| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
Include autoconf.h (either directly or via proxy) before system
headers, so that feature test macros defined there can affect the
system namespace. Where include order was changed, eliminate some
redundant or unnecessary includes.
ticket: 7961
|
| |
|
|
|
|
|
|
| |
Take advantage of the strerror_r portability wrapper to simplify code
using it. Remove unused macros related to strerror_r in
ldap_service_stash.c and plugins.c.
ticket: 7961
|
| |
|
|
|
| |
Fix three mismatched constant names, and properly alphabetize and
columnize the lists of definitions. No functional changes.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Per the ASN.1 definition, the KrbKey salt field is optional. Since
1.7, we have been treating it as mandatory in the encoder; since 1.11,
we have been treating it as mandatory in the decoder. Mostly by luck,
we have been encoding a salt type of 0 when key_data_ver is 1, but we
really should not be looking at key_data_type[1] or key_data_length[1]
in this situation. Treat the salt field as optional in the encoder
and decoder. Although the previous commit ensures that we continue to
always encode a salt (without any dangerous assumptions about
krb5_key_data constructors), this change will allow us to decode key
data encoded by 1.6 without salt fields.
This also fixes issue #7918, by properly setting key_data_ver to 2 if
a salt type but no salt value is present. It is difficult to get the
decoder to actually assign 2 to key_data_ver just because the salt
field is there, so take care of that in asn1_decode_sequence_of_keys.
Adjust kdbtest.c to match the new behavior by setting key_data_ver to
2 in both test keys.
ticket: 7919
target_version: 1.12.2
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In the LDAP KDB module, ensure that every krb5_key_data we pass to
asn1_encode_sequence_of_keys includes a salt type, for compatibility
with the decoder in unpatched krb5 1.11 and 1.12.
This is not a behavior change by itself; since 1.7 the encoder has
always included a KrbKey salt field because it erroneously treats that
field as non-optional. (Luckily, the encoded salt always happens to
have salt type 0 because krb5_key_data constructors start with zeroed
memory.) The next commit will fix the encoder and decoder to properly
treat the KrbKey salt field as optional, so we need this change to
ensure that our encodings remain compatible.
Also fix the ASN.1 tests to set key_data_ver correctly for the sample
test key data.
ticket: 7919
|
| |
|
|
|
|
| |
Replace most calls to krb5_set_error_message with k5_setmsg for
brevity. Leave alone plugin sources where we don't include k5-int.h
(mostly PKINIT).
|
| |
|
|
|
|
|
|
|
| |
The LDAP debug level option (#7551) causes a build failure with the
Solaris LDAP library, which does not have LDAP_OPT_DEBUG_LEVEL.
ticket: 7870 (new)
target_version: 1.12.2
tags: pullup
|
| |
|
|
|
|
|
| |
Make unconditional use of <stdint.h> and fixed-width types such as
uint32_t. k5-plugin.h doesn't use any special integer types, so
remove the conditional include block there. Nothing uses
INT64_FMT/UINT64_FMT, so leave those out of k5-platform.h for now.
|
| |
|
|
|
|
|
|
|
|
| |
The built-in word list is not long enough for all of the libdb2 tests
to run properly. Revert d21a86e47a7cda29225013e08d060095b94b2ee7 and
go back to using the system dictionary if we find one. However, omit
any lines from the chosen word list which contain non-alphabetical
characters.
ticket: 7860
|
| |
|
|
|
|
|
|
|
| |
The optimizer in gcc 4.8.1 (but not the current gcc head revision)
breaks the queue.h CIRCLEQ macros, apparently due to an overzealous
strict aliasing deduction. Use TAILQ macros in the libdb2 mpool code
instead.
ticket: 7860
|
| |
|
|
|
|
|
|
|
| |
The system dictionary may contain entries with punctuation, which can
confuse the shell. It's more predictable to always use the word list
from the source tree.
ticket: 7860
status: open
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Start the process of deprecating krb5-send-pr. In practice, it causes
frustration for some users, and free-form email is good enough for
most bug reports.
