summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Delete more stuff for 'clean' and 'distclean' targetsKen Raeburn2007-03-026-6/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19198 dc483132-0cff-0310-8789-dd5450dbe970
* valgrind detects uninitialized (but really unused) bytes in 'queue'Ken Raeburn2007-03-011-0/+6
| | | | | | | | | | | | | | | | | | | | | The gsstest program exports a GSSAPI security context to a blob in memory, writes that memory to a file, and reads it back to use it. Under valgrind, the writing phase triggers a warning about uninitialized storage. The "queue" structure as implemented in generic/util_ordering.c holds an array of values, some of which may never be initialized. As far as I can tell, those uninitialized values are never used before being initialized, either, but valgrind doesn't know that. This patch zaps the structure contents (including the array) before using the queue object. ticket: new target_version: 1.6.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19196 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_get_cred_from_kdc fails to null terminate the tgt listJeffrey Altman2007-03-011-0/+1
| | | | | | | | | | | | | | | | | | | | | | if the next tgt in a cross-realm traversal cannot be obtained find_nxt_kdc() was calling krb5_free_creds() on the last tgt in the list but was failing to nullify the pointer to the cred that was just freed. if there were no additional tgts obtained, krb5_get_cred_from_kdc() would return a non-NULL terminated cred list to the caller. This would result in a crash when attempting to manipulate the non-existent cred past the end of the list. This commit nullifies the credential pointer in find_nxt_kdc() after the call to krb5_free_creds() ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19195 dc483132-0cff-0310-8789-dd5450dbe970
* Add intalert.h which should have been added as part of Jeffrey Altman2007-02-281-0/+136
| | | | | | | | revision 19189 ticket: 5452 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19191 dc483132-0cff-0310-8789-dd5450dbe970
* Windows - some apps define ssize_t as a preprocessor symbolJeffrey Altman2007-02-281-0/+3
| | | | | | | | ticket: new component: krb5-libs tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19190 dc483132-0cff-0310-8789-dd5450dbe970
* NIM Improved Alert Management Jeffrey Altman2007-02-2862-1582/+5069
| | | | | | | | | | | | This patch implements the new Alert Management functionality. Many improvements to avoid race conditions and improve resource tracking. ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19189 dc483132-0cff-0310-8789-dd5450dbe970
* Unused macro NEG removedKen Raeburn2007-02-261-1/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19183 dc483132-0cff-0310-8789-dd5450dbe970
* When importing a name with a valid (non-null) handle but a zeroKen Raeburn2007-02-241-1/+4
| | | | | | | | | length, set GSS_S_BAD_NAME but not GSS_S_CALL_INACCESSIBLE_READ. ticket: 5445 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19172 dc483132-0cff-0310-8789-dd5450dbe970
* If a reflection is detected, zap the message buffer pointer outputKen Raeburn2007-02-241-1/+4
| | | | | | | | | | argument as well as actually freeing the buffer. (Found while using the gsstest option to exercise error conditions.) ticket: 5445 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19171 dc483132-0cff-0310-8789-dd5450dbe970
* Initialize "loopback" field in newly allocated name structureKen Raeburn2007-02-221-0/+1
| | | | | | | ticket: 5445 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19170 dc483132-0cff-0310-8789-dd5450dbe970
* Ensure consistancy between prototypes and functionsEzra Peisach2007-02-199-30/+23
| | | | | | | | | | | | I am using an older compiler that is complaining that prototypes do not match the functions they reference. The issue is that a number of prototypes are using "const int foo" while the function is "int foo". From a caller sense it makes no difference - but the compiler is correct they are different. All is now consistant. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19169 dc483132-0cff-0310-8789-dd5450dbe970
* Conditionalize some ipv6 bitsKen Raeburn2007-02-161-1/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19168 dc483132-0cff-0310-8789-dd5450dbe970
* Conditionalize more bits that might not be defined by the OSKen Raeburn2007-02-161-0/+10
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19167 dc483132-0cff-0310-8789-dd5450dbe970
