summaryrefslogtreecommitdiffstats
path: root/src/util
Commit message (Collapse)AuthorAgeFilesLines
...
* Don't output trailing whitespace in depfix.plGreg Hudson2012-12-201-1/+1
| | | | | | | | All of our deps files have a trailing space in the first line, originating from depfix.pl. This space triggers the whitespace checker when generating a new deps file. Get rid of the trailing whitespace in the script; the change will be reflected in the deps files the next time they are regenerated.
* Separate clpreauth and kdcpreauth interfacesGreg Hudson2012-12-192-34/+38
| | | | | | | Since there is no overlap between the clpreauth and kdcpreauth interface declarations, there's no particular reason to combine them into one header. For backward compatibility and convenience, leave behind a preauth_plugin.h which includes both.
* Simplify error message retrievalGreg Hudson2012-12-191-85/+37
| | | | | | Eliminate the scratch_buf field of struct error_info and just return a non-localized constant error message if we can't allocate a copy of the real one. Also rely on a conformant strerror().
* Style cleanup for internal error handlingGreg Hudson2012-12-194-78/+84
| | | | | | | Fix style issues in kerrs.c and errors.c. Rename error handling functions to use shorter k5_ prefix. Eliminate an inoperable krb5int_set_error() call in gic_opte_alloc and convert the other call to use krb5_set_error_message().
* Update mkrel for SPHINX_ARGSTom Yu2012-12-121-2/+2
| | | | | | | | | Update mkrel so that it will explicitly set SPHINX_ARGS=-W to make warnings fatal and so that it will work in an unconfigured tree. ticket: 7497 (new) target_version: 1.11 tags: pullup
* Update mkrel for new doc build processTom Yu2012-11-201-1/+4
| | | | | | ticket: 7453 (new) target_version: 1.11 tags: pullup
* Add automated tests for LDAP KDB moduleGreg Hudson2012-11-151-0/+3
| | | | | | | | | | | | | | Add new tests kdbtest.c and t_kdb.py. Together these exercise most of the code in the LDAP back end. kdbtest is also run against the DB2 module, which is mostly redundant with other tests, but does exercise the lockout logic a little more thoroughly than t_lockout.py can. To test the LDAP back end, we look for slapd and ldapadd binaries in the path. The system slapd is sometimes constrained by AppArmor or the like, which we can typically work around by making a copy of the binary. slapd detaches before listening on its server socket (this got better in 2.4.27 but still isn't perfect), so we unfortunately have to use a one-second sleep in the slapd setup.
* Don't save empty cc_config_out in ccacheGreg Hudson2012-10-242-0/+7
| | | | | | | | | | Add an internal json function to make it easier to detect if an object is empty, and use it to avoid creating a ccache config entry for preauth module config data if there isn't any to save. ticket: 7427 (new) target_version: 1.11 tags: pullup
* Improve C style checkingGreg Hudson2012-10-191-22/+34
| | | | | | | | | * Avoid space-before-paren false positives on some function pointer declarations by checking the identifier for simple type names. * Check for space before close parenthesis. * Check (carefully) for asymmetric spaces around binary operators. * Handle nesting when checking for 2+ line flow control bodies. * Check for asymmetric bracing around else statements.
* Make t_iprop.py faster and more robustGreg Hudson2012-10-121-7/+27
| | | | | | | | | | | | | | | Catch SIGUSR1 in iprop-mode kpropd so that we can use it to interrupt sleeps and make kpropd do an iprop request immediately. In k5test.py, add prod_kpropd and read_from_kpropd methods to allow test scripts to send a SIGUSR1 to kpropd and to read its stdout/stderr output; also allow the test script to specify additional arguments when starting kpropd. In t_iprop.py, start kpropd with -d and, instead of sleeping, read kpropd output until we see an indication that kpropd is in sync with the master. To avoid delays, prod kpropd before waiting for sync and after a completed full prop.
