summaryrefslogtreecommitdiffstats
path: root/src/plugins
Commit message (Collapse)AuthorAgeFilesLines
...
* Change krb5_context.db_context to point to the real structure type,Ken Raeburn2008-06-0211-58/+57
| | | | | | | | and change uses to not cast all the time. Also rename it from db_context to dal_handle, since one of the fields in the pointed-to structure is also called db_context. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20348 dc483132-0cff-0310-8789-dd5450dbe970
* signed vs unsigned char * warnings in kdb_xdr.cAlexandra Ellwood2008-05-301-6/+6
| | | | | | | | | | | load and store functions in k5-platform.h take an unsigned char *, whereas kdb_xdr.c was using a char * for decoding. This resulted in pages of warnings in the parsing code. Switched to using an unsigned char * and cast in the couple places where a char * is needed. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20343 dc483132-0cff-0310-8789-dd5450dbe970
* Use $(DL_LIB) instead of explicit -ldlKen Raeburn2008-05-191-1/+1
| | | | | | ticket: 5899 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20325 dc483132-0cff-0310-8789-dd5450dbe970
* Properly escape - in kdb5_ldap_util man pageRuss Allbery2008-04-281-55/+55
| | | | | | | | | | | | | | | | The LDAP plugin introduced a new man page which has unescaped hyphens. Unicode-aware groffs may convert those to real hyphens rather than the intended ASCII hyphen. This patch adds backslashes in front of all the bare hyphens that I plus Debian's lintian program could find to force interpretation as ASCII hyphens. Ticket: new Component: krb5-doc Version_Reported: 1.6.3 Target_Version: 1.6.4 Tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20311 dc483132-0cff-0310-8789-dd5450dbe970
* more tests for libdb btree page split on zero indexTom Yu2008-02-073-4/+113
| | | | | | | | | | | | | | | | | | | | Enhance btree debugging output somewhat to limit key printout to the key length if the key is not null-terminated. Add additional test case for the zero-index page split bug; test case can create a corrupted btree database with records unreachable by random access but reachable by sequential access. Requires recompiling with CPPFLAGS='-DDEBUG -DDEBUG_IDX0SPLIT' to correctly model mpool page reuse that would be present in production conditions. (CPPFLAGS=-DDEBUG would otherwise explicitly overwrite the contents of reused pages.) ticket: new target_version: 1.6.4 tags: pullup component: krb5-kdc git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20222 dc483132-0cff-0310-8789-dd5450dbe970
* libdb btree page split on zero index corrupts dbTom Yu2008-02-012-4/+54
| | | | | | | | | | | | | | | | | | | | Splitting a btree page on index 0 can corrupt the database if the key length plus data length is exactly a certain value. This certain size causes the item to get the left page to itself, and causes the right page to contain an erroneous additional index "hole" having an uninitialized value. This bug may be one of the remaining causes of unexplained database corruption reported over the years. Shawn Emery provided useful data from actual instances of this corruption. Add a test case for this bug. (Raw libdb test rather than kdb; the latter would be much harder.) ticket: new target_version: 1.6.4 tags: pullup component: krb5-kdc git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20214 dc483132-0cff-0310-8789-dd5450dbe970
* Include k5-platform.hKen Raeburn2007-11-041-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20163 dc483132-0cff-0310-8789-dd5450dbe970
* Include k5-platform.hKen Raeburn2007-10-301-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20153 dc483132-0cff-0310-8789-dd5450dbe970
* delete unused configure.inTom Yu2007-10-231-19/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20145 dc483132-0cff-0310-8789-dd5450dbe970
* Set close-on-exec flag in most places where file descriptors areKen Raeburn2007-10-2216-186/+198
| | | | | | | | | | | | | | | | | | | | | | | | | | | opened in our libraries (in case another application thread spawns a new process) and in the KDC programs (in case a plugin library spawns a new process). Checked calls to: open fopen THREEPARAMOPEN mkstemp socket accept dup dup2 pipe. In: util lib plugins kdc kadmin/server krb524. The various programs are less critical than the libraries, as any well-written plugin that spawns a new process should close all file descriptors it doesn't need to communicate with the new process. This approach also isn't bulletproof, as the call to set the close-on-exec flag is necessarily a separate call from creating the file descriptor, and the fork call could happen in between them. So plugins should be careful regardless of this patch; it will only reduce the window of potential lossage should a plugin be poorly written. (AFAIK there are currently no plugins that spawn processes where this would be a problem.) Update dependencies. ticket: 5561 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20143 dc483132-0cff-0310-8789-dd5450dbe970
* we're not using changelog files any moreKen Raeburn2007-09-242-49/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19971 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2007-08-161-14/+16
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19832 dc483132-0cff-0310-8789-dd5450dbe970
* Remove these files that were not intended to be moved onto the trunkKevin Coffman2007-08-062-281/+0
| | | | | | ticket: 5617 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19753 dc483132-0cff-0310-8789-dd5450dbe970
* Add PKINIT supportKevin Coffman2007-08-0120-28/+14264
