Ken Raeburn [Wed, 20 Jun 2007 05:18:59 +0000 (05:18 +0000)]
Add the libdb2 type-existence tests to the top-level configure script.
Replace the generated header files in db2 with static ones that
include autoconf.h and make decisions based on the macros defined
there. Omit some tests that test for things we assume now, like
"const" working and "size_t" being defined. Update dependencies.
The libdb2 configure script now generates no header files.
Ken Raeburn [Wed, 20 Jun 2007 04:06:02 +0000 (04:06 +0000)]
We have code elsewhere that assumes the existence of memmove and
strerror, and it builds everywhere we care about. So punt the
substitute versions and everything else from libdb2/clib.
Ken Raeburn [Wed, 20 Jun 2007 03:53:37 +0000 (03:53 +0000)]
Move (BSD-licensed) mkstemp from libdb2 to libkrb5support, and rename
the function to krb5int_mkstemp. Generate the symbol export list for
libkrb5support at build time.
Declare krb5int_mkstemp in k5-platform.h.
Change cc_file.c to use mkstemp unconditionally.
Make libdb2.so (built for testing only) link against the
libkrb5support, and use krb5int_mkstemp if mkstemp is not available.
Ken Raeburn [Wed, 20 Jun 2007 01:09:10 +0000 (01:09 +0000)]
provide asprintf functionality for internal use
I plan to use asprintf in some gssapi error-message management
routines, so let's make sure we have the functionality available,
implementing it locally if necessary.
This implementation assumes vsnprintf is available, an assumption that
the support library is already making at the moment.
Since this implementation requires calling vsnprintf potentially
multiple times with the same va_list, use va_copy if it's available,
or provide a hack version (which should work okay if va_list is a
scalar or array type that requires no other special handling, and if
va_end does nothing interesting, which is usually the case) if the
compiler doesn't provide it.
I also changed a couple bits of code to use asprintf, to make sure we
exercise our implementation in testing.
(C99 requires vsnprintf and va_copy; vasprintf is a GNU/BSD extension,
but an oh so useful one....)
* configure.in: Check for va_copy, or if va_list objects can be simply
assigned. Define HAS_VA_COPY and CAN_COPY_VA_LIST as appropriate.
* include/k5-platform.h: Define a va_copy macro if the compiler
doesn't provide it.
* include/k5-platform.h: If vsnprintf isn't available from the OS,
abort compilation. If vasprintf isn't available from the OS, provide
k5_{v,}asprintf based on vsnprintf and define {v,}asprintf macros.
* lib/krb5/keytab/t_keytab.c (do_test): Use asprintf.
* util/support/errors.c (krb5int_vset_error): Use asprintf
unconditionally.
Tom Yu [Mon, 18 Jun 2007 21:07:37 +0000 (21:07 +0000)]
krb5_walk_realm_tree leaks in capaths case
Markus Moeller reports a leak in krb5_get_credentials() which was then
traced down to profile strings leaking from within
krb5_walk_realm_tree(). A pointer to a profile string was getting
overwritten without the string being freed when *cap_nodes[0] == '.'.
Fix is to free the string prior to overwriting the pointer if the
pointer is non-null.
Removed cross-compilation uses of inline because they don't do
anything on our compilers and were interfering with the
Windows builds. If we need to we can revisit this later with
an actual profiling tool.
Fixed bugs introduced while moving to krb5 repository
Fixed memory leak in ccs_ccache_t and ccs_cache_collection_t when returning
the reply data. Changed to "will_block" semantics for flow control in all
server function so it doesn't get confusing. Fixed bug in
ccs_server_send_reply() which was preventing ipc from working (was using
the wrong variable for the reply stream).
Ken Raeburn [Thu, 31 May 2007 15:56:49 +0000 (15:56 +0000)]
don't check for readability resolving SRVTAB: keytab
Greg Hudson has pointed out that the FILE: and SRVTAB: keytab types differ in
when they report errors for files not existing. The implementations of ANY:
floating around cope better if they consistently accept names of files that
aren't present, and report the error later when fetching information.
Ken Raeburn [Wed, 23 May 2007 03:54:20 +0000 (03:54 +0000)]
On Solaris 10, define NO_WEAK_PTHREADS for the build. When that symbol is
defined, skip the weak and conditional references in k5-thread.h and always
use the real pthread functions.
Ken Raeburn [Wed, 23 May 2007 03:32:08 +0000 (03:32 +0000)]
Fix up declarations of some static functions.
