summaryrefslogtreecommitdiffstats
path: root/src/slave/kprop.c
Commit message (Collapse)AuthorAgeFilesLines
* Avoid deprecated krb5_get_in_tkt_with_keytabBen Kaduk2013-11-041-21/+13
| | | | | | | | | | | | | | | | | | | | | The kprop code has been pretty unloved, and uses some routines that are marked as deprecated (which show up as warnings in the build log). Use the documented replacement for krb5_get_in_tkt_with_keytab, krb5_get_init_creds_keytab, instead. As a bonus, there is no longer a side effect of a credentials cache that needs to be destroyed. The also-deprecated function krb5_get_in_tkt_with_skey was backending to it when no keyblock was passed in; we can unroll the call to krb5_get_init_creds_keytab ourselves as the documented workaround. While here, improve style compliance with regards to cleanup. The setkey test just wants to know whether it can use the key it just put into a keytab to get credentials; as such the recommended krb5_get_init_creds_keytab is quite sufficient. While here, use that interface to request the particular enctype as well, reducing the scope of an XXX comment. ticket: 6366
* Remove last uses of "possibly-insecure" mktemp(3)Ben Kaduk2013-11-041-9/+7
| | | | | | | | | | | | | | | | | | | | Many libc implementations include notations to the linker to generate warnings upon references to mktemp(3), due to its potential for insecure operation. This has been the case for quite some time, as was noted in RT #6199. Our usage of the function has decreased with time, but has not yet disappeared entirely. This commit removes the last few instances from our tree. kprop's credentials never need to hit the disk, so a MEMORY ccache is sufficient (and does not need randomization). store_master_key_list is explicitly putting keys on disk so as to do an atomic rename of the stash file, but since the stash file should be in a root-only directory, we can just use a fixed name for the temporary file. When using this fixed name, we must detect (and error out) if the temporary file already exists; add a test to confirm that we do so. ticket: 1794
* Fix various warningsGreg Hudson2013-06-071-2/+2
|
* Allow using locales when gettext is absentBen Kaduk2012-07-061-0/+1
| | | | | | | | | | | Previously, if configure did not detect dgettext(), we disabled anything that smelled like localization, inadvertently including setlocale(). Now that we use setlocale(LC_ALL, ""), we have localized dates available as well as messages, so we should not disable calls to setlocale() any more. Since the routines from locale.h are only used in a relatively small number of places, just include the header directly in those files and remove it from k5-platform.h.
* Enable all localizations in main functionsBen Kaduk2012-07-061-1/+1
| | | | | | | | | | | | | | | Bite the bullet and pass LC_ALL to setlocale() instead of just LC_MESSAGES. Calls to setlocale() itself were introduced in fabbf9e443459e8c0161c84563690ed70c7f6a61 for ticket 6918, but only for LC_MESSAGES since only localized strings were needed and that was the most conservative option. However, klist, kadmin, and kinit (and perhaps others) would benefit from localized formats for times (i.e., LC_TIME). If potentially localized data is being sent on the wire, that is a bug that should be fixed. No such bugs are found with the current test suite, so we are comfortable enabling LC_ALL at this time. ticket: 7192
* Suppress some gcc uninitialized variable warningsGreg Hudson2012-03-221-2/+3
| | | | | | | | ticket: 7107 gcc 4.6.2 reportedly finds some spurious maybe-uninitialized warnings. Suppress them. Patch from Eray Aslan with some adjustment. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25783 dc483132-0cff-0310-8789-dd5450dbe970
* Always include fake-addrinfo.h when using getaddrinfo and friendsKen Raeburn2011-07-011-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25011 dc483132-0cff-0310-8789-dd5450dbe970
* Use AI_ADDRCONFIG for more efficient getaddrinfoGreg Hudson2011-06-231-0/+1
| | | | | | | | | | | | | | | Add AI_ADDRCONFIG to the hint flags for every invocation of getaddrinfo which wasn't already using it. This is often the default behavior when no hints are specified, but we tend to specify hints a lot, so we have to say it ourselves. AI_ADDRCONFIG causes AAAA lookups to be skipped if the system has no public IPv6 interface addresses, usually saving a couple of DNS queries per getaddrinfo call and allowing DNS caching to be much more effective without the need for negative caching. ticket: 6923 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24978 dc483132-0cff-0310-8789-dd5450dbe970
* Add setlocale() calls to main functionsGreg Hudson2011-06-101-0/+1
| | | | | | ticket: 6918 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24963 dc483132-0cff-0310-8789-dd5450dbe970
* Mark up strings for translationGreg Hudson2011-06-101-63/+60
| | | | | | ticket: 6918 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24961 dc483132-0cff-0310-8789-dd5450dbe970
* Adjust most C source files to match the new standards for copyrightGreg Hudson2011-03-091-5/+1
| | | | | | and license comments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24695 dc483132-0cff-0310-8789-dd5450dbe970
