diff options
| author | Jeffrey Altman <jaltman@secure-endpoints.com> | 2006-09-21 21:49:41 +0000 |
|---|---|---|
| committer | Jeffrey Altman <jaltman@secure-endpoints.com> | 2006-09-21 21:49:41 +0000 |
| commit | 67aa2eb7cd9ebbb08e2247c124f3947cb526136e (patch) | |
| tree | 77eec2ae97702aa7e55ee1d7d8c95748b22a7a04 /src/windows/identity/kcreddb | |
| parent | 515f4996f041c6a36bf5667440f3b18661745de1 (diff) | |
KFW 3.1 Beta 2 NetIDMgr Changes
source for (1.1.0.1)
- Updated documentation with additional information and fixed errors.
nidmgr32.dll (1.1.0.1)
- Fixed a deadlock in the configuration provider that may cause
NetIDMgr to deadlock on load.
- Prevent the configuration provider handle list from getting
corrupted in the event of a plug-in freeing a handle twice.
- Add more parameter validation for the configuration provider.
- If a plug-in is only partially registered (only some of the entries
were set in the registry), the completion of the registration didn't
complete successfully, leaving the plug-in in an unusable state.
This has been fixed. Plug-ins will now successfully complete
registration once they are loaded for the first time, assuming the
correct resources are present in the module.
- Fixed notifications for setting a default identity. Notifications
were not being properly sent out resulting in the credentials window
not being updated when the default identity changed.
- Changes to the API for type safety.
- Handling of binary data fields was changed to support validation and
comparison.
- Data types that do not support KCDB_CBSIZE_AUTO now check for and
report an error if it is specified.
- Password fields in the new credentials dialog will trim leading and
trailing whitespace before using a user-entered value.
- Change password action will no longer be disabled if no identity is
selected. An identity selection control is present in the dialog
making this restriction unnecessary.
- When renewing credentials, error messages will be suppressed if the
renewal was for an identity and the identity does not have any
identity credentials associated with it.
- Error messages that are related to credentials acquisition or
password changes will now display the name of the identity that the
error applies to.
- Automatic renewals now renews all identities that have credentials
associated with them instead of just the default identity.
- Fixed a bug where error messages did not have a default button which
can be invoked with the return key or the space bar.
- The new credentials window will force itself to the top. This can
be disabled via a registry setting, but is on by default.
- Fixed the sort order in the new credentials tabs to respect sort
hints provided by plug-ins.
- If a new credentials operation fails, the password fields will be
cleared.
- Once a new credentials operation starts, the controls for specifying
the identity and password and any other custom prompts will be
disabled until the operation completes.
- Notifications during the new credentials operation now supply a
handle to the proper data structures as documented.
- Hyperlinks in the new credentials dialog now support markup that
will prevent the dialog from switching to the credentials type panel
when the link is activated.
- If there are too many buttons added by plug-ins in the new
credentials dialog, they will be resized to accomodate all of them.
- The options button in the new credentials dialog will be disabled
while a new credentials operation is in progress.
- The 'about' dialog retains the original copyright strings included
in the resource.
- Multiple modal dialogs are now supported. Only the topmost one will
be active. Once it is closed, the other dialogs will gain focus in
turn. This allows for error messages to be displayed from other
modal dialogs.
- The hypertext window supports italics.
krb4cred.dll (1.1.0.1)
- Fixed a bug where the plug-in would attempt to free a handle twice.
- Fixed a handle leak.
- Changed the facility name used for event reporting to match the
credentials type name.
krb5cred.dll (1.1.0.1)
- Fixed handling of expired passwords. If the password for an
identity is found to have expired at the time a new credentials
acquisition is in progress, the user will be given an opportunity to
change the password. If this is successful, the new credentials
operation will continue with the new password.
- Prevent the new credentials dialog from switching to the Kerberos 5
credentials panel during a password change.
- Prompts that were cached indefinitely will now have a limited
lifetime. Prompt caches that were created using prior versions of
the plug-in will automatically expire.