Now the eDirectory support compiles on Mac OS X 10.4.9 (but doesn't link
because "ldap_explode_dn" is not found).
Ken Raeburn [Mon, 21 May 2007 21:44:40 +0000 (21:44 +0000)]
Simplify UNIX krb5int_zap_data a little. Omit volatile cast, just call memset,
but for gcc, use a volatile asm afterwards to make the memory appear to be
referenced and deter optimizations that would remove the memset.
Ken Raeburn [Thu, 10 May 2007 03:58:07 +0000 (03:58 +0000)]
Rewrite weak key check to use a small custom struct instead of wedging
data into krb5_data, and use the array size rather than a sentinel for
loop control.
Jeffrey Altman [Thu, 3 May 2007 22:57:05 +0000 (22:57 +0000)]
Modify WIX installer to better support upgrading betas
The WIX installers did not upgrade previous installations with the same
version number as the current package being installed. This would leave
multiple installations of KFW x.y.z registered as being installed on the
machine even though only the most recent install is being used.
This commit instructs the Windows Installer to uninstall previous installations
with the same version number (the Maximum Upgrade version) as the package
that is being installed while ensuring that the package being installed
will not be uninstalled if the installation is being modified or repaired.
Jeffrey Altman [Wed, 2 May 2007 01:31:50 +0000 (01:31 +0000)]
k5-int.h, gic_opt.c
The krb5_get_init_creds_password() and krb5_get_init_creds_keytab()
functions permit the gic_opts parameter to be NULL. This is not
taken into account when testing the value with the macros
krb5_gic_opt_is_extended() and krb5_gic_opt_is_shadowed().
Nor is it taken into account within krb5int_gic_opte_copy() which
is called by krb5int_gic_opt_to_opte() when the input parameter is
not a krb5_gic_opt_ext structure.
This commit makes two changes:
(1) it modifies the macros to ensure that the value is non-NULL
before evaluation.
(2) it modifies krb5int_gic_opte_copy() to avoid copying the
original values with memcpy() when the input is NULL.
In addition, the code was audited to ensure that the flag
KRB5_GET_INIT_CREDS_OPT_SHADOWED is properly set and that when
it is set, that the allocated krb5_gic_opt_ext structure is
freed by krb5_get_init_creds_password() and
krb5_get_init_creds_keytab().
Kevin Koch [Thu, 26 Apr 2007 13:02:32 +0000 (13:02 +0000)]
Look for unix find command in multiple places
Not tagged yet in case it should not go in 3.2.
Look for the unix find command in a list of directories instead of in only one place. This way Jeff can install cygwin in c:\tools\cygwin and Ken can have it in C:\cygwin. The two places in the list are for those two possibilities. c:\cygwin\bin and c:\tools\cygwin\bin.
Move some prints below where logging starts, so the messages will be in the log.
profile stores empty string values without double quotes
prof_parse.c (need_double_quotes):
The profile library will happily read in right hand values
that represent the empty string by parsing "". However,
when storing the same empty string back to a file, the
empty string is written without the double quotes.
This means that
[section] foo = ""
becomes
[section] foo =
which is invalid input. A subsequent attempt to parse the
profile will result in an invalid input error.
KFW and KFM's realm editors can inadvertently produce an
invalid krb5 profile if one of the ignored sections of the
input profile contains a right hand value that is "".
This patch was produced by Asanka Herath and it was reviewed
by jaltman and lxs.
Tom Yu [Wed, 25 Apr 2007 21:19:07 +0000 (21:19 +0000)]
race condition in referrals fallback
* src/lib/krb5/krb/gc_frm_kdc.c (krb5_get_cred_from_kdc_opt):
During referrals fallback, set *tgts to NULL after freeing. This
avoids returning a pointer to freed memory when the first call to
do_traversal() obtains some TGTs and the subsequent
krb5_cc_retrieve_cred() of the final-hop TGT succeeds (due to some
other thread or process storing that TGT into the ccache), causing
second do_traversal() call (which would re-initialize *tgts) to
not execute. Race condition found during KfW-3.2 testing.
Ken Raeburn [Mon, 23 Apr 2007 00:30:40 +0000 (00:30 +0000)]
remove debugging code accidentally left in ftp/cmds.c
Debugging code I added months ago in ftp/cmds.c and forgot to remove
has apparently escaped notice until now. Markus Moeller reports
seeing a bunch of "cmds.c: at line (number)" lines printed when he
connects to a server.
