more consistent conventions in test programs and fix some
coding style issues. Normalize how the test programs are built.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This installer option determines whether the -autoinit argument
is passed to the MIT Kerberos executable.
On startup, if this argument is passed, and if there are no tickets
in the default cache, and if no useful tickets can be imported from
the LSA cache, MIT Kerberos will open the get ticket dialog and prompt
for a password; this option does not appear to have any other effect.
ticket: 7357 (new)
queue: kfw
target_version: 1.10.4
tags: pullup
|
| | |
|
| |
|
|
|
|
| |
Test the fix for https://bugzilla.redhat.com/show_bug.cgi?id=586032 .
Also test that krb5kdc can return svc unavailable
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The lock inconsistency fixed here is quite possibly the same as
described in https://bugzilla.redhat.com/show_bug.cgi?id=586032 .
The problem is that ctx_unlock() fails to unlock the principal DB if
it fails to unlock the policy DB, and this happens when ctx_lock()
fails to lock the policy DB (likely because the caller is racing
against a kdb5_util load, which will be using a "permanent" lock,
meaning that the lock file will be unlinked after acquiring the
lock). The fix is to perform both unlock operations *then* handle
any errors that either or both might have returned.
Additionally, we don't really need or want to use non-blocking locks,
and we certainly don't want to sleep(1) in krb5kdc (possibly several
times, as there was a loop over this) when either of the principal or
policy DB is locked. Some callers still request non-blocking locks,
and ctx_lock() still honors this.
ticket: 7360 (new)
|
| |
|
|
|
|
|
|
|
|
| |
We don't really need or want to use non-blocking locks, and we certainly
don't want to sleep(1) in krb5kdc (possibly several times, as there was
a loop over this) when either of the principal or policy DB is locked.
Some callers still request non-blocking locks, and ctx_lock() still
honors this.
ticket: 7359 (new)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The KDC should not return KRB5KRB_ERR_GENERIC (KRB_ERR_GENERIC) when the
KDB plugin returns KRB5_KDB_CANTLOCK_DB: it should return
KRB5KDC_ERR_SVC_UNAVAILABLE (KDC_ERR_SVC_UNAVAILABLE) instead. This
allows clients to immediately fallback onto other KDCs.
When we switch to using blocking locks in the db2 KDB backend we'll very
rarely hit this code path, perhaps only when racing against a kdb5_util load.
Other KDB backends might still return KRB5_KDB_CANTLOCK_DB often enough that
this change is desirable.
ticket: 7358 (new)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Revision fcdd2de1 added the K5_KEY_GSS_KRB5_ERROR_MESSAGE key, and
registered it in the gssapi library initialization routine, but
did not unregister it in the libary finalization routine.
When the library is unloaded and reloaded in the same process,
this leads to an assertion failure, since we check that
destructors_set[keynum] is zero (no destructor set) when registering
a key in util/support/threads.c.
Unregister the key on library cleanup to resolve the error.
ticket: 7353
target_version: 1.10.4
tags: pullup
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
In the MSLSA cache, if we get back a zero-length ticket, don't
accept it as success; continue on to try and get an acceptable
ticket.
ticket: 7349 (new)
subject: SapGUI sometimes crashes on new session with MSLSA cache
target_version: 1.10.4
tags: pullup
|
| | |
|
| |
|
|
| |
ticket: 7354
|
| |
|
|
| |
ticket: 7354
|
| |
|
|
|
|
|
| |
Using the new internal JSON support to implement serialization and
unserialization of krb5 GSS credentials.
ticket: 7354
|
| |
|
|
|
|
|
|
| |
Add gss_export_cred and gss_import_cred mechglue functions to
serialize and unserialize GSSAPI credential handles. Mechanism
implementations and tests will follow.
ticket: 7354 (new)
|