- Multistrings in the resource files were converted to CSV to protect
them against a bug in Visual Studio 2005 which corrupted
multistrings.
- Added handling of and reporting WinSock errors that are returned
from the Kerberos 5 libraries.
- Fixed uninitialized variables.
- The username and realm that is entered when selecting an identity
will be trimmed of leading and trailing whitespace.
- Changed the facility name used for event reporting to match the
credentials type name.
ticket: new
component: windows
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18604 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/windows/identity/kcreddb')
| -rw-r--r-- | src/windows/identity/kcreddb/attrib.c | 4 | ||||
| -rw-r--r-- | src/windows/identity/kcreddb/buf.c | 6 | ||||
| -rw-r--r-- | src/windows/identity/kcreddb/credential.c | 10 | ||||
| -rw-r--r-- | src/windows/identity/kcreddb/credtype.c | 4 | ||||
| -rw-r--r-- | src/windows/identity/kcreddb/identity.c | 13 | ||||
| -rw-r--r-- | src/windows/identity/kcreddb/kcreddb.h | 81 | ||||
| -rw-r--r-- | src/windows/identity/kcreddb/type.c | 34 |
7 files changed, 103 insertions, 49 deletions
diff --git a/src/windows/identity/kcreddb/attrib.c b/src/windows/identity/kcreddb/attrib.c index 4e9d7bf34..9c892dafc 100644 --- a/src/windows/identity/kcreddb/attrib.c +++ b/src/windows/identity/kcreddb/attrib.c @@ -500,7 +500,7 @@ kcdb_attrib_exit(void) }
KHMEXP khm_int32 KHMAPI
-kcdb_attrib_get_id(wchar_t *name, khm_int32 * id)
+kcdb_attrib_get_id(const wchar_t *name, khm_int32 * id)
{
kcdb_attrib_i * ai;
@@ -521,7 +521,7 @@ kcdb_attrib_get_id(wchar_t *name, khm_int32 * id) }
KHMEXP khm_int32 KHMAPI
-kcdb_attrib_register(kcdb_attrib * attrib, khm_int32 * new_id)
+kcdb_attrib_register(const kcdb_attrib * attrib, khm_int32 * new_id)
{
kcdb_attrib_i * ai;
size_t cb_name;
diff --git a/src/windows/identity/kcreddb/buf.c b/src/windows/identity/kcreddb/buf.c index 07a65a1b0..6272924e5 100644 --- a/src/windows/identity/kcreddb/buf.c +++ b/src/windows/identity/kcreddb/buf.c @@ -298,7 +298,7 @@ KHMEXP khm_int32 KHMAPI kcdb_buf_get_attr( KHMEXP khm_int32 KHMAPI kcdb_buf_get_attrib(
khm_handle record,
- wchar_t * attr_name,
+ const wchar_t * attr_name,
khm_int32 * attr_type,
void * buffer,
khm_size * pcb_buf)
@@ -328,7 +328,7 @@ KHMEXP khm_int32 KHMAPI kcdb_buf_get_attr_string( KHMEXP khm_int32 KHMAPI kcdb_buf_get_attrib_string(
khm_handle record,
- wchar_t * attr_name,
+ const wchar_t * attr_name,
wchar_t * buffer,
khm_size * pcbbuf,
khm_int32 flags)
@@ -357,7 +357,7 @@ KHMEXP khm_int32 KHMAPI kcdb_buf_set_attr( KHMEXP khm_int32 KHMAPI kcdb_buf_set_attrib(
khm_handle record,
- wchar_t * attr_name,
+ const wchar_t * attr_name,
void * buffer,
khm_size cbbuf)
{
diff --git a/src/windows/identity/kcreddb/credential.c b/src/windows/identity/kcreddb/credential.c index 98854dab4..12b8c5fc5 100644 --- a/src/windows/identity/kcreddb/credential.c +++ b/src/windows/identity/kcreddb/credential.c @@ -60,7 +60,7 @@ void kcdb_cred_exit(void) places with a read lock on l_creds. New credentials must be creatable while
holding either lock. */
KHMEXP khm_int32 KHMAPI
