summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Check for strdup failure. Fix a memory leak in one failure caseKen Raeburn2008-06-271-0/+32
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20488 dc483132-0cff-0310-8789-dd5450dbe970
* misc uninitialized-storage accessesKen Raeburn2008-06-273-3/+5
| | | | | | | | | Fix some miscellaneous uninitialized-storage uses, mainly in unlikely error paths. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20487 dc483132-0cff-0310-8789-dd5450dbe970
* fix ktutil listing with timestampKen Raeburn2008-06-271-1/+2
| | | | | | | | | | ktutil's "list -t" option is supposed to show the timestamp stored in the keytab file. Instead, it shows some random (uninitialized) value, interpreted as a timestamp. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20486 dc483132-0cff-0310-8789-dd5450dbe970
* use-after-free bugsKen Raeburn2008-06-274-6/+4
| | | | | | | | | | | Fix some bugs with storage being used immediately after being freed. None look like anything an attacker can really manipulate AFAICT. ticket: new target_version: 1.6.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20485 dc483132-0cff-0310-8789-dd5450dbe970
* When returning an error, don't also pass back an invalid pointerKen Raeburn2008-06-271-1/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20484 dc483132-0cff-0310-8789-dd5450dbe970
* call kg_delete_lucidctx_id before freeing, not afterKen Raeburn2008-06-271-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20483 dc483132-0cff-0310-8789-dd5450dbe970
* Memory leak, and possible freed-memory dereference, in an error (smallKen Raeburn2008-06-271-1/+1
| | | | | | | | allocation failure) path. ticket: 5997 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20482 dc483132-0cff-0310-8789-dd5450dbe970
* misc memory leaksKen Raeburn2008-06-2710-16/+39
| | | | | | | | | | | | Fix various memory leaks that show up mostly in error cases (e.g., failure to allocate one small object, and then we forget to free another one). ticket: new target_version: 1.6.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20481 dc483132-0cff-0310-8789-dd5450dbe970
* fix free of automatic storageKen Raeburn2008-06-271-4/+4
| | | | | | | | | | | Fix a possible free of automatic storage that can happen on an (unlikely) encoding failure. ticket: new target_version: 1.6.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20480 dc483132-0cff-0310-8789-dd5450dbe970
* Don't do FD_SETSIZE check on Windows.Ken Raeburn2008-06-271-1/+3
| | | | | | | | | | | Also, for form's sake, use closesocket instead of close inside the check. Kevin or Jeff, could you please verify that the code works again? ticket: 5925 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20479 dc483132-0cff-0310-8789-dd5450dbe970
* Fix off-by-one error in range check on file descriptor numberKen Raeburn2008-06-271-1/+1
| | | | | | | ticket: new target_version: 1.6.4 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20478 dc483132-0cff-0310-8789-dd5450dbe970
* Fix possible null pointer deref, possible uninit ptr use, possibleKen Raeburn2008-06-271-6/+13
| | | | | | | | | leak in unlikely small-allocation failure case. ticket: new target_version: 1.6.4 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20477 dc483132-0cff-0310-8789-dd5450dbe970
* Apple PKINIT LKDC supportAlexandra Ellwood2008-06-263-21/+96
| | | | | | | ticket: 5968 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20476 dc483132-0cff-0310-8789-dd5450dbe970
* Rolled back patch because tickets 4495 and 5124 fix this bugAlexandra Ellwood2008-06-251-4/+1
| | | | | | | | in a different way. ticket: 5991 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20474 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_do_preauth_tryagain should check for NULL padataAlexandra Ellwood2008-06-251-1/+4
| | | | | | | | | | Fixed so krb5_do_preauth_tryagain no longer crashes on NULL padata but instead returns an error. ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20473 dc483132-0cff-0310-8789-dd5450dbe970
* kadm5_setkey_principal_3 not copying key_data_ver and key_data_kvnoAlexandra Ellwood2008-06-251-0/+2
| | | | | | | | | Added lines to copy these fields. ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20472 dc483132-0cff-0310-8789-dd5450dbe970
* Add new launchd flags to CCacheServer plist fileAlexandra Ellwood2008-06-251-0/+9
| | | | | | | | | | | | | | | | Added LimitLoadToSessionType "Background" to launch the CCacheServer once per user rather than only for GUI sessions. Added ThrottleInterval key to allow the CCacheServer to relaunch frequently. Set CFFIXED_USER_HOME environment variable to prevent the CCacheServer from accessing the user's home directory. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20471 dc483132-0cff-0310-8789-dd5450dbe970
* Bump minor version number. Update dependenciesKen Raeburn2008-06-251-1/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20470 dc483132-0cff-0310-8789-dd5450dbe970
* kdb library now depends on gssrpc; add it to link commandsKen Raeburn2008-06-251-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20469 dc483132-0cff-0310-8789-dd5450dbe970
* Pull in xdr_sizeof from tirpc2.3 (which has the same license as our current ↵Ken Raeburn2008-06-255-0/+171
| | | | | | rpc code) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20468 dc483132-0cff-0310-8789-dd5450dbe970
* Include kdb_log.h for missing prototypes. Declare conv_princ_2db &Ezra Peisach2008-06-241-2/+3
| | | | | | conv_princ_2ulog as static as they are not exported or used outside this file. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20466 dc483132-0cff-0310-8789-dd5450dbe970
* Merge from branch sun-ipropKen Raeburn2008-06-2448-188/+5843
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20465 dc483132-0cff-0310-8789-dd5450dbe970
* Suppress some glibc issues found on x86_64Ken Raeburn2008-06-201-0/+69
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20445 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unused fileKen Raeburn2008-06-201-86/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20434 dc483132-0cff-0310-8789-dd5450dbe970
* Remove test115 for 'bad client params', no longer appropriateKen Raeburn2008-06-191-104/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20429 dc483132-0cff-0310-8789-dd5450dbe970
