summaryrefslogtreecommitdiffstats
path: root/src/lib/krb5/ccache/cc_keyring.c
Commit message (Collapse)AuthorAgeFilesLines
* Use k5_setmsgGreg Hudson2014-06-051-6/+5
| | | | | | Replace most calls to krb5_set_error_message with k5_setmsg for brevity. Leave alone plugin sources where we don't include k5-int.h (mostly PKINIT).
* Fix uninitialized variable bug in KEYRING ccacheGreg Hudson2014-05-281-1/+1
| | | | | | | Commit 5f4a4d7d357fedac5feadc65c09ecf487ff98db8 removed the only unconditional assignment of ret in get_time_offsets, causing the function to return an uninitialized value if nothing goes wrong. Initialize ret at declaration time to fix this.
* Use cred marshalling functions in cc_keyring.cGreg Hudson2014-05-171-1039/+56
| | | | | | | Replace the cc_keyring.c credential and principal marshalling functions with calls to the ccmarshal.c functions. Simplify the remaining parsing functions (for the index and time offsets) and fold the resulting code into the calling functions where appropriate.
* Modernize cc_file.c and cc_keyring.cGreg Hudson2014-05-171-1131/+839
| | | | | | | | | | | | | | | | | | | Rename functions not to use the krb5_ prefix, and to use the fcc_ or krcc_ prefixes only for ccache method implementations. Use shorter function comments and add missing comments in some cases. Remove forward declarations where they aren't needed. Use native types (uint16_t, void *, etc.) in preference to Kerberos type wrappers. Use "ret" as the variable name for krb5_error_code return values. Use 0 instead of KRB5_OK. Make whitespace conform to current practice. Remove old #if 0 blocks. Don't cast to and from void * or between integer types when C guarantees an implicit cast. Use literal 2 and 4 for the size of fixed-width 16-bit and 32-bit types. In cc_file.c, rewrite the header comment to specify the header format as updated by version 4 and refer to ccmarshal.c for the principal and credential format. Also add a helper function to return the cache version as an integer from 1 to 4, allowing more concise version checks.
* Get time offsets for all keyring ccachesGreg Hudson2014-01-171-20/+23
| | | | | | | | | | Move the time offset lookup from krb5_krcc_resolve to make_cache, so that we fetch time offsets for caches created by krb5_krcc_ptcursor_next. ticket: 7820 target_version: 1.12.2 tags: pullup
* Work around Linux session keyring write behaviorGreg Hudson2014-01-101-4/+24
| | | | | | | | | | | If the session keyring matches the user session keyring, write explicitly to the user session keyring. Otherwise the kernel might create a new session keyring for the process, making the resulting cache collection invisible to other processes. ticket: 7814 target_version: 1.12.1 tags: pullup
* Set an error message when keyring get_princ failsNalin Dahyabhai2013-12-201-0/+3
| | | | | | | | | | | | When attempting to use a keyring cache that doesn't exist, set an error message when we fail to read a principal name, as we do when we return the same error code when using a file ccache. [ghudson: removed unnecessary check for d->name nullity.] ticket: 7809 target_version: 1.12.1 tags: pullup
* Set expiration time on keys and keyringsSimo Sorce2013-11-151-5/+66
| | | | | | | | | | | By setting the timeout based on the credetial's timeout we let the system automatically cleanup expired credentials. [ghudson@mit.edu: simplified code slightly] ticket: 7769 (new) target_version: 1.12 tags: pullup
* Add support to store time offsets in cc_keyringSimo Sorce2013-11-151-2/+203
| | | | | | | | | | | | | | The code follows the same model used for the memory ccache type. Time offsets are stored in each credential cache in a special key just like the principal name. Legacy session caches do not store timestamps as legacy code would fail when iterating over the new offset key. [ghudson@mit.edu: minor formatting changes; note legacy session exception in commit message] ticket: 7768 (new) target_version: 1.12 tags: pullup
* Catch more strtol() failures when using KEYRINGsNalin Dahyabhai2013-11-121-3/+3
| | | | | | | | | | | | | When parsing what should be a UID while resolving a KEYRING ccache name, don't just depend on strtol() to set errno when the residual that we pass to it can't be parsed as a number. In addition to checking errno, pass in and check the value of an "endptr". [ghudson@mit.edu: simplified slightly] ticket: 7764 (new) target_version: 1.12 tags: pullup
* Support new KEYRING anchor names and big_key keysGreg Hudson2013-10-021-27/+137
| | | | | | | | | | | | | | | | | | | | | | | | | | | Add support for the new anchor names persistent, user, and session. The persistent anchor attempts to use a persistent keyring for a specified uid, and falls back to the user keyring if it cannot; the collection is stored at a fixed name within the persistent or user keyring. The session anchor uses the session keyring without legacy semantics. For all keyring types except legacy, attempt to use the "big_key" key type on systems which have keyctl_get_persistent. (They are essentially unrelated features, but were added at the same time.) This key type is stored in a kernel tmpfs and can store larger tickets. Since kernel commit 96b5c8fea6c0861621051290d705ec2e971963f1, new keys created by add_key() only have VIEW permission for the user, and the rest of the permissions require "possession," which means there is a path from the thread, process, or session keyring to the key. For the user and persistent anchor types, we link the collection into the process keyring to ensure that we have a possession rights on the collection. Adapted from a patch by simo@redhat.com. ticket: 7711
* Add collection support for KEYRING ccache typeGreg Hudson2013-10-021-149/+790
| | | | | | | | | | | | | Augment the KEYRING ccache type to support collection semantics similar to those of the DIR type. For keyrings with no anchor prefix, maintain compatibility with old code by linking the initial primary cache directly from the session keyring and naming it after the collection. See http://k5wiki.kerberos.org/wiki/Projects/Keyring_collection_cache for more information. Adapted from a patch by simo@redhat.com. ticket: 7711 (new)
* Clarify variable names in cc_keyring.cGreg Hudson2013-09-281-56/+55
| | | | | | | | | | Consistently use "cache_name" and "cache_id" to talk about the name and ID of the keyring containing the cache. In krb5_krcc_resolve, use "residual" for the residual string as we are no longer using it for the cache keyring name, and use "anchor_id" for the keyring identified by the prefix to make it clear that it is not the cache keyring. Adapted from a patch by simo@redhat.com.
