| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
Replace most calls to krb5_set_error_message with k5_setmsg for
brevity. Leave alone plugin sources where we don't include k5-int.h
(mostly PKINIT).
|
|
|
|
|
|
|
| |
Commit 5f4a4d7d357fedac5feadc65c09ecf487ff98db8 removed the only
unconditional assignment of ret in get_time_offsets, causing the
function to return an uninitialized value if nothing goes wrong.
Initialize ret at declaration time to fix this.
|
|
|
|
|
|
|
| |
Replace the cc_keyring.c credential and principal marshalling
functions with calls to the ccmarshal.c functions. Simplify the
remaining parsing functions (for the index and time offsets) and fold
the resulting code into the calling functions where appropriate.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rename functions not to use the krb5_ prefix, and to use the fcc_ or
krcc_ prefixes only for ccache method implementations. Use shorter
function comments and add missing comments in some cases. Remove
forward declarations where they aren't needed. Use native types
(uint16_t, void *, etc.) in preference to Kerberos type wrappers. Use
"ret" as the variable name for krb5_error_code return values. Use 0
instead of KRB5_OK. Make whitespace conform to current practice.
Remove old #if 0 blocks. Don't cast to and from void * or between
integer types when C guarantees an implicit cast. Use literal 2 and 4
for the size of fixed-width 16-bit and 32-bit types.
In cc_file.c, rewrite the header comment to specify the header format
as updated by version 4 and refer to ccmarshal.c for the principal and
credential format. Also add a helper function to return the cache
version as an integer from 1 to 4, allowing more concise version
checks.
|
|
|
|
|
|
|
|
|
|
| |
Move the time offset lookup from krb5_krcc_resolve to make_cache, so
that we fetch time offsets for caches created by
krb5_krcc_ptcursor_next.
ticket: 7820
target_version: 1.12.2
tags: pullup
|
|
|
|
|
|
|
|
|
|
|
| |
If the session keyring matches the user session keyring, write
explicitly to the user session keyring. Otherwise the kernel might
create a new session keyring for the process, making the resulting
cache collection invisible to other processes.
ticket: 7814
target_version: 1.12.1
tags: pullup
|
|
|
|
|
|
|
|
|
|
|
|
| |
When attempting to use a keyring cache that doesn't exist, set an error
message when we fail to read a principal name, as we do when we return
the same error code when using a file ccache.
[ghudson: removed unnecessary check for d->name nullity.]
ticket: 7809
target_version: 1.12.1
tags: pullup
|
|
|
|
|
|
|
|
|
|
|
| |
By setting the timeout based on the credetial's timeout we let the
system automatically cleanup expired credentials.
[ghudson@mit.edu: simplified code slightly]
ticket: 7769 (new)
target_version: 1.12
tags: pullup
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The code follows the same model used for the memory ccache type. Time
offsets are stored in each credential cache in a special key just like
the principal name. Legacy session caches do not store timestamps as
legacy code would fail when iterating over the new offset key.
[ghudson@mit.edu: minor formatting changes; note legacy session
exception in commit message]
ticket: 7768 (new)
target_version: 1.12
tags: pullup
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When parsing what should be a UID while resolving a KEYRING ccache
name, don't just depend on strtol() to set errno when the residual
that we pass to it can't be parsed as a number. In addition to
checking errno, pass in and check the value of an "endptr".
[ghudson@mit.edu: simplified slightly]
ticket: 7764 (new)
target_version: 1.12
tags: pullup
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for the new anchor names persistent, user, and session.
The persistent anchor attempts to use a persistent keyring for a
specified uid, and falls back to the user keyring if it cannot; the
collection is stored at a fixed name within the persistent or user
keyring. The session anchor uses the session keyring without legacy
semantics.
For all keyring types except legacy, attempt to use the "big_key" key
type on systems which have keyctl_get_persistent. (They are
essentially unrelated features, but were added at the same time.)
This key type is stored in a kernel tmpfs and can store larger
tickets.
Since kernel commit 96b5c8fea6c0861621051290d705ec2e971963f1, new keys
created by add_key() only have VIEW permission for the user, and the
rest of the permissions require "possession," which means there is a
path from the thread, process, or session keyring to the key. For the
user and persistent anchor types, we link the collection into the
process keyring to ensure that we have a possession rights on the
collection.
Adapted from a patch by simo@redhat.com.
ticket: 7711
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Augment the KEYRING ccache type to support collection semantics
similar to those of the DIR type. For keyrings with no anchor prefix,
maintain compatibility with old code by linking the initial primary
cache directly from the session keyring and naming it after the
collection.
See http://k5wiki.kerberos.org/wiki/Projects/Keyring_collection_cache
for more information. Adapted from a patch by simo@redhat.com.
ticket: 7711 (new)
|
|
|
|
|
|
|
|
|
|
| |
Consistently use "cache_name" and "cache_id" to talk about the name
and ID of the keyring containing the cache. In krb5_krcc_resolve, use
"residual" for the residual string as we are no longer using it for
the cache keyring name, and use "anchor_id" for the keyring identified
by the prefix to make it clear that it is not the cache keyring.
Adapted from a patch by simo@redhat.com.
|
|
|
|
|
|
|
|
|
|
| |
If we resolve a KEYRING cache and the key does not exist, wait until
initialize time to create it, to avoid wasting precious kernel memory
on a cache which might not ever be created. Properly error out if
store_cred or start_seq_get is called on an uninitialized cache, as we
would for a FILE cache.
Adapted from a patch by simo@redhat.com.
|
|
|
|
|
|
|
|
|
|
| |
This code can be simplified (and a potential race avoided) by using
keyctl_read_alloc() and letting it allocate the necessary memory.