| | | | | | | | | | | | | | | | Pull up PKINIT support onto the trunk. Changes from the version in branch users/coffman/pkinit are: - Update the preauth plugin interface version to avoid conflict with any existing plugins. - Add a pkcs11.h locally to the pkinit code rather than depending on opensc being installed. ticket: new Target_Version: 1.6.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19745 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2007-07-275-100/+114
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19737 dc483132-0cff-0310-8789-dd5450dbe970
* Avoid unchecked sprintf in some KDC-side programsKen Raeburn2007-07-122-10/+16
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19705 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2007-07-105-114/+100
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19688 dc483132-0cff-0310-8789-dd5450dbe970
* Fix typo in yesterday's change (u_int_8_t -> u_int8_t)Ken Raeburn2007-06-201-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19609 dc483132-0cff-0310-8789-dd5450dbe970
* Configure libdb2 in top-level configure scriptKen Raeburn2007-06-208-45/+14
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19606 dc483132-0cff-0310-8789-dd5450dbe970
* Add the libdb2 type-existence tests to the top-level configure script.Ken Raeburn2007-06-2012-192/+177
| | | | | | | | | | | Replace the generated header files in db2 with static ones that include autoconf.h and make decisions based on the macros defined there. Omit some tests that test for things we assume now, like "const" working and "size_t" being defined. Update dependencies. The libdb2 configure script now generates no header files. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19605 dc483132-0cff-0310-8789-dd5450dbe970
* Use k5-platform.h instead of local configure to find mkstempKen Raeburn2007-06-203-7/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19604 dc483132-0cff-0310-8789-dd5450dbe970
* Add 'make depend' capability, and dependenciesKen Raeburn2007-06-205-0/+186
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19603 dc483132-0cff-0310-8789-dd5450dbe970
* We have code elsewhere that assumes the existence of memmove andKen Raeburn2007-06-206-243/+4
| | | | | | | strerror, and it builds everywhere we care about. So punt the substitute versions and everything else from libdb2/clib. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19602 dc483132-0cff-0310-8789-dd5450dbe970
* Move (BSD-licensed) mkstemp from libdb2 to libkrb5support, and renameKen Raeburn2007-06-204-131/+7
| | | | | | | | | | | | | the function to krb5int_mkstemp. Generate the symbol export list for libkrb5support at build time. Declare krb5int_mkstemp in k5-platform.h. Change cc_file.c to use mkstemp unconditionally. Make libdb2.so (built for testing only) link against the libkrb5support, and use krb5int_mkstemp if mkstemp is not available. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19600 dc483132-0cff-0310-8789-dd5450dbe970
* Configure libkdb_ldap directory at top levelKen Raeburn2007-05-312-38/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19566 dc483132-0cff-0310-8789-dd5450dbe970
* Configure cksum_body and wpse in top-level configure script. (Still don't ↵Ken Raeburn2007-05-316-34/+22
| | | | | | build by default.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19565 dc483132-0cff-0310-8789-dd5450dbe970
* Fix up declarations of some static functions.Ken Raeburn2007-05-232-3/+7
| | | | | | | Now the eDirectory support compiles on Mac OS X 10.4.9 (but doesn't link because "ldap_explode_dn" is not found). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19555 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unused fileKen Raeburn2007-05-071-81/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19542 dc483132-0cff-0310-8789-dd5450dbe970
* Remove redundant check for null pointerKen Raeburn2007-04-131-1/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19462 dc483132-0cff-0310-8789-dd5450dbe970
* Configure db2 plugin directory at top levelKen Raeburn2007-03-252-27/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19277 dc483132-0cff-0310-8789-dd5450dbe970
* Pass the extra library dependency on AIX (is this even still needed??) via a newKen Raeburn2007-03-252-2/+6
| | | | | | variable instead of by updating LIBS at configure time. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19276 dc483132-0cff-0310-8789-dd5450dbe970
* Don't test for stuff not used, used unconditionally, or with feature-test ↵Ken Raeburn2007-03-251-4/+0
| | | | | | macros in k5-int.h available at test time git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19275 dc483132-0cff-0310-8789-dd5450dbe970
* Generate makefiles for two static libs plus the python plugin from the ↵Ken Raeburn2007-03-252-10/+2
| | | | | | top-level configure script git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19270 dc483132-0cff-0310-8789-dd5450dbe970
* Depend on support libraryKen Raeburn2007-03-251-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19268 dc483132-0cff-0310-8789-dd5450dbe970
* Include autoconf.h before testing macros for Python header locationKen Raeburn2007-03-251-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19267 dc483132-0cff-0310-8789-dd5450dbe970
* Never set krb5_force_static. Instead, set the defaults for buildingKen Raeburn2007-03-251-0/+1
| | | | | | | | | | | | | | | | shared libraries, and allow a Makefile.in to include a new makefile fragment for building private (static, not installed) libraries. Created another makefile fragment to be included to indicate the shared library has no dependencies. (Currently this is the case only for the libdb2 library, which we don't install, but do build for testing.) The way we construct the library dependency search path arguments doesn't work for an empty list on some platforms. Updated Makefile.in to use @libpriv_frag@ and @libnodeps_frag@ as necessary. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19265 dc483132-0cff-0310-8789-dd5450dbe970