* Handle referral realm in kprop client principalGreg Hudson2010-11-161-3/+17
| | | | | | | | | | | | | | | kprop uses krb5_sname_to_principal() to determine its client principal. If the local hostname cannot be mapped to a realm based on the profile's domain_realm section, krb5_sname_to_principal() will (as of 1.6) return a principal with the referral realm (""), which does not work in a client principal. Handle this by substituting the default realm. ticket: 6819 target_version: 1.9 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24518 dc483132-0cff-0310-8789-dd5450dbe970
* Use getaddrinfo() in kprop and kpropd, and recognize IPv6 addressesGreg Hudson2010-06-111-80/+63
| | | | | | | | | | | | | when setting up krb5_address structures. kpropd still only binds to one socket to avoid the need for a select() loop, so we turn off IPV6_V6ONLY on that socket to ensure that IPv4 connections will still be accepted. Based on a patch from Michael Stapelberg <michael@stapelberg.de>. ticket: 6686 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24134 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate some uses of variables as format strings. Based on a patchGreg Hudson2010-05-031-1/+1
| | | | | | | | from Guillaume Rousse <Guillaume.Rousse@inria.fr>. ticket: 6714 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23963 dc483132-0cff-0310-8789-dd5450dbe970
* Reformat some open-paren issues. Remove kprop.c and kpropd.c fromTom Yu2009-11-061-585/+576
| | | | | | exclusions. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23140 dc483132-0cff-0310-8789-dd5450dbe970
* make mark-cstyleTom Yu2009-10-311-35/+35
| | | | | | make reindent git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unnecessary pointer casts in args to free,memcpy,memset,memchr except ↵Ken Raeburn2009-02-021-6/+6
| | | | | | unicode, windows code git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21875 dc483132-0cff-0310-8789-dd5450dbe970
* Convert many uses of sprintf to snprintf or asprintfGreg Hudson2008-12-011-6/+6
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21258 dc483132-0cff-0310-8789-dd5450dbe970
* Use asprintf instead of malloc/strcpy/strcat in many placesGreg Hudson2008-10-201-11/+3
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20901 dc483132-0cff-0310-8789-dd5450dbe970
* Use strdup in place of malloc/strcpy in many placesGreg Hudson2008-10-201-2/+1
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20898 dc483132-0cff-0310-8789-dd5450dbe970
* bad free in kpropKen Raeburn2008-08-061-1/+1
| | | | | | | | | | Don't free automatic storage after sending database. ticket: new target_version: 1.6.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20611 dc483132-0cff-0310-8789-dd5450dbe970
* use-after-free bugsKen Raeburn2008-06-271-2/+2
| | | | | | | | | | | Fix some bugs with storage being used immediately after being freed. None look like anything an attacker can really manipulate AFAICT. ticket: new target_version: 1.6.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20485 dc483132-0cff-0310-8789-dd5450dbe970
* Change kprop and kpropd to fall back on port 754 if krb5_prop isn'tRuss Allbery2006-06-131-6/+3
| | | | | | | | | | available via getservbyname rather than failing. Ticket: 3268 Version_Reported: 1.4.2 Component: krb5-misc git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18123 dc483132-0cff-0310-8789-dd5450dbe970
* * configure.in: Add KRB5_GETSOCKNAME_ARGS and KRB5_GETPEERNAME_ARGSEzra Peisach2001-12-061-1/+5
| | | | | | | * kprop.c, kpropd.c: Use GETSOCKNAME_ARG3_TYPE and GETPEERNAME_ARG3_TYPE. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14051 dc483132-0cff-0310-8789-dd5450dbe970
* Don't conditionalize prototypes; delete macros supporting it. (Maybe overdone;Ken Raeburn2001-10-101-12/+12
| | | | | | don't worry about restoring them when importing new versions of code.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@13792 dc483132-0cff-0310-8789-dd5450dbe970
* * kprop.c, kpropd.c: Use krb5_set_principal_realm() instead ofEzra Peisach2000-10-171-6/+12
| | | | | | freeing library generated memory using the internal krb5_xfree(). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12769 dc483132-0cff-0310-8789-dd5450dbe970
* * kpropd.c, kprop.c: Ensure size of database sent OTW as 4 bytesEzra Peisach2000-10-141-5/+9
| | | | | | | | | instead of sizeof(int). In the past we assumed that the client and server had the same concept on int size. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12757 dc483132-0cff-0310-8789-dd5450dbe970
* * kprop.c, kpropd.c: Compiler warning fixes including: notEzra Peisach2000-08-031-80/+105
| | | | | | | | | shadowing global variabls/functions, assignments in conditionals, declaring local functions static. * configure.in: Check for mode_t being defined. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12602 dc483132-0cff-0310-8789-dd5450dbe970
* pullup from 1.2-beta4Ken Raeburn2000-06-301-6/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12472 dc483132-0cff-0310-8789-dd5450dbe970
* copyright notice updates from 1.1 branchKen Raeburn1999-09-241-1/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@11853 dc483132-0cff-0310-8789-dd5450dbe970