-kcdb_cred_create(wchar_t * name,
+kcdb_cred_create(const wchar_t * name,
khm_handle identity,
khm_int32 cred_type,
khm_handle * result)
@@ -318,7 +318,7 @@ KHMEXP khm_int32 KHMAPI kcdb_cred_get_type( KHMEXP khm_int32 KHMAPI kcdb_cred_set_attrib(
khm_handle cred,
- wchar_t * name,
+ const wchar_t * name,
void * buffer,
khm_size cbbuf)
{
@@ -421,7 +421,7 @@ _exit: KHMEXP khm_int32 KHMAPI kcdb_cred_get_attrib(
khm_handle cred,
- wchar_t * name,
+ const wchar_t * name,
khm_int32 * attr_type,
void * buffer,
khm_size * cbbuf)
@@ -441,7 +441,7 @@ KHMEXP khm_int32 KHMAPI kcdb_cred_get_attrib( KHMEXP khm_int32 KHMAPI kcdb_cred_get_attrib_string(
khm_handle cred,
- wchar_t * name,
+ const wchar_t * name,
wchar_t * buffer,
khm_size * cbbuf,
khm_int32 flags)
@@ -812,7 +812,7 @@ _exit: KHMEXP khm_int32 KHMAPI
kcdb_creds_comp_attrib(khm_handle cred1,
khm_handle cred2,
- wchar_t * name)
+ const wchar_t * name)
{
khm_int32 attr_id;
diff --git a/src/windows/identity/kcreddb/credtype.c b/src/windows/identity/kcreddb/credtype.c index 89e0175f0..89bd26b85 100644 --- a/src/windows/identity/kcreddb/credtype.c +++ b/src/windows/identity/kcreddb/credtype.c @@ -73,7 +73,7 @@ void kcdb_credtype_check_and_delete(khm_int32 id) }
KHMEXP khm_int32 KHMAPI
-kcdb_credtype_register(kcdb_credtype * type, khm_int32 * new_id)
+kcdb_credtype_register(const kcdb_credtype * type, khm_int32 * new_id)
{
khm_int32 id;
kcdb_credtype_i * ict;
@@ -330,7 +330,7 @@ KHMEXP khm_int32 KHMAPI kcdb_credtype_get_name( }
KHMEXP khm_int32 KHMAPI kcdb_credtype_get_id(
- wchar_t * name,
+ const wchar_t * name,
khm_int32 * id)
{
int i;
diff --git a/src/windows/identity/kcreddb/identity.c b/src/windows/identity/kcreddb/identity.c index 07ceb5812..15c36130f 100644 --- a/src/windows/identity/kcreddb/identity.c +++ b/src/windows/identity/kcreddb/identity.c @@ -570,8 +570,8 @@ kcdbint_ident_set_default(khm_handle vid, LeaveCriticalSection(&cs_ident);
- if (invoke_identpro)
- kcdbint_ident_post_message(KCDB_OP_NEW_DEFAULT, new_def);
+ /* if (invoke_identpro) */
+ kcdbint_ident_post_message(KCDB_OP_NEW_DEFAULT, new_def);
} else {
LeaveCriticalSection(&cs_ident);
}
@@ -929,7 +929,7 @@ _exit: KHMEXP khm_int32 KHMAPI
kcdb_identity_set_attrib(khm_handle vid,
- wchar_t * attr_name,
+ const wchar_t * attr_name,
void * buffer,
khm_size cbbuf)
{
@@ -1025,7 +1025,7 @@ _exit: KHMEXP khm_int32 KHMAPI
kcdb_identity_get_attrib(khm_handle vid,
- wchar_t * attr_name,
+ const wchar_t * attr_name,
khm_int32 * attr_type,
void * buffer,
khm_size * pcbbuf)
@@ -1121,9 +1121,8 @@ _exit: }
KHMEXP khm_int32 KHMAPI
-kcdb_identity_get_attrib_string(
- khm_handle vid,
- wchar_t * attr_name,
+kcdb_identity_get_attrib_string(khm_handle vid,
+ const wchar_t * attr_name,
wchar_t * buffer,
khm_size * pcbbuf,
khm_int32 flags)
diff --git a/src/windows/identity/kcreddb/kcreddb.h b/src/windows/identity/kcreddb/kcreddb.h index 33c5d168d..1b5d9b67c 100644 --- a/src/windows/identity/kcreddb/kcreddb.h +++ b/src/windows/identity/kcreddb/kcreddb.h @@ -504,9 +504,7 @@ kcdb_identity_set_default(khm_handle id); to notify the KCDB that the specified identity is the default.