Continue to install krb5-send-pr for now, but plan to remove it from
the tree in the future, probably replaced by a script that instructs
the user to send email manually.
ticket: 5566
target_version: 1.12.1
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
In krb5_ldap_initialize, don't just blat the LDAP error into the
extended message; give an indication of which LDAP operation we were
trying to do and show what parameters we gave to it.
(Also, krb5_set_error_message can handle a null context argument, so
don't bother to check before calling.)
ticket: 7739 (new)
target_version: 1.12
tags: pullup
|
| |
|
|
|
|
|
|
| |
When we allocate space for an array of key_data structures, make sure
we allocate at least one, so we don't spuriously fail on platforms
where malloc(0) returns NULL. Where we use malloc, use k5calloc
instead. Where we use krb5_db_alloc or realloc, just allocate an
extra entry.
|
| |
|
|
|
| |
Wherever we use k5alloc with a multiplication in the size parameter,,
use the new k5calloc helper function instead.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Check return values of read() and write(). Avoid some unsigned
comparisons. Cast a ptrdiff_t value to int for use with %d in a
format string.
[ghudson@mit.edu: rewrap long lines; fix one more warning; commit
message]
|
| |
|
|
|
|
|
|
| |
In a static build, linking dbtest could fail on platforms where libdb2
depends on krb5support (platforms without a native mkstemp). Reported
by Gilles Espinasse <g.esp@free.fr>.
ticket: 7651
|
| |
|
|
|
|
|
|
|
| |
Provide default values in pre.in for PROG_LIBPATH, PROG_RPATH,
SHLIB_DIRS, SHLIB_RDIRS, and STOBJLISTS so that they don't have to be
specified in the common case. Rename KRB5_RUN_ENV and KRB5_RUN_VARS
to RUN_SETUP (already the most commonly used name) and RUN_VARS. Make
sure to use DEFINES for local defines (not DEFS). Remove some other
unnecessary makefile content.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Locking and unlocking a non-recursive mutex is a simple memory
operation and should not fail on any reasonable platform with correct
usage. A pthread mutex can return EDEADLK on lock or EPERM on unlock,
or EINVAL if the mutex is uninitialized, but all of these conditions
would reflect serious bugs in the calling code.
Change the k5_mutex_lock and k5_mutex_unlock wrappers to return void
and adjust all call sites. Propagate this change through
k5_cc_mutex_lock and k5_cc_mutex_unlock as well.
|
| |
|
|
|
|
| |
The locking wrapper for audit_as_req used the wrong function
signature, which was harmless but produced a couple of warnings. Fix
it.
|
| |
|
|
|
|
|
| |
If we cannot open the LDAP password file or cannot find the bind DN in
it, include the filename and DN in the error message.
ticket: 7632
|
| |
|
|
|
|
| |
There's no need to check whether the file exists and is readable
before opening it, and setting an extended error message which is just
strerror_r() of the errno value isn't useful.
|
| |
|
|
| |
entry must be initialized before all code which can jump to cleanup.
|
| |
|
|
|
| |
Initialize policy_dn in krb5_ldap_create_password_policy; free values
unconditionally in all ldap_pwd_policy.c cleanup handlers.
|
| | |
|
| |
|
|
|
| |
Initialize policy_dn since we clean it up. Also free it
unconditionally.
|
| |
|
|
|
| |
For easier static analysis, make sure that krb5_decode_princ_entry
always sets *entry_ptr to a valid entry or NULL.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
If db_args is non-null but empty, status could be returned without
being initialized; gcc with optimization correctly warns about this,
causing a build failure. (This bug was introduced by
0b1dc2f93da4c860dd27f1ac997617b712dff383 which was pushed after the
1.11 release branch, so it isn't in any release.)
|
| |
|
|
| |
ticket: 7585
|
| |
|
|
|
|
| |
Rename the krb5int_buf_ family of functions to use the k5_ prefix for
brevity. Reformat some k5buf implementation code to match current
practices.
|
| |
|
|
|
|
| |
Add k5-int.h static functions to duplicate byte ranges, optionally
with a trailing zero byte, and set an error code like k5alloc does.