* main returns int, not void. ANSI X3.159-1989Ezra Peisach1998-01-211-1/+1
| | | | | | 2.1.2.2.1 says so, and gcc now warns about it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@10370 dc483132-0cff-0310-8789-dd5450dbe970
* Remove krb5_xfree from the public interfaceRichard Basch1997-02-181-5/+5
| | | | | | | Implement krb5_free_data & krb5_free_data_contents to cleanup krb5_data structures and data contents allocated by the krb5 library. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9904 dc483132-0cff-0310-8789-dd5450dbe970
* Merge V1_0_FREEZE_3 into the mainline. (Note this merge does *not*Theodore Tso1996-12-131-1/+1
| | | | | | include the doc subtree!!) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9632 dc483132-0cff-0310-8789-dd5450dbe970
* Check the error return from krb5_init_context(), and print an errorTheodore Tso1996-11-081-2/+5
| | | | | | message if necessary. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@9345 dc483132-0cff-0310-8789-dd5450dbe970
* fix spelling errorMark Eichin1996-04-091-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7774 dc483132-0cff-0310-8789-dd5450dbe970
* Corrected several memory leaks and unreferenced memory access conditionsRichard Basch1996-03-151-7/+10
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7644 dc483132-0cff-0310-8789-dd5450dbe970
* * kprop.c: Write a byte to the last-prop file to ensure the fileRichard Basch1996-03-121-0/+1
| | | | | | modtime is updated. Simply opening the file isn't sufficient. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7609 dc483132-0cff-0310-8789-dd5450dbe970
* * kprop.c: The credentials cache should be destroyed after any errorRichard Basch1996-03-061-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7598 dc483132-0cff-0310-8789-dd5450dbe970
* * kprop.c: Call krb5_sname_to_principal rather than doing the OS calls.Richard Basch1996-03-051-41/+24
| | | | | | | | | | | | Removed a trailing ; that caused a spurious message to be printed even upon success. * kpropd.c: Call krb5_sname_to_principal rather than doing the OS calls. Open the lock file read-write, as required by POSIX. Downgrade the lock to a shared lock prior to the execution of kdb5_edit (it also tries to place a shared lock on the dump file). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7595 dc483132-0cff-0310-8789-dd5450dbe970
* Always include <fcntl.h> instead of checking for <sys/fcntl.h>Richard Basch1996-01-041-5/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7271 dc483132-0cff-0310-8789-dd5450dbe970
* Pass fds to krb5_lock_file() and krb5_unlock_file()Chris Provenzano1995-08-161-11/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6539 dc483132-0cff-0310-8789-dd5450dbe970
* fix spelling of "canonicalize"Mark Eichin1995-08-161-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6534 dc483132-0cff-0310-8789-dd5450dbe970
* Changes for Macintosh implementationKeith Vetter1995-07-061-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6229 dc483132-0cff-0310-8789-dd5450dbe970
* changes to accomodate redefinition of krb5_auth_contextTom Yu1995-06-111-5/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6035 dc483132-0cff-0310-8789-dd5450dbe970
* kprop.M and kpropd.M: Document -P (port) optionEzra Peisach1995-05-201-11/+48
| | | | | | | | | | | | | | kprop.h: Change path to kdb5_edit to reflect current reality. (should be determined by configure....) kpropd.c: use krb5_int32 for over-the-wire length of database Make -s (srvtab) option work. kprop.c: Add support for keytab and port specification Add call to krb5_auth_setaddrs Use krb5_int32 for OTW db length git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5827 dc483132-0cff-0310-8789-dd5450dbe970
* * kprop.c : Use new calling conventions for krb5_sendauth(),Chris Provenzano1995-03-271-52/+41
| | | | | | | | | krb5_mk_safe(), krb5_rd_safe() and krb5_mk_priv(). * kpropd.c : Use new calling conventions for krb5_recvauth(), krb5_mk_safe(), krb5_rd_safe() and krb5_rd_priv(). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5266 dc483132-0cff-0310-8789-dd5450dbe970
* kpropd.c (PRS): Don't bother initializing server_addrs sinceTheodore Tso1995-03-241-11/+1
| | | | | | | | | it's not used. kprop.c (get_tickets): Remove the call to krb5_os_localaddr() since get_in_tkt_XXXX will default appropriately. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5235 dc483132-0cff-0310-8789-dd5450dbe970
* Avoid <krb5/...> includesJohn Gilmore1995-02-281-9/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5017 dc483132-0cff-0310-8789-dd5450dbe970
* * kprop.c Call krb5_sendauth() with new calling conventionChris Provenzano1995-02-231-25/+31
| | | | | | | * kprop.c (kerberos_authenticate()), (xmit_database()), cleaned up to not use globals. Instead use krb5_creds * args. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@4994 dc483132-0cff-0310-8789-dd5450dbe970
* * kprop.c Use krb5_get_in_tkt_with_keytab() instead ofChris Provenzano1995-02-081-4/+2
| | | | | | krb5_get_in_tkt_with_skey(). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@4923 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-26 02:47:55 +0000