diff options
| author | Ken Raeburn <raeburn@mit.edu> | 2000-07-01 03:48:01 +0000 |
|---|---|---|
| committer | Ken Raeburn <raeburn@mit.edu> | 2000-07-01 03:48:01 +0000 |
| commit | 1ff3e2653da2f73ab3cc4c4f220d7781b43c9362 (patch) | |
| tree | d4de3ebceb44cd5d88bbbab448770b9a890376a5 /src/lib | |
| parent | 9796ff01c5f57756a2105d290b5e0f5281f632ec (diff) | |
| download | krb5-1ff3e2653da2f73ab3cc4c4f220d7781b43c9362.tar.gz krb5-1ff3e2653da2f73ab3cc4c4f220d7781b43c9362.tar.xz krb5-1ff3e2653da2f73ab3cc4c4f220d7781b43c9362.zip | |
pullup from 1.2.1 release
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12502 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/gssapi/krb5/ChangeLog | 7 | ||||
| -rw-r--r-- | src/lib/gssapi/krb5/init_sec_context.c | 20 | ||||
| -rw-r--r-- | src/lib/krb5/krb/ChangeLog | 8 | ||||
| -rw-r--r-- | src/lib/krb5/krb/conv_princ.c | 8 | ||||
| -rw-r--r-- | src/lib/rpc/ChangeLog | 5 | ||||
| -rw-r--r-- | src/lib/rpc/svc_auth_gssapi.c | 2 | ||||
| -rw-r--r-- | src/lib/rpc/unit-test/ChangeLog | 5 | ||||
| -rw-r--r-- | src/lib/rpc/unit-test/server.c | 1 |
8 files changed, 54 insertions, 2 deletions
diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog index 087104e70..6f764457e 100644 --- a/src/lib/gssapi/krb5/ChangeLog +++ b/src/lib/gssapi/krb5/ChangeLog @@ -1,3 +1,10 @@ +2000-06-27 Tom Yu <tlyu@mit.edu> + + * init_sec_context.c (get_credentials): Add initial iteration of + krb5_get_credentials in order to differentiate between an actual + missing credential and merely a bad match based on enctype. This + was causing problems with kadmin. + 2000-06-09 Tom Yu <tlyu@mit.edu> Ken Raeburn <raeburn@mit.edu> diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c index 13a971ffa..acac47184 100644 --- a/src/lib/gssapi/krb5/init_sec_context.c +++ b/src/lib/gssapi/krb5/init_sec_context.c @@ -77,6 +77,10 @@ #include <stdlib.h> #include <assert.h> +/* + * $Id$ + */ + /* XXX This is for debugging only!!! Should become a real bitfield at some point */ int krb5_gss_dbg_client_expcreds = 0; @@ -109,11 +113,25 @@ static krb5_error_code get_credentials(context, cred, server, now, in_creds.keyblock.enctype = 0; + /* + * Initial iteration is necessary to catch a non-matching + * credential prior to looping through the GSSAPI-supported + * enctypes, since an enctype mismatch in the loop below will + * return KRB5_CC_NOTFOUND rather than one of the other error + * codes. + */ + code = krb5_get_credentials(context, 0, cred->ccache, + &in_creds, out_creds); + if (code) + goto cleanup; + krb5_free_creds(context, *out_creds); + *out_creds = NULL; for (i = 0; enctypes[i]; i++) { in_creds.keyblock.enctype = enctypes[i]; code = krb5_get_credentials(context, 0, cred->ccache, &in_creds, out_creds); - if (code != KRB5_CC_NOT_KTYPE && code != KRB5KDC_ERR_ETYPE_NOSUPP) + if (code != KRB5_CC_NOT_KTYPE && code != KRB5_CC_NOTFOUND + && code != KRB5KDC_ERR_ETYPE_NOSUPP) break; } if (enctypes[i] == 0) { diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog index dfdf646c7..2d4546f3a 100644 --- a/src/lib/krb5/krb/ChangeLog +++ b/src/lib/krb5/krb/ChangeLog @@ -1,3 +1,11 @@ +2000-06-30 Tom Yu <tlyu@mit.edu> + + * conv_princ.c (krb5_425_conv_principal): NULL, not nil. + +2000-06-30 Miro Jurisic <meeroh@mit.edu> + + * conv_princ.c (krb5_425_conv_principal): Fixed a memory leak + 2000-06-29 Ezra Peisach <epeisach@engrailed.mit.edu> * t_walk_rtree.c (main): Declare as returning int. diff --git a/src/lib/krb5/krb/conv_princ.c b/src/lib/krb5/krb/conv_princ.c index b2df0c60e..f0d3d3d31 100644 --- a/src/lib/krb5/krb/conv_princ.c +++ b/src/lib/krb5/krb/conv_princ.c @@ -272,6 +272,14 @@ krb5_425_conv_principal(context, name, instance, realm, princ) } else if ((retval == 0) && (realm_name == NULL)) { break; } + if (realm_name != NULL) { + profile_release_string (realm_name); + realm_name = NULL; + } + if (dummy_value != NULL) { + profile_release_string (dummy_value); + dummy_value = NULL; + } } if (instance) { diff --git a/src/lib/rpc/ChangeLog b/src/lib/rpc/ChangeLog index 7d0aa318a..1f0a2779d 100644 --- a/src/lib/rpc/ChangeLog +++ b/src/lib/rpc/ChangeLog @@ -1,3 +1,8 @@ +2000-06-21 Tom Yu <tlyu@mit.edu> + + * svc_auth_gssapi.c (_svcauth_gssapi): Missed a rename. From + Nathan Neulinger. + 2000-05-31 Ken Raeburn <raeburn@mit.edu> * pmap_rmt.c (GIFCONF_BUFSIZE): New macro. diff --git a/src/lib/rpc/svc_auth_gssapi.c b/src/lib/rpc/svc_auth_gssapi.c index 34ee0ef11..9d831ad0d 100644 --- a/src/lib/rpc/svc_auth_gssapi.c +++ b/src/lib/rpc/svc_auth_gssapi.c @@ -548,7 +548,7 @@ enum auth_stat _svcauth_gssapi(rqst, msg, no_dispatch) &call_arg)) { PRINTF(("svcauth_gssapi: cannot decode args\n")); LOG_MISCERR("protocol error in call arguments"); - xdr_free(xdr_authgssapi_init_arg, &call_arg); + gssrpc_xdr_free(xdr_authgssapi_init_arg, &call_arg); ret = AUTH_BADCRED; goto error; } diff --git a/src/lib/rpc/unit-test/ChangeLog b/src/lib/rpc/unit-test/ChangeLog index b41a59d78..a4b859b08 100644 --- a/src/lib/rpc/unit-test/ChangeLog +++ b/src/lib/rpc/unit-test/ChangeLog @@ -1,3 +1,8 @@ +2000-06-30 Tom Yu <tlyu@mit.edu> + + * server.c: Include gssrpc/pmap_clnt.h in order to get renaming of + pmap_unset(). From Nathan Neulinger. + 2000-06-30 Ken Raeburn <raeburn@mit.edu> * rpc_test_setup.sh: Error out if server_handle doesn't get set in diff --git a/src/lib/rpc/unit-test/server.c b/src/lib/rpc/unit-test/server.c index 7270ea40d..32f5de349 100644 --- a/src/lib/rpc/unit-test/server.c +++ b/src/lib/rpc/unit-test/server.c @@ -14,6 +14,7 @@ static char *rcsid = "$Header$"; #include <string.h> #include <signal.h> #include <gssrpc/rpc.h> +#include <gssrpc/pmap_clnt.h> #include <arpa/inet.h> /* inet_ntoa */ #include <gssapi/gssapi.h> #include <gssapi/gssapi_generic.h> |