This does not result in the invocation of any other semantics to
make the identity the default other than releasing the previous
- defualt identity and making the specified one the default. As
- an additional side effect, the notification <::KMSG_KCDB,
- ::KMSG_KCDB_IDENT, ::KCDB_OP_NEW_DEFAULT> will also not be sent.
+ defualt identity and making the specified one the default.
*/
KHMEXP khm_int32 KHMAPI
kcdb_identity_set_default_int(khm_handle id);
@@ -640,7 +638,7 @@ kcdb_identity_set_attr(khm_handle identity, */
KHMEXP khm_int32 KHMAPI
kcdb_identity_set_attrib(khm_handle identity,
- wchar_t * attr_name,
+ const wchar_t * attr_name,
void * buffer,
khm_size cbbuf);
@@ -686,7 +684,7 @@ kcdb_identity_get_attr(khm_handle identity, */
KHMEXP khm_int32 KHMAPI
kcdb_identity_get_attrib(khm_handle identity,
- wchar_t * attr_name,
+ const wchar_t * attr_name,
khm_int32 * attr_type,
void * buffer,
khm_size * pcbbuf);
@@ -751,7 +749,7 @@ kcdb_identity_get_attr_string(khm_handle identity, */
KHMEXP khm_int32 KHMAPI
kcdb_identity_get_attrib_string(khm_handle identity,
- wchar_t * attr_name,
+ const wchar_t * attr_name,
wchar_t * buffer,
khm_size * pcbbuf,
khm_int32 flags);
@@ -1611,7 +1609,7 @@ typedef struct tag_kcdb_cred_request { \see kcdb_cred_release()
*/
KHMEXP khm_int32 KHMAPI
-kcdb_cred_create(wchar_t * name,
+kcdb_cred_create(const wchar_t * name,
khm_handle identity,
khm_int32 cred_type,
khm_handle * result);
@@ -1641,13 +1639,18 @@ kcdb_cred_update(khm_handle vdest, /*! \brief Set an attribute in a credential by name
+
+
\param[in] cbbuf Number of bytes of data in \a buffer. The
individual data type handlers may copy in less than this many
- bytes in to the credential.
+ bytes in to the credential. For some data types where the
+ size of the buffer is fixed or can be determined from its
+ contents, you can specify ::KCDB_CBSIZE_AUTO for this
+ parameter.
*/
KHMEXP khm_int32 KHMAPI
kcdb_cred_set_attrib(khm_handle cred,
- wchar_t * name,
+ const wchar_t * name,
void * buffer,
khm_size cbbuf);
@@ -1686,7 +1689,7 @@ kcdb_cred_set_attr(khm_handle cred, */
KHMEXP khm_int32 KHMAPI
kcdb_cred_get_attrib(khm_handle cred,
- wchar_t * name,
+ const wchar_t * name,
khm_int32 * attr_type,
void * buffer,
khm_size * cbbuf);
@@ -1791,7 +1794,7 @@ kcdb_cred_get_attr_string(khm_handle vcred, */
KHMEXP khm_int32 KHMAPI
kcdb_cred_get_attrib_string(khm_handle cred,
- wchar_t * name,
+ const wchar_t * name,
wchar_t * buffer,
khm_size * cbbuf,
khm_int32 flags) ;
@@ -1904,7 +1907,7 @@ kcdb_cred_delete(khm_handle cred); KHMEXP khm_int32 KHMAPI
kcdb_creds_comp_attrib(khm_handle cred1,
khm_handle cred2,
- wchar_t * name);
+ const wchar_t * name);
/*! \brief Compare an attribute of two credentials by attribute id.
