summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* "Coding practices" related fixesZhanna Tsitkov2009-01-272-594/+582
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21808 dc483132-0cff-0310-8789-dd5450dbe970
* In asn1_decode_pa_for_user(), ensure that user member is allocatedLuke Howard2009-01-261-0/+1
| | | | | | before assigning a value to it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21805 dc483132-0cff-0310-8789-dd5450dbe970
* Introduced new static function prep_reprocess_req to make code more readableZhanna Tsitkov2009-01-261-103/+116
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21801 dc483132-0cff-0310-8789-dd5450dbe970
* gss_header|trailerlen should be unsigned intSam Hartman2009-01-261-9/+9
| | | | | | | | | The krb5_c_crypto_length API returns unsigned int per its design. so, use unsigned int not size_t for its output. ticket: 6351 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21799 dc483132-0cff-0310-8789-dd5450dbe970
* Use 16/32-bit big/little-endian store functions in more placesKen Raeburn2009-01-2621-148/+60
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21796 dc483132-0cff-0310-8789-dd5450dbe970
* Check asprintf return codes. StylingZhanna Tsitkov2009-01-262-589/+617
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21795 dc483132-0cff-0310-8789-dd5450dbe970
* Use a struct in_addr to insure alignment of address - instead ofEzra Peisach2009-01-251-3/+3
| | | | | | | | | | random alignment on the stack. Solaris 2.10 has issues if the address is not aligned. The rest of the code in the tree uses a struct in_addr or mallocs the address - which will be sufficiently aligned. ticket: 6308 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21794 dc483132-0cff-0310-8789-dd5450dbe970
* Change 16/32/64-bit big-/little-endian/native unaligned load/storeKen Raeburn2009-01-243-19/+31
| | | | | | | | routines to take void pointers, so they can operate on both plain and unsigned char buffers, or other types. Remove some now-unneeded casts. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21793 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate the need for the domain_realm mapping table on the client side by ↵Zhanna Tsitkov2009-01-2311-37/+417
| | | | | | implementing minimal referral support in the KDC git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21792 dc483132-0cff-0310-8789-dd5450dbe970
* Remove some null checks in cases where pointers can't be nullGreg Hudson2009-01-233-10/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21790 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_pac_get_buffer, check the correct value for null after callingGreg Hudson2009-01-231-1/+1
| | | | | | malloc. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21789 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_pac_parse, change the code around a bit to avoid harmlesslyGreg Hudson2009-01-231-7/+8
| | | | | | copying an uninitialized Buffers field of a PACTYPE structure. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21788 dc483132-0cff-0310-8789-dd5450dbe970
* Initialize ds.magic in k5_md5_hmac_hash, to avoid harmlessly copyingGreg Hudson2009-01-231-0/+1
| | | | | | around its uninitialized value in krb5_hmac. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21787 dc483132-0cff-0310-8789-dd5450dbe970
* hash db2 code breaks if st_blksize > 64kKen Raeburn2009-01-231-0/+2
| | | | | | | | | | | | | | | | | | | | | The hash db code assumes in places that the block size is no larger than 64K. There's a range check in the case where you don't have a file but provide initialization info. The btree code will cap the block size used at 64K. Apparently Sun's ZFS can report back a block size of 128K, causing the db2 tests to fail. Add such a cap to the hash db creation code. Note that our default configuration is to use the btree code when creating a new database, so it's unlikely that this will cause real-world problems unless someone went out of their way to specify use of the hash format. ticket: 6342 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21786 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_get_init_creds, null out err_reply in a case where we free itGreg Hudson2009-01-231-0/+1
| | | | | | and do not necessarily exit the loop. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21785 dc483132-0cff-0310-8789-dd5450dbe970
* Always initialize the output parameter in krb5_parse_name and friendsGreg Hudson2009-01-231-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21784 dc483132-0cff-0310-8789-dd5450dbe970
* In kadmin, free the correct item in an error case (fixes a double-freeGreg Hudson2009-01-231-1/+1