* Remove traces of enable_shared, enable_static, enable_profiled, andKen Raeburn2007-03-255-9/+0
| | | | | | | build_dynobj. Hard-code the behavior for shared libraries, no static, no profiled. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19261 dc483132-0cff-0310-8789-dd5450dbe970
* Remove separate KRB5_BUILD_LIBRARY_WITH_DEPS macro, just use KRB5_BUILD_LIBRARYKen Raeburn2007-03-255-5/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19260 dc483132-0cff-0310-8789-dd5450dbe970
* Depend on kadm5 server library too, now that we use the config_params callsKen Raeburn2007-03-151-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19228 dc483132-0cff-0310-8789-dd5450dbe970
* Unused macro NEG removedKen Raeburn2007-02-261-1/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19183 dc483132-0cff-0310-8789-dd5450dbe970
* Use krb5.h now for kdb errors, not kdb5_err.hKen Raeburn2007-02-012-3/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19136 dc483132-0cff-0310-8789-dd5450dbe970
* get_init_creds_opt extensibilityTom Yu2007-01-302-1/+55
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | r18922@cathode-dark-space: coffman | 2006-12-04 18:30:15 -0500 First cut at making the get_init_creds_opt structure extendable and adding library functions to set options for preauthentication plugins. This does *not* include a compatibility function to work like Heimdal's krb5_get_init_creds_opt_set_pkinit() function. Hopefully, the test code that doesn't belong in kinit.c is obvious. r18929@cathode-dark-space: coffman | 2006-12-07 10:01:20 -0500 Remove extra "user_id" parameter. Add function which duplicates the Heimdal interface (if we can agree on what the matching attribute names should be). r18934@cathode-dark-space: coffman | 2006-12-08 15:28:03 -0500 Update to use the simplified interface for krb5_get_init_creds_opt_set_pa() Add code in kinit to process "-X" options as preauth options and pass them along. r18936@cathode-dark-space: coffman | 2006-12-11 12:04:26 -0500 Move prototypes for get_init_creds_opt_get_pa() and krb5_get_init_creds_opt_free_pa() into the preauth_plugin.h header rather than krb5.hin. ticket: new status: open component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19127 dc483132-0cff-0310-8789-dd5450dbe970
* Remove varargs.h paths, always use stdarg.hKen Raeburn2007-01-201-14/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19088 dc483132-0cff-0310-8789-dd5450dbe970
* crash creating db2 database in non-existent directoryKen Raeburn2007-01-081-18/+15
| | | | | | | | | | | | * kdb_db2.c (krb5_db2_db_create): If the creation of the first database file fails, return the error, instead of attempting to create the second (and using a null pointer as an input string in formatting a filename). Reported by Jeff Blaine. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19038 dc483132-0cff-0310-8789-dd5450dbe970
* * ldap_principal.c (attributes_set): Swap first two elementsKen Raeburn2007-01-032-2/+4
| | | | | | | | | Also add comments indicating that this array and the KDB_*_ATTR macros need to be in sync. ticket: 5260 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19031 dc483132-0cff-0310-8789-dd5450dbe970
* update ldap/Makefile.in for newer autoconf substitution requirementsKen Raeburn2007-01-031-2/+2
| | | | | | | | | | | | | | | | The other makefile.in files have had the makefile-fragment substitution lines updated to not have "#" at the front, because some recent versions of autoconf require that the @-pattern start at the beginning of the line. We missed plugins/kdb/ldap/Makefile.in at the time. Patch from Michael Calmer. ticket: new target_version: 1.6 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19030 dc483132-0cff-0310-8789-dd5450dbe970
* * Makefile.in (install): Install kdb5_ldap_util.M. Based on patch fromKen Raeburn2007-01-031-0/+1
| | | | | | | | | Michael Calmer. ticket: 3906 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19029 dc483132-0cff-0310-8789-dd5450dbe970
* Some related changes were already in, and I found a couple more to make:Ken Raeburn2006-12-223-13/+18
| | | | | | | | | | | | | | | | | | | | | | | * ldap_realm.c (ldap_filter_correct): Change string argument to char *. Delete length argument, which was always strlen of the string argument, and compute it locally, using size_t instead of (unsigned) int for length-related values. Update all calls. * ldap_realm.h (ldap_filter_correct): Updated declaration. * ldap_misc.c (remove_overlapping_subtrees): Add forward declaration. Make static. (is_principal_in_realm): Change local variable defrealmlen to size_t. (store_tl_data): Change local variable curr to point to unsigned char, since that's what the tl_data_contents array is declared as, and what the STORE16_INT macro is happier with. (krb5_ldap_get_reference_count): Make local variable i unsigned. ticket: 4453 target_version: 1.6 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19009 dc483132-0cff-0310-8789-dd5450dbe970
* Merge r18962 to trunk, with minor tweaks; ready to merge to 1.6 branchKen Raeburn2006-12-201-51/+32
| | | | | | | | | Changes fix up some sample names used, remove some options described from certain commands, and fix filling in man pages. ticket: 5116 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19000 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2006-12-131-17/+25
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18949 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-27 16:44:14 +0000