krb5.git/src/lib/kadm5, branch master MIT Kerberos patches make depend 2014-07-08T23:36:32+00:00 Greg Hudson ghudson@mit.edu 2014-07-08T23:36:32+00:00 aea099ab5544eefb4d27d8cd963b1247c10dc559 






Include autoconf.h before system headers
2014-07-08T23:19:24+00:00

Greg Hudson
ghudson@mit.edu

2014-07-05T15:50:58+00:00

02a1123cf44381690c28f18ab2c4ba8036200539

Include autoconf.h (either directly or via proxy) before system
headers, so that feature test macros defined there can affect the
system namespace.  Where include order was changed, eliminate some
redundant or unnecessary includes.

ticket: 7961





Include autoconf.h (either directly or via proxy) before system
headers, so that feature test macros defined there can affect the
system namespace.  Where include order was changed, eliminate some
redundant or unnecessary includes.

ticket: 7961







Use k5_setmsg
2014-06-05T15:22:50+00:00

Greg Hudson
ghudson@mit.edu

2014-05-24T16:15:32+00:00

a7b5808b5df9e54ef8a8a7ac24e5faad458ddbce

Replace most calls to krb5_set_error_message with k5_setmsg for
brevity.  Leave alone plugin sources where we don't include k5-int.h
(mostly PKINIT).





Replace most calls to krb5_set_error_message with k5_setmsg for
brevity.  Leave alone plugin sources where we don't include k5-int.h
(mostly PKINIT).







Remove adb_policy_init and adb_policy_close
2014-04-04T18:02:47+00:00

Tomas Kuthan
tkuthan@gmail.com

2014-04-03T15:58:43+00:00

8d735931e2a93fab31d68772e8881faa6b030a10

Since f72c3ffa the policy is initialized as part of database.
adb_policy_close is now a no-op, and adb_policy_init just makes sure
the database is initialized.  adb_policy_init is only called from
kadm5_flush, and only if database initialization was successful
beforehand, rendering this call redundant.

Remove adb_policy_init and adb_policy_close and all their references
in the code and documentation.





Since f72c3ffa the policy is initialized as part of database.
adb_policy_close is now a no-op, and adb_policy_init just makes sure
the database is initialized.  adb_policy_init is only called from
kadm5_flush, and only if database initialization was successful
beforehand, rendering this call redundant.

Remove adb_policy_init and adb_policy_close and all their references
in the code and documentation.







Fix leak in kadm5_flush with LDAP KDB
2014-04-04T17:59:36+00:00

Tomas Kuthan
tkuthan@gmail.com

2014-04-02T15:48:04+00:00

372e4cb6f5d4a603e6e3157c7b5d354953836136

Due to an inverted test in adb_policy_init, kadm5_flush calls
krb5_db_open twice.  With the DB2 KDB module, the second open is a
no-op, but with the LDAP module, a new DB handle is allocated and the
old one is leaked.

[ghudson@mit.edu: rewrote commit message]

ticket: 7897 (new)
target_version: 1.12.2
tags: pullup





Due to an inverted test in adb_policy_init, kadm5_flush calls
krb5_db_open twice.  With the DB2 KDB module, the second open is a
no-op, but with the LDAP module, a new DB handle is allocated and the
old one is leaked.

[ghudson@mit.edu: rewrote commit message]

ticket: 7897 (new)
target_version: 1.12.2
tags: pullup







Don't free cred handle used in kadm5 server handle
2014-03-27T15:42:11+00:00

Tomas Kuthan
tkuthan@gmail.com

2014-03-26T16:04:30+00:00

b24c362f0589a6212f2f544263bdb76e0988c582

At the end of setup_gss(), gss_client_creds is released, but an alias
to the credential handle is saved in kadm5_server_handle_t in
handle->clnt->cl_auth->(struct rpc_gss_data *)ah_private->sec.cred.
Accessing these credentials (by authgss_refresh) can result in use
after free.

This fix stores credential reference in server handle and releases
the credentials in kadm5_destroy.

[ghudson@mit.edu: initialize handle->cred to correct constant; get rid
of gss_client_creds variable; clarify commit message slightly]

ticket: 7891 (new)





At the end of setup_gss(), gss_client_creds is released, but an alias
to the credential handle is saved in kadm5_server_handle_t in
handle->clnt->cl_auth->(struct rpc_gss_data *)ah_private->sec.cred.
Accessing these credentials (by authgss_refresh) can result in use
after free.