| | | | | | and a memory leak). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21783 dc483132-0cff-0310-8789-dd5450dbe970
* Add some output parameter initializations n order to eliminate someGreg Hudson2009-01-235-2/+13
| | | | | | spurious Coverity defects. (Far from a comprehensive pass.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21782 dc483132-0cff-0310-8789-dd5450dbe970
* Per coding standards, don't declare variables in inner scopes in newGreg Hudson2009-01-232-10/+6
| | | | | | | rcache code except when it really makes sense (option processing for t_replay). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21781 dc483132-0cff-0310-8789-dd5450dbe970
* Include cksumtypes.h from aead.h to get struct krb5_cksumtypes (movedKen Raeburn2009-01-239-23/+33
| | | | | | | | in rev 21753). Protect cksumtypes.h from multiple inclusions. Update dependencies. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21780 dc483132-0cff-0310-8789-dd5450dbe970
* fix trailing whitespaceTom Yu2009-01-2218-47/+42
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21779 dc483132-0cff-0310-8789-dd5450dbe970
* whitespaceTom Yu2009-01-2247-1772/+1772
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21778 dc483132-0cff-0310-8789-dd5450dbe970
* Adapted patch from Apple: in kadmind's process_chpw_request, make sureGreg Hudson2009-01-221-2/+7
| | | | | | | | | to free error message strings. ticket: 6284 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21776 dc483132-0cff-0310-8789-dd5450dbe970
* If USE_VALGRIND, check that source principal is defined before copying.Ken Raeburn2009-01-221-0/+8
| | | | | | Initialize magic number fields of allocated name components. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21775 dc483132-0cff-0310-8789-dd5450dbe970
* If USE_VALGRIND, check readability of byte string before copyingKen Raeburn2009-01-221-0/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21774 dc483132-0cff-0310-8789-dd5450dbe970
* Define valgrind macros as no-ops if not USE_VALGRIND, and use ↵Ken Raeburn2009-01-221-26/+3
| | | | | | unconditionally, per Danilo's suggestion git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21773 dc483132-0cff-0310-8789-dd5450dbe970
* Patch from Love: when opening an existing replay cache, check moreGreg Hudson2009-01-211-14/+40
| | | | | | thoroughly to prevent symlink attacks. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21770 dc483132-0cff-0310-8789-dd5450dbe970
* Patch from Luke: fix error return of krb5_gss_use_kdc_contextGreg Hudson2009-01-211-1/+10
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21768 dc483132-0cff-0310-8789-dd5450dbe970
* When encoding, and compiling with -DUSE_VALGRIND, explicitly get valgrind to ↵Ken Raeburn2009-01-201-0/+61
| | | | | | check the inputs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21766 dc483132-0cff-0310-8789-dd5450dbe970
* delete trailing whitespace, including insanely long 'blank' linesKen Raeburn2009-01-201-64/+62
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21764 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_rd_rep_dce, initialize repl to NULL to avoid using itsGreg Hudson2009-01-201-1/+1
| | | | | | initialized value when we take the first goto to clean_scratch. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21763 dc483132-0cff-0310-8789-dd5450dbe970
* If buffer length is 0, force pointer to NULL, to keep valgrind happier when ↵Ken Raeburn2009-01-171-2/+4
| | | | | | callers don't bother git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21762 dc483132-0cff-0310-8789-dd5450dbe970
* patch from Luke - minor cleanupKen Raeburn2009-01-173-10/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21761 dc483132-0cff-0310-8789-dd5450dbe970
* patch from Luke - fix enctype-nego enctype list setupKen Raeburn2009-01-171-16/+8
| | | | | | ticket: 6336 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21760 dc483132-0cff-0310-8789-dd5450dbe970
* patch from Luke - fix sign problemKen Raeburn2009-01-171-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21759 dc483132-0cff-0310-8789-dd5450dbe970
* include dependencies for decoder testKen Raeburn2009-01-162-1/+13
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21758 dc483132-0cff-0310-8789-dd5450dbe970
* Use valgrind in more cases if VALGRIND is setKen Raeburn2009-01-165-12/+96
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21754 dc483132-0cff-0310-8789-dd5450dbe970
* Make enctype and checksumtype name mapping table types private to theKen Raeburn2009-01-157-187/+120
