krb5.git/src/lib/crypto/krb, branch gss_cs MIT Kerberos patches Remove a warning in AES string-to-key 2013-11-16T04:38:15+00:00 Greg Hudson ghudson@mit.edu 2013-11-16T04:38:15+00:00 e08db4b3097e31c9fd42e870b641ad97155cab39 On 32-bit platforms, the code to translate an iteration count of 0 to 2^32 can trigger a compiler warning. Since we will basically never accept an iteration count that high (right now we reject anything above 2^24), just reject it out of hand. 
On 32-bit platforms, the code to translate an iteration count of 0 to
2^32 can trigger a compiler warning.  Since we will basically never
accept an iteration count that high (right now we reject anything
above 2^24), just reject it out of hand.
Enforce minimum PBKDF2 iteration count 2013-11-15T22:42:37+00:00 Tom Yu tlyu@mit.edu 2013-11-15T21:11:32+00:00 7a7736a3ea321aeb4b281ae2712e27becb00d720 Also add a testing interface to allow weak iteration counts. (Published test vectors use weak iteration counts.) ticket: 7465 target_version: 1.12 tags: pullup 
Also add a testing interface to allow weak iteration counts.
(Published test vectors use weak iteration counts.)

ticket: 7465
target_version: 1.12
tags: pullup
Use constant-time comparisons for checksums 2013-10-03T19:26:00+00:00 Greg Hudson ghudson@mit.edu 2013-10-02T21:58:06+00:00 07d68eec2788bfe80686608813f644838707c168 






Use k5calloc instead of k5alloc where appropriate
2013-07-12T00:39:51+00:00

Greg Hudson
ghudson@mit.edu

2013-07-12T00:39:51+00:00

443ce5fef316e3dc324fe84557a06b069dbe33f9

Wherever we use k5alloc with a multiplication in the size parameter,,
use the new k5calloc helper function instead.





Wherever we use k5alloc with a multiplication in the size parameter,,
use the new k5calloc helper function instead.







Fix various warnings
2013-06-07T19:19:37+00:00

Greg Hudson
ghudson@mit.edu

2013-06-07T19:17:31+00:00

e51c089b745161dd6e1d64998e99d065fc22377e












Simplify crypto IOV helpers
2013-05-24T18:15:03+00:00

Greg Hudson
ghudson@mit.edu

2013-05-06T04:43:27+00:00

3b142e5746e7db1939a9cf8095faecfed6222054

Expand the concept of an IOV block state into a cursor which remembers
the IOV set being iterated over, the block size, and both input and
output positions.  Eliminate the no-copy inline block getter for now,
but provide helpers to grab contiguous chains of blocks from a cursor.
Also provide an inline helper to sum the total length of an iov chain.





Expand the concept of an IOV block state into a cursor which remembers
the IOV set being iterated over, the block size, and both input and
output positions.  Eliminate the no-copy inline block getter for now,
but provide helpers to grab contiguous chains of blocks from a cursor.
Also provide an inline helper to sum the total length of an iov chain.







Reduce boilerplate in makefiles
2013-05-17T00:09:27+00:00

Greg Hudson
ghudson@mit.edu

2013-05-16T18:21:12+00:00

4b0985f8573840838bcfa8ec1df3dcd39a3dbf15

Provide default values in pre.in for PROG_LIBPATH, PROG_RPATH,
SHLIB_DIRS, SHLIB_RDIRS, and STOBJLISTS so that they don't have to be
specified in the common case.  Rename KRB5_RUN_ENV and KRB5_RUN_VARS
to RUN_SETUP (already the most commonly used name) and RUN_VARS.  Make
sure to use DEFINES for local defines (not DEFS).  Remove some other
unnecessary makefile content.





Provide default values in pre.in for PROG_LIBPATH, PROG_RPATH,
SHLIB_DIRS, SHLIB_RDIRS, and STOBJLISTS so that they don't have to be
specified in the common case.  Rename KRB5_RUN_ENV and KRB5_RUN_VARS
to RUN_SETUP (already the most commonly used name) and RUN_VARS.  Make
sure to use DEFINES for local defines (not DEFS).  Remove some other
unnecessary makefile content.







Assume mutex locking cannot fail
2013-05-14T17:31:41+00:00

Greg Hudson
ghudson@mit.edu

2013-05-10T18:01:48+00:00

6350fd0c909d84c00200885e722cc902049ada05

Locking and unlocking a non-recursive mutex is a simple memory
operation and should not fail on any reasonable platform with correct
usage.  A pthread mutex can return EDEADLK on lock or EPERM on unlock,
or EINVAL if the mutex is uninitialized, but all of these conditions
would reflect serious bugs in the calling code.

Change the k5_mutex_lock and k5_mutex_unlock wrappers to return void
and adjust all call sites.  Propagate this change through
k5_cc_mutex_lock and k5_cc_mutex_unlock as well.





Locking and unlocking a non-recursive mutex is a simple memory
operation and should not fail on any reasonable platform with correct
usage.  A pthread mutex can return EDEADLK on lock or EPERM on unlock,
or EINVAL if the mutex is uninitialized, but all of these conditions
would reflect serious bugs in the calling code.

Change the k5_mutex_lock and k5_mutex_unlock wrappers to return void
and adjust all call sites.  Propagate this change through
k5_cc_mutex_lock and k5_cc_mutex_unlock as well.







Fix link line for t_fortuna
2013-05-01T23:57:16+00:00

Gilles Espinasse
g.esp@free.fr

2013-05-01T23:57:02+00:00

14d4b4969c408f1191fac2595e7b5079424aac44

ticket: 7628





ticket: 7628







Avoid passing null pointers to memcpy/memcmp
2013-04-08T19:32:31+00:00

Greg Hudson
ghudson@mit.edu

2013-04-08T19:32:31+00:00

31124ffb81e8c0935403a9fdc169dead5ecaa777

By a strict reading of the C standard, memcpy and memcmp have
undefined behavior if their pointer arguments aren't valid object
pointers, even if the length argument is 0.  Compilers are becoming
more aggressive about breaking code with undefined behavior, so we
should try to avoid it when possible.

In a krb5_data object, we frequently use NULL as the data value when
the length is 0.  Accordingly, we should avoid copying from or
comparing the data field of a length-0 krb5_data object.  Add checks
to our wrapper functions (like data_eq and k5_memdup) and to code
which works with possibly-empty krb5_data objects.  In a few places,
use wrapper functions to simplify the code rather than adding checks.





By a strict reading of the C standard, memcpy and memcmp have
undefined behavior if their pointer arguments aren't valid object
pointers, even if the length argument is 0.  Compilers are becoming
more aggressive about breaking code with undefined behavior, so we
should try to avoid it when possible.

In a krb5_data object, we frequently use NULL as the data value when
the length is 0.  Accordingly, we should avoid copying from or
comparing the data field of a length-0 krb5_data object.  Add checks
to our wrapper functions (like data_eq and k5_memdup) and to code
which works with possibly-empty krb5_data objects.  In a few places,
use wrapper functions to simplify the code rather than adding checks.