* Defer KEYRING key creation until initializeGreg Hudson2013-09-281-22/+58
| | | | | | | | | | If we resolve a KEYRING cache and the key does not exist, wait until initialize time to create it, to avoid wasting precious kernel memory on a cache which might not ever be created. Properly error out if store_cred or start_seq_get is called on an uninitialized cache, as we would for a FILE cache. Adapted from a patch by simo@redhat.com.
* Simplify krb5_krcc_start_seq_getSimo Sorce2013-08-191-41/+20
| | | | | | | | | | This code can be simplified (and a potential race avoided) by using keyctl_read_alloc() and letting it allocate the necessary memory. This also allows to remove a helper function that is not used anymore as well as make the code more readable. The only penalty is that we have two allocations instad of one. [ghudson@mit.edu: trivial simplifications]
* Remove unused counter in keyring ccacheSimo Sorce2013-08-161-23/+10
| | | | | | | | | numkeys is never really used in the single cache data structure. Every time a new iteration is started, numkeys is recalculated anyway, and then only the copy held in the cursor is used. Remove it from the cache data and keep it only in the cursor. [ghudson@mit.edu: clarified commit message]
* Remove unused _gssd_keyring_ids_ featureSimo Sorce2013-08-161-85/+3
| | | | | | | This feature was intended to be used by gssd to access users' keyring credentials, but it was never used. [ghudson@mit.edu: clarified commit message]
* Save the full residual for keyring cachesSimo Sorce2013-08-151-1/+1
| | | | | | | | | | | krb5_cc_get_name() should allow the caller to reconstruct the full cache name. That is not possible if thread: and process: are omitted here. (The saved name is not used by anything except krb5_krcc_get_name, so this change is safe.) [ghudson@mit.edu: proofread and clarified commit message] ticket: 7692 (new)
* Use dry-run unparses in keyring ccacheSimo Sorce2013-08-151-40/+78
| | | | | | | | | | Support credentials larger than 4K in cc_keyring.c by calculating the payload size in one pass, allocating a buffer of precisely the right size, and then unparsing into that buffer. [ghudson@mit.edu: squashed two commits; rewrote message; added length field instead of doing pointer arithmetic on null pointers; used proper English comments and clarified what code they apply to.]
* Remove unused function arguments in cc_keyring.cSimo Sorce2013-08-021-172/+149
| | | | | | | The credential serialization functions do not operate on a ccache, so do not need it as an argument. [ghudson@mit.edu: clarified commit message, rewrapped shortened lines]
* Fix leak in krb5_krcc_unparse_cred on errorGreg Hudson2013-08-021-1/+3
| | | | Based on a patch from simo@redhat.com.
* Fix various warningsGreg Hudson2013-06-071-41/+12
|
* Assume mutex locking cannot failGreg Hudson2013-05-141-39/+18
| | | | | | | | | | | | Locking and unlocking a non-recursive mutex is a simple memory operation and should not fail on any reasonable platform with correct usage. A pthread mutex can return EDEADLK on lock or EPERM on unlock, or EINVAL if the mutex is uninitialized, but all of these conditions would reflect serious bugs in the calling code. Change the k5_mutex_lock and k5_mutex_unlock wrappers to return void and adjust all call sites. Propagate this change through k5_cc_mutex_lock and k5_cc_mutex_unlock as well.
* Simplify principal access within libkrb5Greg Hudson2013-04-081-14/+8
| | | | | For conciseness, directly use fields of krb5_principal objects instead of using the accessor macros.
* Move a bunch of stuff out of k5-int.hGreg Hudson2013-03-241-2/+2
| | | | | | | | | Move internal declarations from k5-int.h to more localized headers (like int-proto.h) where appropriate. Rename many symbols whose prototypes were moved to use the k5_ prefix instead of krb5int_. Remove some unused declarations or move them to the single source file they were needed in. Remove krb5_creds_compare since it isn't used any more.