@@ -2219,7 +2222,7 @@ typedef struct tag_kcdb_type { /*@}*/
KHMEXP khm_int32 KHMAPI
-kcdb_type_get_id(wchar_t *name, khm_int32 * id);
+kcdb_type_get_id(const wchar_t *name, khm_int32 * id);
/*! \brief Return the type descriptor for a given type id
@@ -2262,7 +2265,7 @@ kcdb_type_get_name(khm_int32 id, \param[out] new_id Receives the identifier for the credential attribute type.
*/
KHMEXP khm_int32 KHMAPI
-kcdb_type_register(kcdb_type * type,
+kcdb_type_register(const kcdb_type * type,
khm_int32 * new_id);
/*! \brief Unregister a credential attribute type
@@ -2422,12 +2425,48 @@ UnicodeStrToAnsi( char * dest, size_t cbdest, const wchar_t * src); */
#define KCDB_TYPE_ALL KCDB_TYPE_INVALID
+/*! \brief Void
+
+ No data. This is not an actual data type.
+ */
#define KCDB_TYPE_VOID 0
+
+/*! \brief String
+
+ NULL terminated Unicode string. The byte count for a string
+ attribute always includes the terminating NULL.
+ */
#define KCDB_TYPE_STRING 1
+
+/*! \brief Data
+
+ A date/time represented in FILETIME format.
+ */
#define KCDB_TYPE_DATE 2
+
+/*! \brief Interval
+
+ An interval of time represented as the difference between two
+ FILETIME values.
+ */
#define KCDB_TYPE_INTERVAL 3
+
+/*! \brief 32-bit integer
+
+ A 32-bit signed integer.
+ */
#define KCDB_TYPE_INT32 4
+
+/*! \brief 64-bit integer
+
+ A 64-bit integer.
+ */
#define KCDB_TYPE_INT64 5
+
+/*! \brief Raw data
+
+ A raw data buffer.
+ */
#define KCDB_TYPE_DATA 6
#define KCDB_TYPENAME_VOID L"Void"
@@ -2509,7 +2548,7 @@ typedef struct tag_kcdb_attrib { /*! \brief Retrieve the ID of a named attribute */
KHMEXP khm_int32 KHMAPI
-kcdb_attrib_get_id(wchar_t *name,
+kcdb_attrib_get_id(const wchar_t *name,
khm_int32 * id);
/*! \brief Register an attribute
@@ -2518,7 +2557,7 @@ kcdb_attrib_get_id(wchar_t *name, attribute. If the \a id member of the ::kcdb_attrib object is
set to KCDB_ATTR_INVALID, then a unique ID is generated. */
KHMEXP khm_int32 KHMAPI
-kcdb_attrib_register(kcdb_attrib * attrib,
+kcdb_attrib_register(const kcdb_attrib * attrib,
khm_int32 * new_id);
/*! \brief Retrieve the attribute descriptor for an attribute
@@ -2974,7 +3013,7 @@ typedef struct tag_kcdb_credtype { specified is already in use.
*/
KHMEXP khm_int32 KHMAPI
-kcdb_credtype_register(kcdb_credtype * type,
+kcdb_credtype_register(const kcdb_credtype * type,
khm_int32 * new_id);
/*! \brief Return a held reference to a \a kcdb_credtype object describing the credential type.
