summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* NIM: do not permit resizing of filler columnsJeffrey Altman2007-08-241-1/+2
| | | | | | | | | | | | | | | | | | | | | | The credentials display of Network Identity Manager allows the user to change the order and size of the displayed columns. However, some columns are not resizable. An oversight in the earlier code allowed the user to change the size of "filler" columns. These columns are sized to fill up the remainder of the display area after the other columns have been allocated. Their width is determined by the size of the credentials display and the width of the other columns. They are used in the basic view where the only columns are the flags column (fixed width) and the identity column (filler). This patch prevents the "filler" columns (columns with the KHUI_CW_COL_FILLER flag) from being resized. ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19858 dc483132-0cff-0310-8789-dd5450dbe970
* NIM: Cannot cancel timers which have inserted a WM_TIMER message into the queueJeffrey Altman2007-08-241-5/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The credentials view in Network Identity Manager displays several user interface elements that need to be updated periodically such as any fields that denote the time remaining for a credential or an identity, or an icon and coloring used to indicate the expiration state. When the display rows are computed, the credentials view creates a set of timers that reference each row that times out when that row needs to be redrawn. Since the rows change when switching views or when the outline is recomputed, all the timers are canceled and re-scheduled. However, a race conditions exists where the timer times-out before it is canceled, in which case a WM_TIMER message is placed in the credential window's message queue. Windows does not support canceling a timer that has already fired and has been placed on the message queue. By the time the WM_TIMER message is received by the window, the rows of the display would have been recomputed and the row that the message references may not be what it intended to reference. A spurious WM_TIMER message is harmless when it refers to a row corresponding to a credential. However, the existing code assumed that if a timer event is received that referred to an outline row, then that outline must be an expanded view of an identity, which is currently the only type of outline row that receives timers. This assumption does not always hold in the case of a spurious WM_TIMER message and may lead to the code attempting to use the outline data as a handle to an identity. The patch fixes the problem by checking if the row is actually an expanded view of an identity and ignoring the message if it is not. ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19857 dc483132-0cff-0310-8789-dd5450dbe970
* NIM: Context menu selection issuesJeffrey Altman2007-08-241-15/+40
| | | | | | | | | | | | | | | | | | | | | | | | The handler for WM_CONTEXTMENU in the credentials view of Network Identity Manager assumed that the context menu was invoked using the mouse. If it was, then the message parameters would specify the x and y co-ordinates of the mouse. The context menu can also be invoked via the keyboard, in which case the x- and y- coordinates are set to (-1,-1). An additional problem with the code is that it was not selecting the row that was right-clicked on if it was not already selected. This results in the some of the commands on the context menu targetting credentials that the user didn't intend to target. This patch adds support for handling the context menu when it is invoked via the keyboard and also sets the selection to the row that was right-clicked if the user invokes the context menu using the mouse. ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19856 dc483132-0cff-0310-8789-dd5450dbe970
* NIM: Color SchemasJeffrey Altman2007-08-243-248/+365
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The default color scheme used by the Network Identity Manager credentials display can sometimes cause the text to be difficult to read. In addition, since some of the colors are derived from colors used by the current Windows theme, the selection, window background and text colors may be mismatched with the colors that are hardcoded into the application. To rememdy this problem, this patch defines a new set of colors that will be used with the credentials display. The new scheme doesn't use a special color to distinguish the default identity which is already indicated with the text "(Default)" displayed alongside it. Instead the colors are used to denote the remaining lifetime of credentials and identities. Also, the color scheme defines all the colors that it uses instead of deriving some of them from the Windows color scheme. All