* Don't use struct in6_addr if we don't have IPv6 supportKen Raeburn2007-02-161-0/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19165 dc483132-0cff-0310-8789-dd5450dbe970
* rename krb5_server_decrypt_ticket_keyblock() toTom Yu2007-02-132-5/+6
| | | | | | | | krb5int_server_decrypt_ticket_keyblock() ticket: 5349 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19159 dc483132-0cff-0310-8789-dd5450dbe970
* hack to permit GetEnvironmentVariable usage without requiring getenv() ↵Jeffrey Altman2007-02-121-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | conversion Windows has a major flaw when it comes to the use of getenv/putenv. getenv/putenv do not modify the actual environment of the process. Instead, they modify a copy of the environment block at the time the C Runtime Library was initialized for the current module. In other words, the C Runtime Library environment block for the executable is not the same as the C Runtime Library environment block for the krb5_32.dll library, etc. This results in problems when a process wants to set the default ccache name outside the krb5_context. The krb5_context default ccname disappears when the context is destroyed. gss_acquire_cred() suffers from the creation and destruction of krb5_contexts and therefore the krb5_context default ccname cannot be used to set a default ccname. Instead, the process environment must be used. In order to modify the process environment, SetEnvironmentVariable() must be used. However, this does not result in the C Runtime Library environment blocks being updated. putenv() does not see the definition of "KRB5CCNAME". This patch modifies get_os_ccname() for Windows to check GetEnvironmentVariable() before checking the registry. This hack will work as long as there is no "KRB5CCNAME" variable in the C Runtime Library environment block. The long term solution is to replace all calls to getenv and putenv with GetEnvironmentVariable/SetEnvironmentVariable for Windows. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19154 dc483132-0cff-0310-8789-dd5450dbe970
* In the resolve function - ensure on memory allocation error - Ezra Peisach2007-02-121-3/+6
| | | | | | | | | | deref of null pointer does not happen. Also include kt-int.h for prototypes. ticket: 5411 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19153 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_kt_default_name should take an unsized lengthEzra Peisach2007-02-052-6/+6
| | | | | | | | | | The internal code to krb5_kt_default_name was casting the length to size_t. Change prototype to take an unsigned - which makes sense in how the code uses it. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19144 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_kt_get_type should return const char *. Ezra Peisach2007-02-054-5/+5
| | | | | | | | | | | | The code returns a pointer to static structures. Just to enforce the assumption that users can not change the returned data. Change prototype of krb5_kt_get_type to return const char *. The other changes are to clean up warnings - no change in code - usage assumed const. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19143 dc483132-0cff-0310-8789-dd5450dbe970
* Add a new program to perform various tests on the WRFILE: and MEMORY: keytabsEzra Peisach2007-02-042-8/+461
| | | | | | | | | | I developed this program to test functionality of the MEMORY keytab - which resulted in the numerous fixes that have been committed recently. Tests all functioanlity of keytabs except for krb5_kt_default() and krb5_kt_read_service_key() - although essential functionality tested. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19142 dc483132-0cff-0310-8789-dd5450dbe970
* MEMORY keytab krb5_kt_get_entry sets enctype to 0 if unspecifiedEzra Peisach2007-02-041-10/+10
| | | | | | | | | | | | | If one invokes krb5_kt_get_entry() for a memory keytab w/ an unspecified enctype (i.e. 0) - the returned keytab has it's enctype set to 0 as well. Also - in copying out the found keytab_entry - when a kvno is unspecified, the last match found is used - not the one with the highest vno. This was caused by copying out the variable "entry" and not "match". Ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19141 dc483132-0cff-0310-8789-dd5450dbe970
* MEMORY keytab does not copy keytab_entry keyblock contentsEzra Peisach2007-02-041-3/+21