| | | | | | | | crypto library. Add a field for aliases to the record type so that aliases don't have to be implemented by duplicating all the other information. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21753 dc483132-0cff-0310-8789-dd5450dbe970
* Fix an additional multiple-write case noted by John, where sendauthKen Raeburn2009-01-153-23/+53
| | | | | | | | | | | | calls write_message twice in a row. Add new function krb5int_write_messages, calls krb5_net_writev with multiple messages (currently only two at a time). Use it from krb5_write_message and krb5_sendauth. ticket: 6339 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21752 dc483132-0cff-0310-8789-dd5450dbe970
* Rework the replay cache extensions to make the hash extension recordsGreg Hudson2009-01-152-60/+224
| | | | | | | | | | | | stand alone. Otherwise, reordering of records during an expunge could cause the hash to be applied to the wrong record. Also add an "expunge" option to the t_replay program, and clean up some memory-handling inconsistencies. ticket: 1201 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21751 dc483132-0cff-0310-8789-dd5450dbe970
* updateKen Raeburn2009-01-151-0/+10
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21750 dc483132-0cff-0310-8789-dd5450dbe970
* Add new routine krb5int_net_writev using scatter-gather source.Ken Raeburn2009-01-154-24/+49
| | | | | | | | | Use it from krb5_net_write to ensure testing and reduce duplication. Use it from krb5_write_message to avoid Nagle+DelayedAck problem. ticket: 6339 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21749 dc483132-0cff-0310-8789-dd5450dbe970
* If we have a local UDP socket without the PKTINFO option set, it'sKen Raeburn2009-01-141-0/+11
| | | | | | | | | bound to a local address, so use getsockname to extract the local (destination) address. ticket: 6335 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21748 dc483132-0cff-0310-8789-dd5450dbe970
* If recv_from_to is passed a buffer for the local endpoint address,Ken Raeburn2009-01-142-2/+19
| | | | | | | clobber it before doing anything else, just in case we can't retrieve the address and the caller blindly uses the buffer anyways. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21747 dc483132-0cff-0310-8789-dd5450dbe970
* Merge some very simple points of divergence in the two copies of network.c ↵Ken Raeburn2009-01-142-27/+18
| | | | | | | | -- enum ordering, whitespace, duplicate macro definitions, unused code, 0 vs NULL... git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21746 dc483132-0cff-0310-8789-dd5450dbe970
* Pass s4u name and c_flags to log_tgs_req. If values are supplied, logKen Raeburn2009-01-143-5/+23
| | | | | | | | an additional message to record the name and s4u mode. Untested for lack of code to invoke these code paths. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21745 dc483132-0cff-0310-8789-dd5450dbe970
* Force tickets acquired by the kadm5 client library via passwordRuss Allbery2009-01-141-1/+5
| | | | | | | | | | | | | | | authentication to be non-forwardable and non-proxiable, overridding any [libdefaults] configuration. This may be necessary at sites that set forwardable to true by default in their krb5.conf files but disable forwardable tickets for privileged principals. Since the ticket cache acquired by the kadm5 client library is used only for kadmin operations, where forwardable is not useful or necessary, there is no reason to ever attempt to obtain forwardable or proxiable tickets here. Ticket: 6337 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21744 dc483132-0cff-0310-8789-dd5450dbe970
* Patch from Luke Howard to:Sam Hartman2009-01-1310-62/+198
| | | | | | | | | | * Accept both CFX and non-CFX tokens all the time on acceptor * Only produce an acceptor subkey if you are using cfx or dce or negotiating up to cfx Additional changes from Sam Hartman: * do not assume that the ticket key type (server key) is a valid target for negotiation: the client may not support it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21742 dc483132-0cff-0310-8789-dd5450dbe970
* /tmp/3Ken Raeburn2009-01-133-91/+39
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21741 dc483132-0cff-0310-8789-dd5450dbe970
* FreeBSD compiler errors out on an error "zero or negative size array"Ezra Peisach2009-01-131-0/+8
| | | | | | | | | | | | after setting up an array with no elements. ifdef out array declarations and code that uses it until there are entries. Affects: krb5_gss_inquire_cred_by_oid_ops and krb5_gss_set_sec_context_option_ops which would return an error in any case as here are no entries in the arrays. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21740 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-10-15 08:05:13 +0000