krb5.git/src/lib/krb5/krb/princ_comp.c, branch master MIT Kerberos patches Avoid passing null pointers to memcpy/memcmp 2013-04-08T19:32:31+00:00 Greg Hudson ghudson@mit.edu 2013-04-08T19:32:31+00:00 31124ffb81e8c0935403a9fdc169dead5ecaa777 By a strict reading of the C standard, memcpy and memcmp have undefined behavior if their pointer arguments aren't valid object pointers, even if the length argument is 0. Compilers are becoming more aggressive about breaking code with undefined behavior, so we should try to avoid it when possible. In a krb5_data object, we frequently use NULL as the data value when the length is 0. Accordingly, we should avoid copying from or comparing the data field of a length-0 krb5_data object. Add checks to our wrapper functions (like data_eq and k5_memdup) and to code which works with possibly-empty krb5_data objects. In a few places, use wrapper functions to simplify the code rather than adding checks. 
By a strict reading of the C standard, memcpy and memcmp have
undefined behavior if their pointer arguments aren't valid object
pointers, even if the length argument is 0.  Compilers are becoming
more aggressive about breaking code with undefined behavior, so we
should try to avoid it when possible.

In a krb5_data object, we frequently use NULL as the data value when
the length is 0.  Accordingly, we should avoid copying from or
comparing the data field of a length-0 krb5_data object.  Add checks
to our wrapper functions (like data_eq and k5_memdup) and to code
which works with possibly-empty krb5_data objects.  In a few places,
use wrapper functions to simplify the code rather than adding checks.
Simplify principal access within libkrb5 2013-04-08T17:14:36+00:00 Greg Hudson ghudson@mit.edu 2013-04-06T05:23:40+00:00 caaf72893a5be61822763eb471f4d573992479ed For conciseness, directly use fields of krb5_principal objects instead of using the accessor macros. 
For conciseness, directly use fields of krb5_principal objects instead
of using the accessor macros.
Convert DEBUG_REFERRALS to TRACE_* framework 2012-05-23T19:56:21+00:00 W. Trevor King wking@tremily.us 2012-05-18T01:26:36+00:00 372b3e2a4f3bd9d1b2e05abec4c04b99962e582f The referrals debugging code under DEBUG_REFERRALS ceased building correctly at some point. Convert this debugging code to use the tracing framework instead, including adding new trace macros to k5-trace.h. ticket: 7151 
The referrals debugging code under DEBUG_REFERRALS ceased building
correctly at some point.  Convert this debugging code to use the
tracing framework instead, including adding new trace macros to
k5-trace.h.

ticket: 7151
Adjust most C source files to match the new standards for copyright 2011-03-09T21:46:07+00:00 Greg Hudson ghudson@mit.edu 2011-03-09T21:46:07+00:00 7da53e2942176c5ddfe007ba0a36f449e9fdb9fb and license comments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24695 dc483132-0cff-0310-8789-dd5450dbe970 
and license comments.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24695 dc483132-0cff-0310-8789-dd5450dbe970
make mark-cstyle 2009-10-31T00:48:38+00:00 Tom Yu tlyu@mit.edu 2009-10-31T00:48:38+00:00 02d6bcbc98a214e7aeaaa9f45f0db8784a7b743b make reindent git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970 
make reindent

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970
In krb5_principal_compare_flags, improve clarity slightly by using a 2009-04-23T23:37:42+00:00 Greg Hudson ghudson@mit.edu 2009-04-23T23:37:42+00:00 442ca54391e96c7bcb7d886b28f57300253a4c17 boolean temporary instead of an ordering temporary in the loop over the elements, since we only care about the boolean result. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22277 dc483132-0cff-0310-8789-dd5450dbe970 
boolean temporary instead of an ordering temporary in the loop over
the elements, since we only care about the boolean result.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22277 dc483132-0cff-0310-8789-dd5450dbe970
Merge mskrb-integ onto trunk 2009-01-03T23:19:42+00:00 Sam Hartman hartmans@mit.edu 2009-01-03T23:19:42+00:00 0ba5ccd7bb3ea15e44a87f84ca6feed8890f657d The mskrb-integ branch includes support for the following projects: Projects/Aliases * Projects/PAC and principal APIs * Projects/AEAD encryption API * Projects/GSSAPI DCE * Projects/RFC 3244 In addition, it includes support for enctype negotiation, and a variety of GSS-API extensions. In the KDC it includes support for protocol transition, constrained delegation and a new authorization data interface. The old authorization data interface is also supported. This commit merges the mskrb-integ branch on to the trunk. Additional review and testing is required. Merge commit 'mskrb-integ' into trunk ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21690 dc483132-0cff-0310-8789-dd5450dbe970 
The mskrb-integ branch includes support for the following projects:
Projects/Aliases
* Projects/PAC and principal APIs
* Projects/AEAD encryption API
* Projects/GSSAPI DCE
* Projects/RFC 3244