the color information is now kept in the Network Identity Manager UI schema. The schema automatically maps to the registry, so users (and deployers) can override the colors by creating the necessary registry keys and values. The registry keys containing color information are: Software\MIT\NetIDMgr\CredWindow\Themes and Software\MIT\NetIDMgr\CredWindow\Themes\Default The "Default" key contains the default color scheme. The color value names are defined in ui\uiconfig.csv under Themes\_Schema configuration subspace. Each color is represented by a 32-bit number. The low-order 24 bits contain a COLORREF value. The high-order 8 bits contain an alpha value which, if non-zero, will be used to blend the color with the selection color (color value named ClrSelection). ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19855 dc483132-0cff-0310-8789-dd5450dbe970
* NIM: New command-line options --hide and --show / new command-line help dialogJeffrey Altman2007-08-249-925/+1145
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Add two command-line options to the Network Identity Manager application: --hide : If there is already an instance of Network Identity Manager running in the user's session, this will cause the main window of that instance to be hidden. --show : Unhides the main window of the running instance. If no options are specified when starting netidmgr.exe while another instance is running, the running instance will perform the default action as configured in the user's preferences. By default, this will be to show the main window. The message box that displayed the command-line options if an invalid option is specified has been replaced with a dialog box that shows the options in a more readable rich text control. The contents of the control are specified in ui/lang/<lang>/cmdline.rtf. Do not edit cmdline.rtf with Microsoft Word. The output of Word is incompatible with the RichEdit20 component. ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19854 dc483132-0cff-0310-8789-dd5450dbe970
* NIM: Identity Configuration Panel FixesJeffrey Altman2007-08-241-8/+48
| | | | | | | | | | | | | | | | | | | | | | | | | In the identity configuration panel of Network Identity Manager, the user can specify a new identity which can then be configured. The existing code didn't check if the identity specified by the user already exists. The patch adds the check. If the identity already exists, the user is notified as such. Another bug prevented the user from configuring an identity that was added back in following the deletion of the same identity during the same session. The deleted status of the identity was not reset when it was added back. Additionally, this patch adds code that has already been added to the new credentials dialog to apply Windows XP theme textures to the child dialogs used as tab panels in the configuration dialog. Child dialogs don't automatically adjust the theme settings based on whether it is nested inside a tab control. The theme must be applied manually. ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19853 dc483132-0cff-0310-8789-dd5450dbe970
* NIM: resource leak in khui_action_trigger()Jeffrey Altman2007-08-241-0/+1
| | | | | | | | | | | | | | | | | | The khui_action_trigger() function in the Network Identity Manager API creates a copy of the current user interface context (which contains information about the credentials and identities that are currently selected) before triggering the requested action. Then it will use the copy to restore the user interface context to its previous state. A coding error results in the copy of the context to never be released. As a result there is a resource leak. The attached patch fixes the leak by releasing the context once it is no longer needed. ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19852 dc483132-0cff-0310-8789-dd5450dbe970
* no unistd.h on WindowsJeffrey Altman2007-08-241-0/+2
| | | | | | | | do not include unistd.h on Windows because it doesn't exist ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19851 dc483132-0cff-0310-8789-dd5450dbe970
* cleanup src/lib/gssapi/krb5/error_map.h on WindowsJeffrey Altman2007-08-241-0/+2
| | | | | | | | during 'clean' delete the generated file error_map.h ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19850 dc483132-0cff-0310-8789-dd5450dbe970
* Add documentation for CCAPIAlexandra Ellwood2007-08-231-128/+1161
| | | | | | | | | Added Doxygen-based documentation to CredentialsCache.h and checked in a copy of the html output of that documentation. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19849 dc483132-0cff-0310-8789-dd5450dbe970
* Use -Wno-format-zero-length if GCC version supports itKen Raeburn2007-08-231-0/+13
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19848 dc483132-0cff-0310-8789-dd5450dbe970
