krb5.git/src/kdc/fakeka.c, branch keyring MIT Kerberos patches In the KDC, remove krb4 request handling support and fakeka code 2008-12-15T18:32:44+00:00 Greg Hudson ghudson@mit.edu 2008-12-15T18:32:44+00:00 b03dd7a3955864c7f84742ac37a97cf00bcd786e ticket: 6303 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21448 dc483132-0cff-0310-8789-dd5450dbe970 
ticket: 6303
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21448 dc483132-0cff-0310-8789-dd5450dbe970
Convert many uses of sprintf to snprintf or asprintf 2008-12-01T17:09:59+00:00 Greg Hudson ghudson@mit.edu 2008-12-01T17:09:59+00:00 0692bffad6dbd696b2817f59ee7dd2e7e38ceb4b ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21258 dc483132-0cff-0310-8789-dd5450dbe970 
ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21258 dc483132-0cff-0310-8789-dd5450dbe970
Use strlcpy instead of strcpy in many places 2008-10-24T20:07:00+00:00 Greg Hudson ghudson@mit.edu 2008-10-24T20:07:00+00:00 fcf15c482b582c4f2e5dd7c6222c4e3509bbb7d6 ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20919 dc483132-0cff-0310-8789-dd5450dbe970 
ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20919 dc483132-0cff-0310-8789-dd5450dbe970
Set close-on-exec flag in most places where file descriptors are 2007-10-22T19:18:53+00:00 Ken Raeburn raeburn@mit.edu 2007-10-22T19:18:53+00:00 3d8fa6bb4012296a53fe04e486a9157a2963b644 opened in our libraries (in case another application thread spawns a new process) and in the KDC programs (in case a plugin library spawns a new process). Checked calls to: open fopen THREEPARAMOPEN mkstemp socket accept dup dup2 pipe. In: util lib plugins kdc kadmin/server krb524. The various programs are less critical than the libraries, as any well-written plugin that spawns a new process should close all file descriptors it doesn't need to communicate with the new process. This approach also isn't bulletproof, as the call to set the close-on-exec flag is necessarily a separate call from creating the file descriptor, and the fork call could happen in between them. So plugins should be careful regardless of this patch; it will only reduce the window of potential lossage should a plugin be poorly written. (AFAIK there are currently no plugins that spawn processes where this would be a problem.) Update dependencies. ticket: 5561 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20143 dc483132-0cff-0310-8789-dd5450dbe970 
opened in our libraries (in case another application thread spawns a
new process) and in the KDC programs (in case a plugin library spawns
a new process).

Checked calls to: open fopen THREEPARAMOPEN mkstemp socket accept dup
dup2 pipe.  In: util lib plugins kdc kadmin/server krb524.

The various programs are less critical than the libraries, as any
well-written plugin that spawns a new process should close all file
descriptors it doesn't need to communicate with the new process.

This approach also isn't bulletproof, as the call to set the
close-on-exec flag is necessarily a separate call from creating the
file descriptor, and the fork call could happen in between them.  So
plugins should be careful regardless of this patch; it will only
reduce the window of potential lossage should a plugin be poorly
written.  (AFAIK there are currently no plugins that spawn processes
where this would be a problem.)

Update dependencies.