| | | | | | | | | | | | | | | | | In krb5_kt_add_entry: The MEMORY keytab does not make a copy of the keytab_entry keyblock contents - but instead retains a pointer to the incomming one. In krb5_kt_get_entry and krb5_kt_get_next - a pointer to internal keyblock contents memory is returned to the caller - which is subsequently freed when tht caller invokes krb5_free_keytab_entry_contents. Solution is to use krb5_copy_keyblock_contents() instead of simply copying the structure. Ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19140 dc483132-0cff-0310-8789-dd5450dbe970
* The default K4 compatibility mode is now none, not preauth. Also documentRuss Allbery2007-02-031-3/+7
| | | | | | | | | | | | that the valid values for v4_mode are the valid arguments to the -4 flag to krb5kdc. Ticket: 2724 Component: krb5-doc Target_Version: 1.6.1 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19139 dc483132-0cff-0310-8789-dd5450dbe970
* Memory leak in new memory keytabEzra Peisach2007-02-031-0/+2
| | | | | | | | | | The memory keytab introduced in ticket 5411 suffers from a memory leak in the Heimdal compatible kt_close() handling and thread destructor in which the cursor->entry is not freed. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19138 dc483132-0cff-0310-8789-dd5450dbe970
* buffer overflow in krb5_kt_get_nameEzra Peisach2007-02-013-3/+3
| | | | | | | | | | | | | | | | | | | | | krb5_kt_get_name() allows the called to specify the size of the buffer to copy the name into. The size must be big enough for the tailing nul character. If one specified a buffer length that is precisely the strlen w/o allowing for the nul - the functions would copy one past the end of the buffer. No code in our tree would be subject this problem - as buffers in use are 1024 or BUFSIZ.... The logic failure was: strlen(p+1) vs. strlen(p)+1 The code is essentially duplicated in the three changed files. Ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19137 dc483132-0cff-0310-8789-dd5450dbe970
* Use krb5.h now for kdb errors, not kdb5_err.hKen Raeburn2007-02-012-3/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19136 dc483132-0cff-0310-8789-dd5450dbe970
* Don't need to initialize error tablesKen Raeburn2007-02-011-2/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19133 dc483132-0cff-0310-8789-dd5450dbe970
* Don't need to register WRFILE: keytab type, it's already in the compiled-inKen Raeburn2007-02-012-17/+1
| | | | | | list. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19132 dc483132-0cff-0310-8789-dd5450dbe970
* Fix merge botches:Tom Yu2007-01-312-12/+30
| | | | | | | | | | | | restore krb5_get_init_creds_opt_set_change_password_prompt() undo accidental reversion of preauth_tryagain change to krb5_get_init_creds() ticket: 5420 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19131 dc483132-0cff-0310-8789-dd5450dbe970
* remove krb5_get_init_creds_opt_set_pkinit() for nowTom Yu2007-01-313-82/+0
| | | | | | | ticket: 5420 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19130 dc483132-0cff-0310-8789-dd5450dbe970
* sort, remove duplicatesKen Raeburn2007-01-301-7/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19129 dc483132-0cff-0310-8789-dd5450dbe970
* update def-check to look at preauth_plugin.hTom Yu2007-01-301-2/+5
| | | | | | | ticket: 5420 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19128 dc483132-0cff-0310-8789-dd5450dbe970
* get_init_creds_opt extensibilityTom Yu2007-01-3015-101/+925
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | r18922@cathode-dark-space: coffman | 2006-12-04 18:30:15 -0500 First cut at making the get_init_creds_opt structure extendable and adding library functions to set options for preauthentication plugins. This does *not* include a compatibility function to work like Heimdal's krb5_get_init_creds_opt_set_pkinit() function. Hopefully, the test code that doesn't belong in kinit.c is obvious. r18929@cathode-dark-space: coffman | 2006-12-07 10:01:20 -0500 Remove extra "user_id" parameter. Add function which duplicates the Heimdal interface (if we can agree on what the matching attribute names should be). r18934@cathode-dark-space: coffman | 2006-12-08 15:28:03 -0500 Update to use the simplified interface for krb5_get_init_creds_opt_set_pa() Add code in kinit to process "-X" options as preauth options and pass them along. r18936@cathode-dark-space: coffman | 2006-12-11 12:04:26 -0500 Move prototypes for get_init_creds_opt_get_pa() and krb5_get_init_creds_opt_free_pa() into the preauth_plugin.h header rather than krb5.hin. ticket: new status: open component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19127 dc483132-0cff-0310-8789-dd5450dbe970
* This commit adds a thread safe MEMORY keytab implementation Jeffrey Altman2007-01-305-11/+720