* This patch is derived from a patch originally submitted to RTJeffrey Altman2008-06-182-2/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | by: Nik Conwell <nik@bu.edu> krb5_set_real_time() accepts as input the time of the KDC or an application server as a combination of seconds and microseconds. Often it is the case that the time source does not provide the real time with less than one second granularity. Up until this patch such a caller would fill in the microseconds parameter as zero. krb5_set_real_time() would treat the zero microseconds as the actual reported time and compute a microsecond based offset. During a one second window subsequent calls to krb5_set_real_time() would have an ever increasing offset size until the number of seconds is incremented. This in turn produces a side effect in which the microseconds value of the local clock is effectively erased. If there are multiple processes or threads on the same machine each requesting service tickets using the same client principal for the same service principal where the number of seconds reported by the KDC are equivalent, then they will now all create authenticators with exactly the same timestamp. As a result, the authenticating service will detect a replay attack even though the authenticators are actually unique. The replay cache only maintains a tuple of client, server and timestamp. This patch modifies the interpretation of the microseconds parameter. If -1 is specified, the microseconds offset is ignored. ticket: 5924 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20413 dc483132-0cff-0310-8789-dd5450dbe970
* Disable check for invalid client-side admin config parameters in theKen Raeburn2008-06-181-1/+5
| | | | | | | config file. Since KDC configuration parameters can now be put in krb5.conf, this doesn't make sense any more. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20411 dc483132-0cff-0310-8789-dd5450dbe970
* cci_credentials_iterator_release using wrong message IDAlexandra Ellwood2008-06-181-1/+1
| | | | | | ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20410 dc483132-0cff-0310-8789-dd5450dbe970
* Factor out repeated code for looking up string, port, or deltat config paramsKen Raeburn2008-06-111-150/+144
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20395 dc483132-0cff-0310-8789-dd5450dbe970
* Don't build spx.o, since we never enable SPXKen Raeburn2008-06-111-4/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20392 dc483132-0cff-0310-8789-dd5450dbe970
* New target 'undepend' for temporarily removing generated dependency infoKen Raeburn2008-06-111-1/+16
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20390 dc483132-0cff-0310-8789-dd5450dbe970
* Don't use private copy of syslog.h. Rebuild dependenciesKen Raeburn2008-06-1013-192/+69
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20386 dc483132-0cff-0310-8789-dd5450dbe970
* Warn against new uses of kadm5_config_params.dbname fieldKen Raeburn2008-06-101-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20384 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of handling of set-but-unused kadm5_config_params.admin_dbnameKen Raeburn2008-06-104-19/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20383 dc483132-0cff-0310-8789-dd5450dbe970
* Remove documentation for no-longer-supported admin_dbname argumentKen Raeburn2008-06-101-6/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20382 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of handling of set-but-unused kadm5_config_params.admin_lockfileKen Raeburn2008-06-104-16/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20381 dc483132-0cff-0310-8789-dd5450dbe970
* Don't check for NULL before calling free or krb5_xfreeKen Raeburn2008-06-091-43/+21
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20379 dc483132-0cff-0310-8789-dd5450dbe970
* Report file name in detailed cache creation errorKen Raeburn2008-06-081-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20371 dc483132-0cff-0310-8789-dd5450dbe970
* Do hash stuff with unsigned mathKen Raeburn2008-06-081-8/+9
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20370 dc483132-0cff-0310-8789-dd5450dbe970
* Annotate that 'protocol' in svc_register means an IPPROTO_ valueKen Raeburn2008-06-061-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20367 dc483132-0cff-0310-8789-dd5450dbe970
* On Mac OS X, try poking launchd to get the portmapper launched beforeKen Raeburn2008-06-061-3/+55
| | | | | | we try to connect to it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20364 dc483132-0cff-0310-8789-dd5450dbe970
* Check for GSS_C_NO_CREDENTIAL before loop checkKen Raeburn2008-06-061-3/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20363 dc483132-0cff-0310-8789-dd5450dbe970
* We're not using this makedepend implementation any moreKen Raeburn2008-06-0410-3026/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20362 dc483132-0cff-0310-8789-dd5450dbe970
* Revert a few const specs to reduce warningsKen Raeburn2008-06-031-5/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20358 dc483132-0cff-0310-8789-dd5450dbe970
* Fix various minor format-string issuesKen Raeburn2008-06-037-22/+25
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20356 dc483132-0cff-0310-8789-dd5450dbe970
* Passing 0 to krb5_build_principal requires a castKen Raeburn2008-06-031-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20355 dc483132-0cff-0310-8789-dd5450dbe970
* Don't use 'log' as a global variable nameKen Raeburn2008-06-021-40/+40
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20354 dc483132-0cff-0310-8789-dd5450dbe970
* Explicitly note number as unsigned to shut gcc upKen Raeburn2008-06-021-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20353 dc483132-0cff-0310-8789-dd5450dbe970
* Partial const-ification, as indicated by the modern Tcl API, exceptKen Raeburn2008-06-022-93/+104
| | | | | | for any bits that would require changing the admin APIs. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20352 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a few incompatible-pointer warnings that aren't just about signednessKen Raeburn2008-06-025-13/+17
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20351 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-10-16 06:52:31 +0000