ticket: 5561

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20143 dc483132-0cff-0310-8789-dd5450dbe970
* lib/kadm5/alt_prof.c (kadm5_get_config_params): Replace filename and 2006-05-16T01:45:00+00:00 Ken Raeburn raeburn@mit.edu 2006-05-16T01:45:00+00:00 776a9fa505e71b6277a8857a2bfd527e02667465 envvar arguments with a flag indicating whether KDC config data should be used. Prototype and all callers changed. (krb5_read_realm_params): Delete config file and env var arguments. Prototype and all callers changed. * lib/kadm5/admin.h (KADM5_CONFIG_PROFILE): Commented out. (struct _kadm5_config_params): Delete field PROFILE. * lib/kadm5/alt_prof.c (kadm5_get_config_params): Don't look at it. (kadm5_free_config_params): Don't free it. * kadmin/testing/tcl/util.t: Remove profile data from config params. * kadmin/testing/util/tcl_kadm5.c (config_mask_flags): Deleted KADM5_CONFIG_PROFILE entry. (parse_config_params): Changed to require 20 parameters instead of 21. * lib/kadm5/unit-test/api.2/init-v2.exp (test100): Deleted. * lib/kadm5/alt_prof.c (krb5_aprof_init): Fetch the list of config files from the library and add the caller-indicated config file to the front of the list. * lib/kadm5/clnt/client_init.c (kadm5_init_krb5_context): New function. * lib/kadm5/clnt/libkadm5clnt.exports: Export it. * lib/kadm5/srv/server_init.c: Include k5-int.h, osconf.h, gssapiP_krb5.h. (kadm5_init_krb5_context): New function. * lib/kadm5/srv/libkadm5srv.exports: Export it. * lib/kadm5/srv/Makefile.in (LOCAL_INCLUDES): Add gssapi directories. * lib/kadm5/admin.h (kadm5_init_krb5_context): Declare it. * kadmin/dbutil/kdb5_destroy.c (kdb5_destroy): Call kadm5_init_krb5_context instead of krb5_init_context. * kadmin/dbutil/dump.c (load_db): Likewise. * kadmin/dbutil/kdb5_util.c (main): Likewise. * kadmin/dbutil/kadm5_create.c (kadm5_create): Likewise. * kadmin/dbutil/kdb5_stash.c (kdb5_stash): Likewise. * kadmin/dbutil/loadv4.c (load_v4db): Likewise. * kadmin/server/ovsec_kadmd.c (main): Likewise. * kadmin/cli/kadmin.c (kadmin_startup): Likewise. * kadmin/testing/util/tcl_ovsec_kadm.c (tcl_ovsec_kadm_init): Likewise. * lib/kadm5/unit-test/lock-test.c (main): Likewise. * lib/kadm5/unit-test/handle-test.c (main): Likewise. * lib/kadm5/unit-test/randkey-test.c (main): Likewise. * lib/kadm5/unit-test/setkey-test.c (main): Likewise. * lib/kadm5/chpass_util.c (_kadm5_chpass_principal_util): Likewise. * lib/kadm5/kadm_rpc_xdr.c (xdr_krb5_principal): Likewise. * lib/krb5/os/init_os_ctx.c (add_kdc_config_file): New function. (os_init_paths): Add new argument KDC; call add_kdc_config_file if true. * lib/krb5/krb/init_ctx.c (krb5int_init_context_kdc): New function. (init_common): Add new argument KDC, passed to krb5_os_init_context. * lib/krb5/libkrb5.exports: Export krb5int_init_context_kdc. * k5-int.h (krb5_os_init_context): Update decl. * lib/kadm5/srv/server_init.c (kadm5_init): Call krb5int_init_context_kdc. * krb524/krb524d.c (main): Likewise. * lib/kadm5/unit-test/api.2/init-v2.exp: Don't run test 154 for error for $KRB5_KDC_PROFILE file not present. * lib/krb5/os/init_os_ctx.c (os_get_default_config_files): Rewrite KLL test so as not to confuse Emacs indentation support. * lib/gssapi/krb5/init_sec_context.c (kg_kdc_flag_mutex, kdc_flag): New variables. (krb5_gss_init_context, krb5_gss_use_kdc_context): New functions. * lib/gssapi/krb5/gssapiP_krb5.h (kg_kdc_flag_mutex): Declare. (krb5_gss_init_context, krb5_gss_use_kdc_context): Declare. (krb5_init_context): Define as macro to invoke krb5_gss_init_context for now. * lib/gssapi/gss_libinit.c (gssint_lib_init): Initialize the mutex. (gssint_lib_fini): Destroy it. * lib/gssapi/libgssapi_krb5.exports: Export krb5_gss_use_kdc_context. * lib/kadm5/srv/server_init.c (kadm5_init): Don't complain if the config files specify an admin server, since we now look at krb5.conf as well. * lib/kadm5/unit-test/api.2/init-v2.exp: Delete test test114 for bad server params. * plugins/kdb/db2/adb_openclose.c (osa_adb_init_db): Use krb5int_init_context_kdc instead of krb5_init_context. * kdc/rtest.c (main): Likewise. * kdc/fakeka.c (main): Likewise. * kdc/main.c (main, init_realm): Likewise. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18009 dc483132-0cff-0310-8789-dd5450dbe970 
envvar arguments with a flag indicating whether KDC config data should
be used.  Prototype and all callers changed.
(krb5_read_realm_params): Delete config file and env var arguments.
Prototype and all callers changed.