* Fix cast regexp in C style checkerGreg Hudson2012-10-111-1/+1
| | | | | | | In check_cast, we want to match cast operators with or without spaces after the closing paren, and then check for spaces after we match. Also, per the comment, we want to match potential cast operators followed by an open paren.
* De-conditionalize Camellia codeGreg Hudson2012-10-091-9/+8
| | | | | | | | | | The Camellia enctypes and cksumtypes have received IANA assignments. Add #defines using those assignments to krb5.h, remove the CAMELLIA conditional, and enable testing code as appropriate. The Camellia draft has not received an RFC number yet, so there is no Doxygen markup for the enctype and cksumtype #defines. That can be added once the RFC number is known.
* Prep k5test.py for iprop (add start_kpropd(), ...)Nicolas Williams2012-10-081-6/+42
| | | | | | | Add a start_kpropd() method to K5Realm and make start_kadmind() use the kadmind -p, -K, and -F options. ticket: 7378
* Add Python scripts to check for C style issuesGreg Hudson2012-10-042-0/+450
| | | | | | | | | | | util/cstyle-file.py checks a file for C style issues and displays line-by-line output. It is not terribly sophisticated, and can probably be improved upon (e.g. by doing an emacs batch-reindent of the file and checking for differences in indentation). util/cstyle.py produces diffs using git, runs the file checker on each modified C source file in each diff, and displays the output lines attribute to the diff.
* Remove some dead Makefile codeBen Kaduk2012-09-252-30/+0
| | | | | FILES is unused in util/{ss,et}/Makefile.in; some other unused variables were nearby.
* Fix typo in util/support/Makefile.inGreg Hudson2012-09-121-1/+1
|
* make dependGreg Hudson2012-09-121-0/+11
|
* Add internal JSON encoding and decoding supportGreg Hudson2012-09-114-2/+1237
| | | | Add JSON support based loosely on Heimdal's heimbase code.
* Add internal base64 encoding and decoding supportGreg Hudson2012-09-113-3/+266
| | | | Add base64 support based on Heimdal's libroken base64 code.
* Define SED in util/verto/Makefile.inGreg Hudson2012-09-061-0/+1
| | | | | | | When the rules from util/k5ev/Makefile.in were moved to util/verto/Makefile.in, the rule to make rename.h was broken on non-gmake makes because the definition of SED wasn't carried over. Define it now.
* Avoid libdl dependencies in bundled libvertoGreg Hudson2012-09-0421-322/+63
| | | | | | | | | | | | | | The upstream libverto depends on dynamic loading and in particular on dladdr(), which is not universal. To avoid this dependency, stub out support for module loading (by replacing module.c) and instead integrate the k5ev module directly into the bundled verto library. This change removes the need to link, include, and invoke libverto differently depending on whether we're using the bundled library; we can always just link with -lverto and call verto_default(). bigredbutton: whitespace ticket: 7351 (new)
* Update bundled libverto to 0.2.5Greg Hudson2012-09-037-63/+363
|
* Try harder not to use clock_gettime in verto-k5evGreg Hudson2012-09-031-1/+2
| | | | | | | | | | | | We already define EV_USE_REALTIME to 0 to avoid the use of clock_gettime() (to avoid depending on librt). But in some build environments libev can detect support for a monotonic clock, which also results in using clock_gettime(). Define EV_USE_MONOTONIC to 0 as well to prevent this. ticket: 7350 (new) target_version: 1.10.4 tags: pullup
* Stop misusing gss_release_buffer in test programsGreg Hudson2012-08-111-3/+3
| | | | | | | Use free() instead of gss_release_buffer() when freeing the locally allocated context_token in the sample gss-server program. Use gssalloc_free() instead of free when freeing buffers in t_kgss_kernel.c (where we can't use gss_release_buffer).
