| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
This way different processes running as the same user can be configured as
different servervices
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Günther Deschner <gdeschner@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The client library lives in applications that may not be blocking or ignoring
SIGPIPE. Using write() can cause SIGPIPE to be raised in the application if the
proxy is restarted. If the application does not catch the signal then it is
terminated.
Make sure this does not happen by using send() with the MSG_NOSIGNAL flag.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Change the i variable to be a signed integer ot the loop will never end because
and unsigned integer decremented past 0 simply wraps to a very big integer.
The condition that would break the loop can never be true therefore the code
would loop forever until eventually a double free would cause a crash.
Found by Coverity.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
| |
Found by Coverity as 'Argument cannot be negative' type of error.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
| |
The kernel uses the fixed path named /var/run/gssproxy.sock
Make this default a configure time option and default to it.
Also remove the option to change the socket at configure time,
neither the kernel nor proxymech.so can cope with a change anyway.
|
| |
|
|
|
| |
These includes are necessary when switching to gssrpc because they
are not automatically dragged in via dependencies in system rpc.h
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
When the interposer wants to call the mechglue and have it call a real
mechanism it does so by providing a speecial mechanism oid.
This is an oid composed of the procy plugin oid and the real mechanism oid
that the mechglue transforms back into a real OID before selecting the
appropriate mechanism.
|
| |
|
|
| |
Acked-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Acked-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Acked-by: Simo Sorce <simo@redhat.com>
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
|
|
Make space for the actual mechglue plugin interface. The mechglue interface
will use the client library to communicate with the gss-proxy but will
reimplement all GSSAPI SPI as wrappers in order to properly handle fallbacks to
local mechanism and other input/output transformations.
|