| | | | | | | | | | | | | | | that is compatible with Heimdal 0.7. Each successful resolve returns a handle to a keytab and increases the internal reference count. Each close invalidates the handle and decreases the reference count. When the reference count hits zero, the keytab is destroyed. When a kt_destroy function is added, the automatic destruction after close behavior will be removed. ticket: 5411 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19126 dc483132-0cff-0310-8789-dd5450dbe970
* Conditionalize ssize_t declarationJeffrey Altman2007-01-301-0/+3
| | | | | | ticket: 5419 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19125 dc483132-0cff-0310-8789-dd5450dbe970
* The fix for the command line race conditionsJeffrey Altman2007-01-301-3/+4
| | | | | | | | | broke the ability to cancel and restart the Obtain New Credentials dialog ticket: 5414 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19124 dc483132-0cff-0310-8789-dd5450dbe970
* Microsoft Windows Visual Studio does not define ssize_tJeffrey Altman2007-01-301-0/+8
| | | | | | | | | | | | | | Microsoft defines size_t but not ssize_t. Provide a definition in win-mac.h that follows the style used by Microsoft providing a preprocessor macro SSIZE_T_DEFINED which can be used for conditional definition and testing in case Microsoft decides to add it later. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19123 dc483132-0cff-0310-8789-dd5450dbe970
* KFW: 32-bit builds use the pismere krbv4w32.dll libraryJeffrey Altman2007-01-301-2/+2
| | | | | | | | | | Only the 32-bit builds should use the pismere krbv4w32.dll library. Pismere does not provide 64-bit support. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19122 dc483132-0cff-0310-8789-dd5450dbe970
* sortKen Raeburn2007-01-271-9/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19119 dc483132-0cff-0310-8789-dd5450dbe970
* sortKen Raeburn2007-01-271-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19114 dc483132-0cff-0310-8789-dd5450dbe970
* NIM Bug FixesJeffrey Altman2007-01-246-59/+186
| | | | | | | | | | | | | | | | | | | | Document User Interface Callbacks Fix a race condition when performing renewal actions triggered by command line parameters. When importing credentials, kickoff a renewal after the credentials after the API: ccache is created. Another fix for identity expiration states. This one fixes the behavior of the system tray icon. ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19110 dc483132-0cff-0310-8789-dd5450dbe970
* ideas for passing error msg info across kadm5 apiKen Raeburn2007-01-231-0/+59
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19109 dc483132-0cff-0310-8789-dd5450dbe970
* Add const to variable to cleanup warningsEzra Peisach2007-01-231-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19108 dc483132-0cff-0310-8789-dd5450dbe970
* Include k5-int.h for krb5_cc_register() prototype. Remove defintion ofEzra Peisach2007-01-231-2/+1
| | | | | | krb5_cc_dfl_ops - as k5-int.h defines. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19107 dc483132-0cff-0310-8789-dd5450dbe970
* Change second argument to krb5_cc_register to take a const krb5_cc_ops *. MakesEzra Peisach2007-01-232-2/+3
| | | | | | | sense - when krb5_Xcc_ops currently defined as such - and assignment of value assumes same. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19106 dc483132-0cff-0310-8789-dd5450dbe970
* gss_krb5int_unseal_token_v3() - change bodysize argument to unsigned -Ezra Peisach2007-01-232-2/+3
| | | | | | | which is consistent with how it is invoked and used. Cleans up two signed/unsigned warnings. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19105 dc483132-0cff-0310-8789-dd5450dbe970
* kt_file.c memory leak on error in krb5_kt_resolve / krb5_kt_wresolveJeffrey Altman2007-01-231-0/+2
| | | | | | | | | | The krb5_kt_resolve and krb5_kt_wresolve functions leak the 'data' memory allocation if the lock cannot be initialized. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19104 dc483132-0cff-0310-8789-dd5450dbe970
* Include fake-addrinfo.h before krb5.h to get proper structure declarationsEzra Peisach2007-01-221-3/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19103 dc483132-0cff-0310-8789-dd5450dbe970
* Only declare cc_fcc_entry if USE_KEYRING_CCACHE is not definedEzra Peisach2007-01-211-0/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19102 dc483132-0cff-0310-8789-dd5450dbe970
* small fixesJeffrey Altman2007-01-202-3/+5
| | | | | | ticket: 5408 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19101 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2026-03-19 22:13:53 +0000