* Remove the UNICODE defines from wshelperAlexey Melnikov2012-07-161-1/+1
| | | | | | | | | | | wshelper is clearly not intended to use unicode: wprintf is used extensively and exclusively to write to char[] buffers and fields in dns structs are used as explicitly ASCII text. Signed-off-by: Alexey Melnikov <aamelnikov@gmail.com> ticket: 7210 (new) tags: pullup
* Use %i, not %s to Tprintf GetLastError()Kevin Wasserman2012-07-161-1/+1
| | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7206 (new) tags: pullup
* Allow full ccache name in k5test's K5Realm.klistGreg Hudson2012-07-111-1/+4
|
* Pass the user's CPPFLAGS in ALL_CFLAGSBen Kaduk2012-07-061-1/+1
| | | | | | We need them if any headers we depend on are not in the default search path (e.g., gettext.h). These files are built for 'make check' but not for the normal build.
* Enable all localizations in main functionsBen Kaduk2012-07-061-2/+3
| | | | | | | | | | | | | | | Bite the bullet and pass LC_ALL to setlocale() instead of just LC_MESSAGES. Calls to setlocale() itself were introduced in fabbf9e443459e8c0161c84563690ed70c7f6a61 for ticket 6918, but only for LC_MESSAGES since only localized strings were needed and that was the most conservative option. However, klist, kadmin, and kinit (and perhaps others) would benefit from localized formats for times (i.e., LC_TIME). If potentially localized data is being sent on the wire, that is a bug that should be fixed. No such bugs are found with the current test suite, so we are comfortable enabling LC_ALL at this time. ticket: 7192
* Add krb5_kt_client_default APIGreg Hudson2012-07-021-0/+5
| | | | | | | | | | | | | | | | The default client keytab is intended to be used to automatically acquire initial credentials for client applications. The current hardcoded default is a placeholder, and will likely change before 1.11. Add test framework settings to ensure that a system default client keytab doesn't interfere with tests, and to allow tests to be written to deliberately use the default client keytab. Add documentation about keytabs to the concepts section of the RST docs, and describe the default client keytab there. ticket: 7188 (new)
* Remove orphaned KfM codeGreg Hudson2012-06-211-15/+0
|
* Remove big-endian gss-krb5 supportGreg Hudson2012-06-081-2/+0
| | | | | | | | The big_endian flag in krb5_gss_ctx_id_rec is there for interoperability with a really ancient implementation which we believe is no longer in use. Get rid of it and the code to handle it. ticket: 7166 (new)
* Allow daemon debugging in k5test.pyGreg Hudson2012-06-061-6/+8
| | | | | | | Allow --debug to be used for commands which start daemons, to make it easier to debug startup issues. After debugging a daemon, the script will exit, since the daemon won't be running after the debugging session is over.
* Fix k5test.py hostname canonicalizationGreg Hudson2012-06-051-2/+1
| | | | | | | | | | r25844 (#7124) stopped using AI_ADDRCONFIG when canonicalizing hostnames in sn2princ. So we need to also stop using it in k5test.c's _get_hostname() or we could come up with a different result on a system where forward and reverse resolution via IPv4 and IPv6 produce different results. That in turn causes a t_gssapi.py test (the one using the un-canonicalized hostname) to fail, because libkrb5 looks for a different host principal than k5test.py put in the keytab.
* Remove outdated comment in k5test.pyGreg Hudson2012-06-031-17/+0
|
* Add missing $(LIBS) to some shared librariesTom Yu2012-05-171-1/+1
| | | | | | | | | | Add $(LIBS) to the $(SHLIB_EXPLIBS) for some shared libraries which did not previously include it, which prevented gcov from working properly in some cases. Patch from W. Trevor King. ticket: 7138
* Make mkrel work on non-master branchesTom Yu2012-05-151-3/+4
| | | | | | Appending "--" to the git checkout arguments appears to prevent it from automatically creating a local branch from the remote. Also correct the default git URL and clean up a spurious find warning.