This fix stores credential reference in server handle and releases
the credentials in kadm5_destroy.

[ghudson@mit.edu: initialize handle->cred to correct constant; get rid
of gss_client_creds variable; clarify commit message slightly]

ticket: 7891 (new)







Stop generating gssapi_krb5.h
2014-02-26T21:15:20+00:00

Greg Hudson
ghudson@mit.edu

2014-02-01T20:59:21+00:00

a7a2c02b618aea40ebd4f597ec956eaf0fe210f5

We started generating gssapi_krb5.h from gssapi_krb5.hin when we
needed to use a 64-bit type for lucid contexts.  Since we can now
assume a standard name for 64-bit types, we can stop generating the
header.





We started generating gssapi_krb5.h from gssapi_krb5.hin when we
needed to use a 64-bit type for lucid contexts.  Since we can now
assume a standard name for 64-bit types, we can stop generating the
header.







Simplify ulog_map
2014-02-21T01:42:47+00:00

Greg Hudson
ghudson@mit.edu

2014-01-24T21:52:47+00:00

6a4a4b7b5e3265e4a811a9fd72c2534e6c5f5fd4

Get rid of the caller parameter.  The kproplog semantics (without -R)
for mapping the ulog are simple and almost completely different from
other users of the ulog, so implement them as a static helper in
kproplog.  With hierarchical iprop, kpropd will need the same
semantics as FKCOMMAND and FKADMIND, which were already identical.

Get rid of the db_args parameter, since ulog_map no longer opens the
database after #7552.

Remove an inoperative lseek() call when creating a new ulog file.
Rename ulog_filesize to filesize and compute it from scratch each time
we use it, for easier analysis.  If kdb_hmagic is zero, init the ulog
header but don't skip the rest of the function; it's possible that we
need to expand the ulog file.  Remove an unneeded conditional before
calling extend_file_to for an existing ulog.

ticket: 7855





Get rid of the caller parameter.  The kproplog semantics (without -R)
for mapping the ulog are simple and almost completely different from
other users of the ulog, so implement them as a static helper in
kproplog.  With hierarchical iprop, kpropd will need the same
semantics as FKCOMMAND and FKADMIND, which were already identical.

Get rid of the db_args parameter, since ulog_map no longer opens the
database after #7552.

Remove an inoperative lseek() call when creating a new ulog file.
Rename ulog_filesize to filesize and compute it from scratch each time
we use it, for easier analysis.  If kdb_hmagic is zero, init the ulog
header but don't skip the rest of the function; it's possible that we
need to expand the ulog file.  Remove an unneeded conditional before
calling extend_file_to for an existing ulog.

ticket: 7855







Refactor krb5_string_to_keysalts()
2014-01-08T20:29:04+00:00

Tom Yu
tlyu@mit.edu

2014-01-07T21:37:46+00:00

0918990bf1d8560d74473fc0e41d08d433da1a15

Use various standard C library functions rather than rolling our own.
Previous code spent many lines reimplementing realloc(), strpbrk(),
strtok_r(), etc.

Make a separate string_to_keysalt() parser for an individual keysalt
pair, which for now is private and destructive.





Use various standard C library functions rather than rolling our own.
Previous code spent many lines reimplementing realloc(), strpbrk(),
strtok_r(), etc.

Make a separate string_to_keysalt() parser for an individual keysalt
pair, which for now is private and destructive.







Make salt defaulting work for keysalts
2014-01-06T22:17:02+00:00

Tom Yu
tlyu@mit.edu

2014-01-06T22:17:02+00:00

cc26d29b8087e31d0ea1aca6bde45f8935e8b744

Make krb5_string_to_keysalts() default to only ":" as a key:salt
separator character.  Change most of its callers to pass NULL so they
get the default separators.

Adapted from a patch proposed by Jon Looney.

ticket: 884





Make krb5_string_to_keysalts() default to only ":" as a key:salt
separator character.  Change most of its callers to pass NULL so they
get the default separators.

Adapted from a patch proposed by Jon Looney.

ticket: 884