* lib/kadm5/admin.h (KADM5_CONFIG_PROFILE): Commented out.
(struct _kadm5_config_params): Delete field PROFILE.
* lib/kadm5/alt_prof.c (kadm5_get_config_params): Don't look at it.
(kadm5_free_config_params): Don't free it.
* kadmin/testing/tcl/util.t: Remove profile data from config params.
* kadmin/testing/util/tcl_kadm5.c (config_mask_flags): Deleted
KADM5_CONFIG_PROFILE entry.
(parse_config_params): Changed to require 20 parameters instead of 21.
* lib/kadm5/unit-test/api.2/init-v2.exp (test100): Deleted.

* lib/kadm5/alt_prof.c (krb5_aprof_init): Fetch the list of config files from
the library and add the caller-indicated config file to the front of the list.

* lib/kadm5/clnt/client_init.c (kadm5_init_krb5_context): New function.
* lib/kadm5/clnt/libkadm5clnt.exports: Export it.
* lib/kadm5/srv/server_init.c: Include k5-int.h, osconf.h, gssapiP_krb5.h.
(kadm5_init_krb5_context): New function.
* lib/kadm5/srv/libkadm5srv.exports: Export it.
* lib/kadm5/srv/Makefile.in (LOCAL_INCLUDES): Add gssapi directories.
* lib/kadm5/admin.h (kadm5_init_krb5_context): Declare it.
* kadmin/dbutil/kdb5_destroy.c (kdb5_destroy): Call kadm5_init_krb5_context
instead of krb5_init_context.
* kadmin/dbutil/dump.c (load_db): Likewise.
* kadmin/dbutil/kdb5_util.c (main): Likewise.
* kadmin/dbutil/kadm5_create.c (kadm5_create): Likewise.
* kadmin/dbutil/kdb5_stash.c (kdb5_stash): Likewise.
* kadmin/dbutil/loadv4.c (load_v4db): Likewise.
* kadmin/server/ovsec_kadmd.c (main): Likewise.
* kadmin/cli/kadmin.c (kadmin_startup): Likewise.
* kadmin/testing/util/tcl_ovsec_kadm.c (tcl_ovsec_kadm_init): Likewise.
* lib/kadm5/unit-test/lock-test.c (main): Likewise.
* lib/kadm5/unit-test/handle-test.c (main): Likewise.
* lib/kadm5/unit-test/randkey-test.c (main): Likewise.
* lib/kadm5/unit-test/setkey-test.c (main): Likewise.
* lib/kadm5/chpass_util.c (_kadm5_chpass_principal_util): Likewise.
* lib/kadm5/kadm_rpc_xdr.c (xdr_krb5_principal): Likewise.

* lib/krb5/os/init_os_ctx.c (add_kdc_config_file): New function.
(os_init_paths): Add new argument KDC; call add_kdc_config_file if true.
* lib/krb5/krb/init_ctx.c (krb5int_init_context_kdc): New function.
(init_common): Add new argument KDC, passed to krb5_os_init_context.
* lib/krb5/libkrb5.exports: Export krb5int_init_context_kdc.
* k5-int.h (krb5_os_init_context): Update decl.
* lib/kadm5/srv/server_init.c (kadm5_init): Call krb5int_init_context_kdc.
* krb524/krb524d.c (main): Likewise.
* lib/kadm5/unit-test/api.2/init-v2.exp: Don't run test 154 for error for
$KRB5_KDC_PROFILE file not present.