* Update CHANGES file generation for GitTom Yu2012-05-141-1/+1
| | | | Use the correct git log invocation for generating the CHANGES file.
* Convert util/mkrel to use git instead of svnGreg Hudson2012-05-141-26/+15
|
* Clean up a redundant assignment in libprofileGreg Hudson2012-05-131-2/+0
|
* Remove find-missing-eol-prop and fix-eol-propGreg Hudson2012-05-122-21/+0
| | | | | Remove two Subversion-specific scripts which are no longer necessary now that the master repository is in git.
* Add API to interpret changepw result stringsGreg Hudson2012-05-091-0/+1
| | | | | | | | | | | | | Active Directory returns structured policy information in the nominally UTF-8 result string field of a password change reply. Add a new API krb5_chpw_message() to convert a result string into a displayable message, interpreting policy information if present. Patch from stefw@gnome.org with changes. ticket: 7128 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25857 dc483132-0cff-0310-8789-dd5450dbe970
* Try all host keys by default in vfy_incredsGreg Hudson2012-05-031-0/+4
| | | | | | | | | | | | | | | Factor out the core code of krb5_verify_init_creds into a helper, add new helper functions to retrieve the list of unique host principals from a keytab, and make krb5_verify_init_creds drive the helper once per host principal. Augment the test harness and test cases to better test the new behavior. Add a k5test method to retrieve an NFS principal for the test realm for the sake of the new test cases. ticket: 7125 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25845 dc483132-0cff-0310-8789-dd5450dbe970
* Add k5test.py helpers for running kadminGreg Hudson2012-04-261-0/+25
| | | | | | | | Add K5Realm.prep_kadmin() to create a ccache and K5Realm.run_kadmin() to run a kadmin query using it. Modify t_stringattr.py to use these helpers instead of its own. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25826 dc483132-0cff-0310-8789-dd5450dbe970
* Flip the default of start_kadmind in k5test.pyGreg Hudson2012-04-262-5/+5
| | | | | | | Very few Python tests need kadmind, so it makes more sense to have to turn it on than to have to turn it off. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25825 dc483132-0cff-0310-8789-dd5450dbe970
* Return kinit output in k5test's K5Realm.kinitGreg Hudson2012-04-191-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25816 dc483132-0cff-0310-8789-dd5450dbe970
* Avoid side effects in assert expressionsGreg Hudson2012-03-091-4/+8
| | | | | | | | | | | | asserts may be compiled out with -DNDEBUG, so it's wrong to use an assert expression with an important side effect. (We also have scores of side-effecting asserts in test programs, but those are less important and can be dealt with separately.) ticket: 7105 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25760 dc483132-0cff-0310-8789-dd5450dbe970
* Require IPv6 supportKen Raeburn2012-02-281-11/+0
| | | | | | | | | | | | | | The configure-time options to enable and disable IPv6 support have been deprecated for some time, but the checks for OS support were kept. This removes those checks, and unconditionally compiles in the IPv6 support. There was a configure-time test to see if the macro INET6 needed to be defined in order to enable (visibility of) OS support for IPv6, which was needed on an IRIX system we tested with. That check is retained, but the revised code is untested on IRIX. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25719 dc483132-0cff-0310-8789-dd5450dbe970
* Revert r25669 pending clarification of goals and API reviewTom Yu2012-02-033-71/+2
| | | | | | | New APIs of this sort should be discussed, and the goals motivating the change clarified. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25670 dc483132-0cff-0310-8789-dd5450dbe970
* Added a new trace logging message TRACE_PROFILE_ERR to improve the ↵Zhanna Tsitkov2012-02-033-2/+71
| | | | | | | | | | diagnostics of the potential misconfiguration. Added profile_get_(string/integer/boolean)_nodef functions to the profile library to get the typed values from the configuration files (without setting these values to the defaults). Used TRACE_PROFILE_ERR for the configuration diagnostics in krb5_init_context_profile API. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25669 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-27 14:22:06 +0000