* Added errmap.h to the generate-files-mac targetAlexandra Ellwood2007-08-201-1/+1
| | | | | | ticket: 5654 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19846 dc483132-0cff-0310-8789-dd5450dbe970
* read_entropy_from_device on partial read will not fill bufferEzra Peisach2007-08-201-4/+6
| | | | | | | | | | | | | | | read_entropy_from_device() will loop in read until the desired number of bytes are read from the device (/dev/random, /dev/urandom). I have observed that for /dev/random, if there is not enough bits available for reading - it will return a partial read. The code would loop in this case, but never advance the location to place the new bytes - hence the start of the buffer would be filled again - leaving the tail end as stack garbage. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19845 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2007-08-1648-1731/+1897
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19832 dc483132-0cff-0310-8789-dd5450dbe970
* remap mechanism-specific status codes in mechglue/spnegoKen Raeburn2007-08-1643-96/+1191
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch creates a mapping in the mechglue/spnego code to modify mechanism status codes when passing them back to the application, so that mechglue's display_status dispatcher can determine the correct mechanism to dispatch to. This is part of the "get enhanced error messages from gssapi applications" project; ticket 5590 has updates to the Kerberos 5 mechanism to extract enhanced error messages (when there are any) from the Kerberos library. util/gen.pl, util/t_*.pm: New code generation script and templates. lib/gssapi/generic: Add a new, global mapping that enumerates the {mechOID,status} pairs as they're seen, allowing a magic mechOID value to indicate com_err error codes from mechglue and spnego, and reserving status code 0 for unknown errors. Preload the Kerberos "wrong principal" error code once for each mechanism OID used for Kerberos, so the entries get fixed positions (1-3) in the table. lib/gssapi/gss_libinit.c: Call the initializer and destructor functions. lib/gssapi/mechglue, lib/gssapi/spnego: Enter all mechanism-generated or locally-generated status codes into the mapping table, and return the table index to the application. Do the reverse in display_status, to get the messages from the mechanism.. lib/rpc: Define new function gssrpcint_printf to use for debugging instead of printf, to redirect output away from dejagnu; add a couple more debugging calls. Check for minor status codes 1-3 now instead of KRB5KRB_AP_WRONG_PRINC. tests/dejagnu/krb-standalone/gssftp.exp: Test getting more detailed error messages back, by having the ftp client attempt to authenticate to a non-existent service, and examining the error message for the service principal name. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19831 dc483132-0cff-0310-8789-dd5450dbe970
* (krb5_gss_internal_release_oid): Always clear *minor_statusKen Raeburn2007-08-161-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19830 dc483132-0cff-0310-8789-dd5450dbe970
* Only do fake-install in pkinit if building pkinitKen Raeburn2007-08-161-1/+3
| | | | | | ticket: 5617 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19829 dc483132-0cff-0310-8789-dd5450dbe970
* Change prototype for g_token_size to match function declaration laterEzra Peisach2007-08-161-1/+1
| | | | | | | | | | in file. (OM_Uint32 changed to unsigned int). On a 64 bit architecture, they are different. ticket: 5581 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19828 dc483132-0cff-0310-8789-dd5450dbe970
* compilation failure with IRIX native compilerEzra Peisach2007-08-161-1/+1
| | | | | | | | | gss_release_buffer takes OM_uint32* as an argument, not OM_uint32. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19827 dc483132-0cff-0310-8789-dd5450dbe970
* sprintf conversion to snprintf in r19703 introduced some signed/unsignedEzra Peisach2007-08-152-4/+4
| | | | | | warnings. Cleanup. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19823 dc483132-0cff-0310-8789-dd5450dbe970
* t_ser should no longer use kdb librariesEzra Peisach2007-08-142-4/+2
| | | | | | | | | | Remove the call to krb5_db_fini() - as rest of the db code was pulled during DAL integration. This removes dependency on db libraries - alter Makefile.in. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19822 dc483132-0cff-0310-8789-dd5450dbe970
* Free memory leak in do_test() from asprintf integrationEzra Peisach2007-08-141-0/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19821 dc483132-0cff-0310-8789-dd5450dbe970
* remove inadvertent commit of symbols temporarily exported in Jeffrey Altman2007-08-141-9/+0
| | | | | | | | a sandbox to permit building of pkinit code on Windows. ticket: 5645 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19819 dc483132-0cff-0310-8789-dd5450dbe970