@@ -3093,7 +3132,7 @@ kcdb_credtype_describe(khm_int32 id, */
KHMEXP khm_int32 KHMAPI
-kcdb_credtype_get_id(wchar_t * name,
+kcdb_credtype_get_id(const wchar_t * name,
khm_int32 * id);
/*@}*/
@@ -3155,7 +3194,7 @@ kcdb_buf_get_attr(khm_handle record, */
KHMEXP khm_int32 KHMAPI
kcdb_buf_get_attrib(khm_handle record,
- wchar_t * attr_name,
+ const wchar_t * attr_name,
khm_int32 * attr_type,
void * buffer,
khm_size * pcb_buf);
@@ -3220,7 +3259,7 @@ kcdb_buf_get_attr_string(khm_handle record, */
KHMEXP khm_int32 KHMAPI
kcdb_buf_get_attrib_string(khm_handle record,
- wchar_t * attr_name,
+ const wchar_t * attr_name,
wchar_t * buffer,
khm_size * pcbbuf,
khm_int32 flags);
@@ -3245,7 +3284,7 @@ kcdb_buf_set_attr(khm_handle record, */
KHMEXP khm_int32 KHMAPI
kcdb_buf_set_attrib(khm_handle record,
- wchar_t * attr_name,
+ const wchar_t * attr_name,
void * buffer,
khm_size cbbuf);
diff --git a/src/windows/identity/kcreddb/type.c b/src/windows/identity/kcreddb/type.c index c1215f583..48630b5fd 100644 --- a/src/windows/identity/kcreddb/type.c +++ b/src/windows/identity/kcreddb/type.c @@ -679,8 +679,11 @@ khm_boolean KHMAPI kcdb_type_data_isValid( const void * d,
khm_size cbd)
{
- /* data is always valid, even if d is NULL */
- return TRUE;
+ /* data is always valid */
+ if (cbd != 0 && d == NULL)
+ return FALSE;
+ else
+ return TRUE;
}
khm_int32 KHMAPI kcdb_type_data_comp(
@@ -689,8 +692,21 @@ khm_int32 KHMAPI kcdb_type_data_comp( const void * d2,
khm_size cbd2)
{
- /* datas can not be compared */
- return 0;
+ khm_size pref;
+ khm_int32 rv = 0;
+
+ pref = min(cbd1, cbd2);
+
+ if (pref == 0)
+ return (cbd1 < cbd2)? -1 : ((cbd1 > cbd2)? 1 : 0);
+
+ rv = memcmp(d1, d2, pref);
+
+ if (rv == 0) {
+ return (cbd1 < cbd2)? -1 : ((cbd1 > cbd2)? 1 : 0);
+ } else {
+ return rv;
+ }
}
khm_int32 KHMAPI kcdb_type_data_dup(
@@ -699,14 +715,14 @@ khm_int32 KHMAPI kcdb_type_data_dup( void * d_dst,
khm_size * cbd_dst)
{
- if(!cbd_dst)
+ if(!cbd_dst || cbd_src == KCDB_CBSIZE_AUTO)
return KHM_ERROR_INVALID_PARAM;
- *cbd_dst = cbd_src;
-
if(!d_dst || *cbd_dst < cbd_src) {
+ *cbd_dst = cbd_src;
return KHM_ERROR_TOO_LONG;
} else {
+ *cbd_dst = cbd_src;
memcpy(d_dst, d_src, cbd_src);
return KHM_ERROR_SUCCESS;
}
@@ -889,7 +905,7 @@ void kcdb_type_check_and_delete(khm_int32 id) LeaveCriticalSection(&cs_type);
}
-KHMEXP khm_int32 KHMAPI kcdb_type_get_id(wchar_t *name, khm_int32 * id)
+KHMEXP khm_int32 KHMAPI kcdb_type_get_id(const wchar_t *name, khm_int32 * id)
{
kcdb_type_i * t;
size_t cbsize;
@@ -968,7 +984,7 @@ KHMEXP khm_int32 KHMAPI kcdb_type_get_name(khm_int32 id, wchar_t * buffer, khm_s return KHM_ERROR_SUCCESS;
}
-KHMEXP khm_int32 KHMAPI kcdb_type_register(kcdb_type * type, khm_int32 * new_id)
+KHMEXP khm_int32 KHMAPI kcdb_type_register(const kcdb_type * type, khm_int32 * new_id)
{
kcdb_type_i *t;
size_t cbsize;
|