krb5.git/src/util/support, branch keyring MIT Kerberos patches Add an internal constant-time comparison function 2013-10-03T19:26:00+00:00 Greg Hudson ghudson@mit.edu 2013-10-02T21:55:28+00:00 ac7d07c2cc54e9f07fe81ac4c50bcc80ecc7ac54 k5_bcmp acts similarly to the deprecated Unix bcmp() function, returning zero if two memory regions are equal and nonzero if they are not. It is implemented such that it should take the same amount of time regardless of how many bytes are equal within the memory regions. 
k5_bcmp acts similarly to the deprecated Unix bcmp() function,
returning zero if two memory regions are equal and nonzero if they are
not.  It is implemented such that it should take the same amount of
time regardless of how many bytes are equal within the memory regions.
Use macros instead of magic numbers in json.c 2013-09-19T14:00:41+00:00 Zhanna Tsitkov tsitkova@mit.edu 2013-09-19T14:00:41+00:00 2d832972094477cd9fe6b97991e62b00c7174d8a Avoid using "magic numbers" for better maintainability. 
Avoid using "magic numbers" for better maintainability.
Add base64 functions to libkrb5support exports 2013-07-30T16:25:47+00:00 Robbie Harwood (frozencemetery) rharwood@club.cc.cmu.edu 2013-07-22T20:20:46+00:00 3ee5792e0324071ccaad69a04e091f3c6abf1bfc This was previously not an issue because nothing outside of libkrb5support used them. 
This was previously not an issue because nothing outside of
libkrb5support used them.
Clarify and improve k5_json_object_set 2013-07-16T22:09:55+00:00 Greg Hudson ghudson@mit.edu 2013-07-16T22:09:55+00:00 ea29df4d93b1b7b384c15f39a4ee20be3e0991ac Document that k5_json_object_set can be used to overwrite an existing key, and make it possible to remove a key by setting it to NULL. 
Document that k5_json_object_set can be used to overwrite an existing
key, and make it possible to remove a key by setting it to NULL.
Fix rc4 string-to-key on unterminated inputs 2013-05-27T16:42:59+00:00 Greg Hudson ghudson@mit.edu 2013-05-24T17:16:52+00:00 1e123231769fe640f446442cb210664d280ccbac The internal UTF-8 to UCS-2 conversion functions did not properly respect their length arguments, instead assuming that the input string is terminated with a zero bytes. As a result, krb5int_arcfour_string_to_key could fail on unterminated inputs. Fix the underlying support functions to read their inputs only up to the specified length. ticket: 7643 (new) 
The internal UTF-8 to UCS-2 conversion functions did not properly
respect their length arguments, instead assuming that the input string
is terminated with a zero bytes.  As a result,
krb5int_arcfour_string_to_key could fail on unterminated inputs.  Fix
the underlying support functions to read their inputs only up to the
specified length.

ticket: 7643 (new)
Reduce boilerplate in makefiles 2013-05-17T00:09:27+00:00 Greg Hudson ghudson@mit.edu 2013-05-16T18:21:12+00:00 4b0985f8573840838bcfa8ec1df3dcd39a3dbf15 Provide default values in pre.in for PROG_LIBPATH, PROG_RPATH, SHLIB_DIRS, SHLIB_RDIRS, and STOBJLISTS so that they don't have to be specified in the common case. Rename KRB5_RUN_ENV and KRB5_RUN_VARS to RUN_SETUP (already the most commonly used name) and RUN_VARS. Make sure to use DEFINES for local defines (not DEFS). Remove some other unnecessary makefile content. 
Provide default values in pre.in for PROG_LIBPATH, PROG_RPATH,
SHLIB_DIRS, SHLIB_RDIRS, and STOBJLISTS so that they don't have to be
specified in the common case.  Rename KRB5_RUN_ENV and KRB5_RUN_VARS
to RUN_SETUP (already the most commonly used name) and RUN_VARS.  Make
sure to use DEFINES for local defines (not DEFS).  Remove some other
unnecessary makefile content.
Assume mutex locking cannot fail 2013-05-14T17:31:41+00:00 Greg Hudson ghudson@mit.edu 2013-05-10T18:01:48+00:00 6350fd0c909d84c00200885e722cc902049ada05 Locking and unlocking a non-recursive mutex is a simple memory operation and should not fail on any reasonable platform with correct usage. A pthread mutex can return EDEADLK on lock or EPERM on unlock, or EINVAL if the mutex is uninitialized, but all of these conditions would reflect serious bugs in the calling code. Change the k5_mutex_lock and k5_mutex_unlock wrappers to return void and adjust all call sites. Propagate this change through k5_cc_mutex_lock and k5_cc_mutex_unlock as well. 
Locking and unlocking a non-recursive mutex is a simple memory
operation and should not fail on any reasonable platform with correct
usage.  A pthread mutex can return EDEADLK on lock or EPERM on unlock,
or EINVAL if the mutex is uninitialized, but all of these conditions
would reflect serious bugs in the calling code.

Change the k5_mutex_lock and k5_mutex_unlock wrappers to return void
and adjust all call sites.  Propagate this change through
k5_cc_mutex_lock and k5_cc_mutex_unlock as well.
Add missing plugins.c to SRCS in util/support 2013-05-02T06:23:15+00:00 Greg Hudson ghudson@mit.edu 2013-05-02T06:23:15+00:00 f1ed53bad92ef369c730635d3727d277d733c539 Reported by Arlene Berry. ticket: 7629 
Reported by Arlene Berry.

ticket: 7629
Avoid passing null pointers to memcpy/memcmp 2013-04-08T19:32:31+00:00 Greg Hudson ghudson@mit.edu 2013-04-08T19:32:31+00:00 31124ffb81e8c0935403a9fdc169dead5ecaa777 By a strict reading of the C standard, memcpy and memcmp have undefined behavior if their pointer arguments aren't valid object pointers, even if the length argument is 0. Compilers are becoming more aggressive about breaking code with undefined behavior, so we should try to avoid it when possible. In a krb5_data object, we frequently use NULL as the data value when the length is 0. Accordingly, we should avoid copying from or comparing the data field of a length-0 krb5_data object. Add checks to our wrapper functions (like data_eq and k5_memdup) and to code which works with possibly-empty krb5_data objects. In a few places, use wrapper functions to simplify the code rather than adding checks. 
By a strict reading of the C standard, memcpy and memcmp have
undefined behavior if their pointer arguments aren't valid object
pointers, even if the length argument is 0.  Compilers are becoming
more aggressive about breaking code with undefined behavior, so we
should try to avoid it when possible.

In a krb5_data object, we frequently use NULL as the data value when
the length is 0.  Accordingly, we should avoid copying from or
comparing the data field of a length-0 krb5_data object.  Add checks
to our wrapper functions (like data_eq and k5_memdup) and to code
which works with possibly-empty krb5_data objects.  In a few places,
use wrapper functions to simplify the code rather than adding checks.
Free unconditionally in plugins.c 2013-03-29T15:38:39+00:00 Greg Hudson ghudson@mit.edu 2013-03-29T06:53:27+00:00 f3de02250cdf2b912629b5420f83b937a62401be Get rid of unnecessary null checks before freeing values in libkrb5support's plugin code. 
Get rid of unnecessary null checks before freeing values in
libkrb5support's plugin code.