* export krb5_get_profileJeffrey Altman2007-08-111-2/+10
| | | | | | | | | | Export krb5_get_profile. Remove comment saying it should be added and just do it. ticket: new tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19818 dc483132-0cff-0310-8789-dd5450dbe970
* Simulate changing views when the REFRESH action is run and when credentials ↵Kevin Koch2007-08-101-0/+3
| | | | | | | | | | | | | | | | | are updated. This makes the symptoms go away but does not solve whatever the underlying problem is. I missed this change yesterday. This should be added to kfw-3_2_1-beta2. Ticket: 5604 Tags: pullup Target_Version: 1.6.3 Tags: Pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19813 dc483132-0cff-0310-8789-dd5450dbe970
* need more dylib_file specs for darwinKen Raeburn2007-08-091-2/+5
| | | | | | | | | | | | | | | | | | Currently the KDB LDAP plugin won't build on Mac OS X 10.4 if a tree hasn't been previously installed, because it can't find the libraries that we haven't installed yet. (Finding earlier versions isn't sufficient, if symbols are needed that are not present in the installed versions.) Add -dylib_file specs for libkadm5srv and libkdb to LDCOMBINE, in addition to libkrb5support that was already there. Unfortunately, this makes shlib.conf dependent on more library version numbers. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19771 dc483132-0cff-0310-8789-dd5450dbe970
* Simulate changing views when the REFRESH action is run and when credentials ↵Kevin Koch2007-08-092-0/+3
| | | | | | | | | | | | are updated This makes the symptoms go away but does not solve whatever the underlying problem is. Ticket: 5604 Tags: pullup Target_Version: 1.6.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19770 dc483132-0cff-0310-8789-dd5450dbe970
* Control watermark display with registry entry; document the registry entryKevin Koch2007-08-092-1/+7
| | | | | | | | Ticket: 5609 Tags: pullup Target_Version: 1.6.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19769 dc483132-0cff-0310-8789-dd5450dbe970
* The background color is changed to COLOR_WINDOWKevin Koch2007-08-091-1/+1
| | | | | | | | Ticket: 5607 Tags: pullup Target_Version: 1.6.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19768 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of some old SunOS 4 config stuffKen Raeburn2007-08-083-23/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19762 dc483132-0cff-0310-8789-dd5450dbe970
* Patch developed by kpkoch with style changes from jaltmanJeffrey Altman2007-08-081-40/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The size/position of the main application window is internally updated in response to WM_MOVE messages but is only written to the registry after a timeout period. This is done due to the large number of WM_MOVE messages that can be delivered during a windows drag / resize operation involving the user or explorer shell's tile and cascade operations. (or those involving third party desktop managers.) In NIM 1.8 two different application view modes (standard and advanced) replaced the single view mode in previous releases. The size/position update logic was not modified to take into consideration the possibility that a user might move/resize the window and then quickly toggle modes before the new location or size were recorded to the registry. This change ensures that when a mode change occurs, via a call to khm_set_main_window_mode(), that the current location/size will be written to the registry and any outstanding timer, MW_RESIZE_TIMER, will be cleared. The logic to save the location/size has been extracted into the new static function main_wnd_save_sizepos(). main_wnd_save_sizepos() is only called after the application window has been created. ticket: 5613 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19760 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_preauth_context ftable should be Jeffrey Altman2007-08-081-1/+1
| | | | | | | | | | struct krb5plugin_preauth_client_ftable_v1 * instead of struct krb5plugin_preauth_client_ftable_v0 * ticket: 5617 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19759 dc483132-0cff-0310-8789-dd5450dbe970
* Only build pkinit plugin if a sufficiently recent version of OpenSSL is ↵Ken Raeburn2007-08-081-1/+10
| | | | | | | | available ticket: 5617 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19758 dc483132-0cff-0310-8789-dd5450dbe970
* Release mechtok_out in spnego_gss_init_sec_context.Tom Yu2007-08-071-0/+1
| | | | | | | | | | | Reported by Markus Moeller. ticket: 5629 version_reported: 1.6.1 target_version: 1.6.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19757 dc483132-0cff-0310-8789-dd5450dbe970
* missing commaJeffrey Altman2007-08-061-2/+3