This also allows to remove a helper function that is not used anymore
as well as make the code more readable. The only penalty is that we
have two allocations instad of one.
[ghudson@mit.edu: trivial simplifications]
|
|
|
|
|
|
|
|
|
| |
numkeys is never really used in the single cache data structure.
Every time a new iteration is started, numkeys is recalculated anyway,
and then only the copy held in the cursor is used. Remove it from the
cache data and keep it only in the cursor.
[ghudson@mit.edu: clarified commit message]
|
|
|
|
|
|
|
| |
This feature was intended to be used by gssd to access users' keyring
credentials, but it was never used.
[ghudson@mit.edu: clarified commit message]
|
|
|
|
|
|
|
|
|
|
|
| |
krb5_cc_get_name() should allow the caller to reconstruct the full
cache name. That is not possible if thread: and process: are omitted
here. (The saved name is not used by anything except
krb5_krcc_get_name, so this change is safe.)
[ghudson@mit.edu: proofread and clarified commit message]
ticket: 7692 (new)
|
|
|
|
|
|
|
|
|
|
| |
Support credentials larger than 4K in cc_keyring.c by calculating the
payload size in one pass, allocating a buffer of precisely the right
size, and then unparsing into that buffer.
[ghudson@mit.edu: squashed two commits; rewrote message; added length
field instead of doing pointer arithmetic on null pointers; used
proper English comments and clarified what code they apply to.]
|
|
|
|
|
|
|
| |
The credential serialization functions do not operate on a ccache, so
do not need it as an argument.
[ghudson@mit.edu: clarified commit message, rewrapped shortened lines]
|
|
|
|
| |
Based on a patch from simo@redhat.com.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Locking and unlocking a non-recursive mutex is a simple memory
operation and should not fail on any reasonable platform with correct
usage. A pthread mutex can return EDEADLK on lock or EPERM on unlock,
or EINVAL if the mutex is uninitialized, but all of these conditions
would reflect serious bugs in the calling code.
Change the k5_mutex_lock and k5_mutex_unlock wrappers to return void
and adjust all call sites. Propagate this change through
k5_cc_mutex_lock and k5_cc_mutex_unlock as well.
|
|
|
|
|
| |
For conciseness, directly use fields of krb5_principal objects instead
of using the accessor macros.
|
|
|
|
|
|
|
|
|
| |
Move internal declarations from k5-int.h to more localized headers
(like int-proto.h) where appropriate. Rename many symbols whose
prototypes were moved to use the k5_ prefix instead of krb5int_.
Remove some unused declarations or move them to the single source file
they were needed in. Remove krb5_creds_compare since it isn't used
any more.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* krb5_cc_get_full_name retrieves the full type:name of a cache.
* krb5_cc_switch makes a cache the primary cache.
* krb5_cc_cache_match searches the collection for a client principal.
* krb5_free_string releases a string (for the krb5_cc_get_full_name
result).
All of these are from Heimdal except for krb5_free_string (Heimdal uses
krb5_xfree).
ticket: 6954
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25155 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
and license comments.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24695 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
make reindent
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
casting away const (so as to make this change warning-neutral), and in
unicode source (which we may want to keep in sync with another
source), and krb5_xfree macro (to be handled separately).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21870 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
char* and calls free.
Replace most uses, outside of the LDAP KDB plugin, which doesn't build
on my test system of the moment because of version dependencies. Add
one explicit cast to make the change warning-neutral (under gcc 4.0.1
on Mac OS X 10.5.6).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21812 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
krb5_cc_lock/unlock, krb5_cccol_lock/unlock, krb5_cc_last_change_time, krb5_cccol_last_change_time, krb5_cc_move, and adds pertype cursor support to some cache types
Locking functions work the same as the CCAPI cc_ccache_lock / cc_context_lock functions, though not as read/write locks.
ticket: 6124
status: open
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20743 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
data was released, but the pointer not zeroed. This resulted in
higher level code trying to free it again.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20667 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
it is private to the ccache code. Include cc-int.h where needed, and
update Makefile.in dependencies.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20662 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20658 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
krb5int_random_string should probably only fail on malloc
failure. Test for an error return from the function and cleanup
properly (release mutex, return error instead of using uninitialized
memory).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20655 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
store_16_be. Change krb5_krcc_unparse_int32 to call
krb5_krc_unparse_ui_4 and reduce duplicated code.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20597 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
- adds a function to get ccache keycount
- uses it in two places
- fixes free problem if next_cred fails
- simplifies the clearcache function by using keyctl_clear
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18649 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
buffer overflow for end of list.
Detected with a hacked up version of valgrind to handle keyring syscalls.
krb5_krcc_next_cred: Move initial test if pointing past end of key
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18643 dc483132-0cff-0310-8789-dd5450dbe970
|
|
aclocal.m4: Enable keyring ccache if the header and library are available; no
configure-time option. No error if it's not found.
ccdefname.c: Keep old default of FILE: cache, at least for now.
libkrb5.exports: Don't export krb5_krcc_ops.
ccbase.c: Only initialize krb5int_krcc_mutex if USE_KEYRING_CCACHE; destroy it
in finalization. Define INITIAL_TYPEHEAD macro (for file vs keyring), and use
it for initialization and in krb5int_cc_finalize. Re-enable freeing of
additional registered-type structures.
cc_keyring.c: Avoid calls to com_err from within library.
cc_file.c: Punt change; generate_new is badly broken, and we expect to replace
it with a new API anyways.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18638 dc483132-0cff-0310-8789-dd5450dbe970
|