* Add new cache collection APIsGreg Hudson2011-09-051-0/+2
| | | | | | | | | | | | | | | * krb5_cc_get_full_name retrieves the full type:name of a cache. * krb5_cc_switch makes a cache the primary cache. * krb5_cc_cache_match searches the collection for a client principal. * krb5_free_string releases a string (for the krb5_cc_get_full_name result). All of these are from Heimdal except for krb5_free_string (Heimdal uses krb5_xfree). ticket: 6954 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25155 dc483132-0cff-0310-8789-dd5450dbe970
* Adjust most C source files to match the new standards for copyrightGreg Hudson2011-03-091-5/+3
| | | | | | and license comments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24695 dc483132-0cff-0310-8789-dd5450dbe970
* make mark-cstyleTom Yu2009-10-311-413/+414
| | | | | | make reindent git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of casts of free() argument to char*, except where it'sKen Raeburn2009-02-021-3/+3
| | | | | | | | casting away const (so as to make this change warning-neutral), and in unicode source (which we may want to keep in sync with another source), and krb5_xfree macro (to be handled separately). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21870 dc483132-0cff-0310-8789-dd5450dbe970
* Start to phase out krb5_xfree macro, which just casts its argument toKen Raeburn2009-01-281-16/+16
| | | | | | | | | | | char* and calls free. Replace most uses, outside of the LDAP KDB plugin, which doesn't build on my test system of the moment because of version dependencies. Add one explicit cast to make the change warning-neutral (under gcc 4.0.1 on Mac OS X 10.5.6). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21812 dc483132-0cff-0310-8789-dd5450dbe970
* Merge 1.7 work on auxiliary ccache functions necessary for KIM. Adds ↵Justin Anderson2008-09-221-26/+112
| | | | | | | | | | | krb5_cc_lock/unlock, krb5_cccol_lock/unlock, krb5_cc_last_change_time, krb5_cccol_last_change_time, krb5_cc_move, and adds pertype cursor support to some cache types Locking functions work the same as the CCAPI cc_ccache_lock / cc_context_lock functions, though not as read/write locks. ticket: 6124 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20743 dc483132-0cff-0310-8789-dd5450dbe970
* In parsing authorization data, if run out of memory, the authorizationEzra Peisach2008-08-161-2/+5
| | | | | | | data was released, but the pointer not zeroed. This resulted in higher level code trying to free it again. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20667 dc483132-0cff-0310-8789-dd5450dbe970
* Move prototype for krb5int_random_string from k5-int.h to cc-int.h asEzra Peisach2008-08-151-1/+1
| | | | | | | it is private to the ccache code. Include cc-int.h where needed, and update Makefile.in dependencies. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20662 dc483132-0cff-0310-8789-dd5450dbe970
* In parsing principal - if run out memory - clean up after ourselves. Ezra Peisach2008-08-141-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20658 dc483132-0cff-0310-8789-dd5450dbe970
* Error return from krb5int_random_string not tested in ccache codeEzra Peisach2008-08-141-1/+7
| | | | | | | | | krb5int_random_string should probably only fail on malloc failure. Test for an error return from the function and cleanup properly (release mutex, return error instead of using uninitialized memory). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20655 dc483132-0cff-0310-8789-dd5450dbe970
* Use krb5int_random_string, load_32_be, load_16_be, store_32_be, andKen Raeburn2008-08-021-66/+6
| | | | | | | store_16_be. Change krb5_krcc_unparse_int32 to call krb5_krc_unparse_ui_4 and reduce duplicated code. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20597 dc483132-0cff-0310-8789-dd5450dbe970
* Patch from Kevin Coffman:Ken Raeburn2006-10-051-44/+35
| | | | | | | | | - adds a function to get ccache keycount - uses it in two places - fixes free problem if next_cred fails - simplifies the clearcache function by using keyctl_clear git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18649 dc483132-0cff-0310-8789-dd5450dbe970
* array before test for pointing at entry with the principal. AvoidsEzra Peisach2006-10-041-4/+8
| | | | | | | | | | buffer overflow for end of list. Detected with a hacked up version of valgrind to handle keyring syscalls. krb5_krcc_next_cred: Move initial test if pointing past end of key git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18643 dc483132-0cff-0310-8789-dd5450dbe970
* Merge Kevin Coffman's keyring ccache branch for Linux, with some modifications:Ken Raeburn2006-10-021-0/+2080
aclocal.m4: Enable keyring ccache if the header and library are available; no configure-time option. No error if it's not found. ccdefname.c: Keep old default of FILE: cache, at least for now. libkrb5.exports: Don't export krb5_krcc_ops. ccbase.c: Only initialize krb5int_krcc_mutex if USE_KEYRING_CCACHE; destroy it in finalization. Define INITIAL_TYPEHEAD macro (for file vs keyring), and use it for initialization and in krb5int_cc_finalize. Re-enable freeing of additional registered-type structures. cc_keyring.c: Avoid calls to com_err from within library. cc_file.c: Punt change; generate_new is badly broken, and we expect to replace it with a new API anyways. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18638 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2024-06-07 01:42:01 +0000