In addition, it includes support for enctype negotiation, and a variety of GSS-API extensions.
In the KDC it includes support for protocol transition, constrained delegation
and a new authorization data interface.
The old authorization data interface is also supported.

This commit merges the mskrb-integ branch on to the trunk.
Additional review and testing is required.

Merge commit 'mskrb-integ' into trunk

ticket: new
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21690 dc483132-0cff-0310-8789-dd5450dbe970
Define and use some inline helper functions for comparing data and authdata structures, instead 2007-05-10T02:37:22+00:00 Ken Raeburn raeburn@mit.edu 2007-05-10T02:37:22+00:00 86ef9dd0422b95ccf2b29f18847c47b6b9e2e6c5 of open-coding checks of multiple fields everywhere. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19544 dc483132-0cff-0310-8789-dd5450dbe970 
of open-coding checks of multiple fields everywhere.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19544 dc483132-0cff-0310-8789-dd5450dbe970
krb5_is_referral_realm now takes a pointer to const krb5_data, since it doesn't 2006-12-19T01:28:32+00:00 Ken Raeburn raeburn@mit.edu 2006-12-19T01:28:32+00:00 6adc5cf4c7ed54dfd675b9bfb005ff27e0147891 modify it. ticket: 5121 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18974 dc483132-0cff-0310-8789-dd5450dbe970 
modify it.

ticket: 5121
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18974 dc483132-0cff-0310-8789-dd5450dbe970
Set the canonicalize flag in TGS requests and accept cross-realm referral tickets. 2006-09-21T01:48:50+00:00 Sam Hartman hartmans@mit.edu 2006-09-21T01:48:50+00:00 25860eac35980ab0d8d786fe1d06ced26a04d2db We do not yet accept tickets in which the server name changes. * krb5_sname_to_principal: If there is no domain realm mapping return null realm *krb5_get_cred_via_tkt: New behavior as described below 1) the referrals case: - check for TGT for initial realm - if a remote realm was specified (which must have happened via a domain_realm mapping), obtain a TGT for it the standard way and start with that. - use client realm for server if not specified - iterate through this loop: - request ticket with referrals turned on - if that fails: - if this was the first request, punt to non-referrals case - otherwise, retry once without referrals turned on then terminate either way - if it works, either use the service ticket or follow the referral path - if loop count exceeded, hardfail 2) the nonreferrals case - this is mostly the old walk_realm_tree TGT-finding (which allows limited shortcut referrals per 4120) followed by a standard tgs-req. - originally requested principal is used for this, although if we were handed something without a realm, determine a fallback realm based on DNS TXT records or a truncation of the domain name. ticket: 2652 Owner: amb git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18598 dc483132-0cff-0310-8789-dd5450dbe970 
We do not yet accept tickets in which the server name changes.

* krb5_sname_to_principal:   If there is no domain realm mapping return null realm
*krb5_get_cred_via_tkt: New behavior as described below

1) the referrals case:
  - check for TGT for initial realm
    - if a remote realm was specified (which must have happened via a
      domain_realm mapping), obtain a TGT for it the standard way and
      start with that.
  - use client realm for server if not specified
  - iterate through this loop:
    - request ticket with referrals turned on
    - if that fails:
      - if this was the first request, punt to non-referrals case
      - otherwise, retry once without referrals turned on then terminate
        either way
    - if it works, either use the service ticket or follow the referral path
    - if loop count exceeded, hardfail
2) the nonreferrals case
  - this is mostly the old walk_realm_tree TGT-finding (which allows
    limited shortcut referrals per 4120) followed by a standard tgs-req.
  - originally requested principal is used for this, although if we were
    handed something without a realm, determine a fallback realm based on
    DNS TXT records or a truncation of the domain name.

ticket: 2652
Owner: amb

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18598 dc483132-0cff-0310-8789-dd5450dbe970