Use them where they would shorten existing code.
|
| |
|
|
|
|
| |
Make dec_password a static function in ldap_service_stash.c and remove
some impedance mismatch with krb5_ldap_readpassword() by making it
operate on C strings and return a krb5_error_code.
|
| |
|
|
|
|
|
|
| |
The LDAP KDB module has some code to interpret {FILE} values in stash
files, and set the service_cert_path/pass fields in the ldap context.
But there was no code to actually use those values to do client cert
authentication, so it wasn't useful. Remove the partial
implementation.
|
| |
|
|
|
|
| |
Use the oerr parameter to fetch the existing message. Stop handling
oerr == 0, since no call sites were using it. Free the old error
message before returning.
|
| |
|
|
|
|
|
| |
Add a DB option in the LDAP KDB module to turn on debugging messages.
Adapted from a patch by Zoran Pericic <zpericic@inet.hr>.
ticket: 7551 (new)
|
| |
|
|
|
|
|
|
|
|
| |
krb5_ldap_open and krb5_ldap_create contain two large, almost
identical blocks of DB option processing code. Factor it out into a
new function krb5_ldap_parse_db_params in ldap_misc.c, and simplify
the factored-out code. Create a helper function to add server entries
and use it to simplify krb5_ldap_read_server_params as well as DB
option parsing. Since the new DB option helper uses isspace instead
of isblank, we no longer require portability goop for isblank.
|
| |
|
|
|
| |
Mostly this gets rid of the trailing space on line 2 after
bb76891f5386526bdf91bc790c614fc9296cb5fa.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Stop using and maintaining the policy_refcnt field, and do not try to
prevent deletion of a policy which is still referenced by principals.
Instead, allow principals to refer to policy names which do not exist
as policy objects; treat those principals as having no associated
policy.
In the kadmin client, warn if addprinc or modprinc tries to reference
a policy which doesn't exist, since the server will no longer error
out in this case.
ticket: 7385
|
| |
|
|
|
|
|
|
|
|
|
| |
populate_krb5_db_entry() performs a subsidiary LDAP search to load the
password policy, which it uses to update the pw_expiration field.
This has some minimal value (it causes pw_expiration values in
principals to auto-update whenever the pw_max_life field of a policy
changes), but it's complicated, expensive, and inconsistent with the
DB2 back end. Get rid of it.
ticket: 7535 (new)
|
| |
|
|
|
|
|
|
|
|
|
| |
Correct three cases where the wrong expression was checked to see if
an allocation function returned null.
[ghudson@mit.edu: commit message, patch splitting]
ticket: 7534
target_version: 1.11.1
tags: pullup
|
| |
|
|
|
|
|
|
|
| |
An error case in __bt_first would deference a null pointer. This is
an old upstream BDB bug. Use a separate variable to hold the result
of mpool_get() until it has been checked. Reported by Nickolai
Zeldovich <nickolai@csail.mit.edu>.
ticket: 7511
|
| |
|
|
|
|
| |
Nothing was using KRB5_KDB_SRV_TYPE_PASSWD, so get rid of it.
(kpasswdd is part of kadmind and interacts with the KDB using
KRB5_KDB_SRV_TYPE_ADMIN.)
|
| | |
|
| |
|
|
|
|
| |
ldap_realm.c had some code intended to handle a
krbTicketPolicyReference from a krbRealmContainer object, but there
wasn't enough of it to ever do anything. Remove it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Outside of krb5_ldap_read_krbcontainer_params and
krb5_ldap_create_krbcontainer, no fields of
krb5_ldap_krbcontainer_params were used except for the DN. There was
code to create a krbTicketPolicyReference attribute (which would fail
because the schema doesn't allow that attribute, and was never
exercised because kdb5_ldap_util would never set the parameter) and to
read fields like max ticket life from the referenced ticket policy,
but those fields were never used.
Eliminate the structure and just store the container DN in
krb5_ldap_context. Continue creating the container object when
creating a realm (by calling krb5_ldap_create_krbcontainer
unconditionally; it now exits successfully if the container already
exists), but don't ever read it.
|
| |
|
|
|
|
| |
krb5_ldap_put_principal contained some conditionals for the case where
entry->princ is NULL, but only after entry->princ was dereferenced
unconditionally. It's not necessary to handle this case, so don't.
|
| | |
|