| | | | | | | | | | The pkinit additions in revision 18973 left out a comma after the last function in the list. This caused builds that did not define DESIGNATED_INITIALIZERS to break. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19755 dc483132-0cff-0310-8789-dd5450dbe970
* KRB5_CALLCONV must be specified inside parens Jeffrey Altman2007-08-061-1/+1
| | | | | | | | | | | When declaring a function pointer, the function type modifiers must be inside the parentheses. return-type (modifers * function-name) (parameters) ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19754 dc483132-0cff-0310-8789-dd5450dbe970
* Remove these files that were not intended to be moved onto the trunkKevin Coffman2007-08-062-281/+0
| | | | | | ticket: 5617 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19753 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_fcc_generate_new() doesn't work with mkstemp()Tom Yu2007-08-041-46/+44
| | | | | | | | | | | | | | If mkstemp() is available, the new ccache file gets created but the subsequent open(O_CREAT|O_EXCL) call fails because the file was already created by mkstemp(). Apply patch from Apple to keep the file descriptor open. ticket: new tags: pullup target_version: 1.6.3 component: krb5-libs git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19749 dc483132-0cff-0310-8789-dd5450dbe970
* Based on Apple's patch, during the referrals loop, check to see if theTom Yu2007-08-031-65/+95
| | | | | | | | | | | session key enctype of a returned credential for the final service is among the enctypes explicitly selected by the application, and retry with old_use_conf_ktypes if it is not. ticket: 4950 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19748 dc483132-0cff-0310-8789-dd5450dbe970
* NIM: apply does not update saved values of general identities cfg pageJeffrey Altman2007-08-031-3/+3
| | | | | | | | | | | | | | The general identities configuration panel failed to update the saved values of the DefaultMonitor, DefaultAllowAutoRenew, and DefaultSticky options after the "Apply" button was pressed. This resulted in the subsequent value changed states being incorrect. This patch saves the values. ticket: new component: windows git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19747 dc483132-0cff-0310-8789-dd5450dbe970
* Add internal prototype for krb5_preauth_supply_preauth_data(). Clean up Ezra Peisach2007-08-034-492/+521
| | | | | | | | some shadow variable warnings, make depend... ticket: 5617 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19746 dc483132-0cff-0310-8789-dd5450dbe970
* Add PKINIT supportKevin Coffman2007-08-0138-283/+16383
| | | | | | | | | | | | | | | | Pull up PKINIT support onto the trunk. Changes from the version in branch users/coffman/pkinit are: - Update the preauth plugin interface version to avoid conflict with any existing plugins. - Add a pkcs11.h locally to the pkinit code rather than depending on opensc being installed. ticket: new Target_Version: 1.6.3 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19745 dc483132-0cff-0310-8789-dd5450dbe970
* Define snprintf along with vsnprintf for WindowsKen Raeburn2007-08-011-0/+11
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19742 dc483132-0cff-0310-8789-dd5450dbe970
* Don't define vsnprintf for Windows hereKen Raeburn2007-08-011-6/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19741 dc483132-0cff-0310-8789-dd5450dbe970
* Implemented and tested cc_ccache_wait_for_change()Alexandra Ellwood2007-07-315-23/+36
| | | | | | | ticket: 4644 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19740 dc483132-0cff-0310-8789-dd5450dbe970
* Set KTFILEP field to null any time we close the fileKen Raeburn2007-07-271-0/+3
| | | | | | | ticket: 3099 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19739 dc483132-0cff-0310-8789-dd5450dbe970
* Debugged version of patch worked up with LukeKen Raeburn2007-07-276-20/+80
| | | | | | | | | | | | Adds a callback to krb5int_sendto to examine the response and indicate whether to quit the loop or not. For sendto_kdc, keep going if the returned error is "service unavailable". Updated all other callers to pass a null function pointer, which means to always break out of the loop on any response (the old behavior). ticket: 3334 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19738 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2007-07-276-103/+117
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19737 dc483132-0cff-0310-8789-dd5450dbe970
* Check for null file handle in get_next.Ken Raeburn2007-07-271-0/+4
| | | | | | | | Patch from Luke Howard. ticket: 5471 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19736 dc483132-0cff-0310-8789-dd5450dbe970
* Provide {,v}asprintf prototypes if neededKen Raeburn2007-07-271-0/+15
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19735 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2026-01-21 13:53:41 +0000