* lib/krb5/os/init_os_ctx.c (os_get_default_config_files): Rewrite KLL test so
as not to confuse Emacs indentation support.

* lib/gssapi/krb5/init_sec_context.c (kg_kdc_flag_mutex, kdc_flag): New
variables.
(krb5_gss_init_context, krb5_gss_use_kdc_context): New functions.
* lib/gssapi/krb5/gssapiP_krb5.h (kg_kdc_flag_mutex): Declare.
(krb5_gss_init_context, krb5_gss_use_kdc_context): Declare.
(krb5_init_context): Define as macro to invoke krb5_gss_init_context for now.
* lib/gssapi/gss_libinit.c (gssint_lib_init): Initialize the mutex.
(gssint_lib_fini): Destroy it.
* lib/gssapi/libgssapi_krb5.exports: Export krb5_gss_use_kdc_context.

* lib/kadm5/srv/server_init.c (kadm5_init): Don't complain if the config files
specify an admin server, since we now look at krb5.conf as well.
* lib/kadm5/unit-test/api.2/init-v2.exp: Delete test test114 for bad server
params.

* plugins/kdb/db2/adb_openclose.c (osa_adb_init_db): Use
krb5int_init_context_kdc instead of krb5_init_context.
* kdc/rtest.c (main): Likewise.
* kdc/fakeka.c (main): Likewise.
* kdc/main.c (main, init_realm): Likewise.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18009 dc483132-0cff-0310-8789-dd5450dbe970
* fakeka.c (main): Pass extra null-pointer argument to kadm5_init_with_password 2005-11-18T01:37:56+00:00 Ken Raeburn raeburn@mit.edu 2005-11-18T01:37:56+00:00 9bc1c345995826fc7cea9ea4c29b25ff827f9b7b for new db_args argument added by DAL changes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17496 dc483132-0cff-0310-8789-dd5450dbe970 
for new db_args argument added by DAL changes.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17496 dc483132-0cff-0310-8789-dd5450dbe970
* fakeka.c: Include errno.h 2005-11-18T01:29:45+00:00 Ken Raeburn raeburn@mit.edu 2005-11-18T01:29:45+00:00 177ab82116ce80029d82beee64573ca4854c875c ticket: 3236 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17495 dc483132-0cff-0310-8789-dd5450dbe970 
ticket: 3236

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17495 dc483132-0cff-0310-8789-dd5450dbe970
Bug from David Thompson <thomas@cs.wisc.edu>. Bug originally introduced 2004-02-19T17:51:40+00:00 Ken Hornstein kenh@cmf.nrl.navy.mil 2004-02-19T17:51:40+00:00 2f6ea9303f3981e26929c3791a0b2dd9ac05610f by me during conversion from bcopy() to memcpy(). ticket: 2258 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16104 dc483132-0cff-0310-8789-dd5450dbe970 
by me during conversion from bcopy() to memcpy().

ticket: 2258

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@16104 dc483132-0cff-0310-8789-dd5450dbe970
This is the integration of "fakeka" (a program to emulate a kaserver) 2003-02-06T19:58:18+00:00 Ken Hornstein kenh@cmf.nrl.navy.mil 2003-02-06T19:58:18+00:00 67c751774d700487072bf7539ff15f153566ee3a into the MIT distribution. It's compilation is enabled with --enable-fakeka. ticket: 1281 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15158 dc483132-0cff-0310-8789-dd5450dbe970 
into the MIT distribution.  It's compilation is enabled with --enable-fakeka.

ticket: 1281

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15158 dc483132-0cff-0310-8789-dd5450dbe970