This patch removes those lines. A couple other debugging statements
that test for the debug flag being set on the command line are left
in.
Kevin Koch [Thu, 19 Apr 2007 20:04:08 +0000 (20:04 +0000)]
Modify Unix find test to only check the current directory for the non-existent a.tmp
When the pismere area is under the script area (as in Jeff's setup on afs), the find test slogs through 100MB of files and occasionally finds an a.tmp.
This correct the erroneous 'unix find not found' errors and improves performance noticeably when using afs.
Kevin Koch [Wed, 18 Apr 2007 03:00:49 +0000 (03:00 +0000)]
Factor repository access out of bkw.pl into repository1.pl
Modify bkw.pl to use an initial config file to fetch the sources and then use the config file from those sources to do the build. This way, the description of how to build the sources is in the config file that is part of the sources. It is possible and probably reasonable for the initial config file to be the same as the tagged version. Output all the options used.
Add bootstrap.xml - a sample minimal config file, sufficient to fetch the sources from a repository.
This patch addresses a problem discovered on some XP systems.
After rundll32.exe starts, the CreateProcess can fail to
start kfwcpcc.exe if the current directory is not %WinDir%\System32.
CreateProcess() should be called with the lpApplicationName parameter
set to NULL in order to permit the use of the PATH.
Also, in ConfigureLogonScript ensure that the trailing NUL of the
constructed command line is processed when producing the wide
character version of the string.
In testing it has been observed that remote desktop connections
will execute the NPLogonNotify function but if the logon is
re-connecting to an existing session, the LogonScript is ignored.
This leaves orphaned credential cache files.
This commit adds a function, KFW_cleanup_orphaned_caches, which
is called by NPLogonNotify to delete any orphaned cache files.
An orphaned cache file is one that is older than five minutes.
Change event log name from "KFW Logon" to "MIT Kerberos". This
is being done to avoid confusion with the "KFW Logon" functionality
that was provided by older versions of OpenAFS. (kfwlogon.h)
Remove logging of the inability to access the "Debug" registry value.
On Vista, kfwlogon.dll is no longer loaded by winlogin.exe. Instead
it is loaded by mpnotify.exe which is spawned once for each logon
request. (kfwcommon.c)
Add a test to ensure that RegisterEventSource succeeded before calling
ReportEvent. (kfwcommon.c)
Absolutely make sure that krb5_init_context() succeeded before calling
any other krb5 functions. (kfwcommon.c)
Add a comment explaining why NPGetCaps() says we are a file system even
though we are not. "It won't work otherwise." (kfwlogon.c)
Change all comparisions for Windows Station and AuthentInfoType names
to case insensitive comparisons. Vista does not use the same case as XP.
(kfwlogon.c)
Change the requested access to the temporary cache file from "All" to
"Read | Delete" when importing its contents into the API cache.
Otherwise, the access test will fail on Vista. (kfwlogon.c)
Add the new kadm5srv function krb5_get_principal_keys to the export list
Build a separate copy of kadmin/cli/keytab.c for kadmin.local that exposes
the -norandkey flag in a way that doesn't require the compiler support -c
and -o at the same time.
Add support for extracting existing keys from the KDC with kadmin.local.
Adds a -norandkey option to the ktadd command only in kadmin.local, and
adds a new function to the libkadm5srv library that kadmin.local can
call. There is no protocol or network access to this function.
Kevin Koch [Sat, 14 Apr 2007 18:06:26 +0000 (18:06 +0000)]
Leave built installers in their temp areas and change final copy step to copy them into <out> from their new location. Delay cleaning up the temp areas until after that copy
Add vertical scrollbars to realm fields in dialogs
The obtain new credentials dialog and the change password
dialog provide a "Realm" combo-box. These controls were
not configured to display a vertical scroll bar if there
were more than five realms in the list.
Ken Raeburn [Fri, 13 Apr 2007 07:04:39 +0000 (07:04 +0000)]
Revert previous change; krb5int_cm_call_select is used by the KDC, and should
return when interrupted by a signal. Instead, check for EINTR in service_fds
and call krb5int_cm_call_select again.
Kevin Koch [Fri, 13 Apr 2007 03:00:21 +0000 (03:00 +0000)]
Only copy install/[wix|nsi] areas into install builder temp areas.
Write site-local files to those temp areas. Now tagged files stay in the staging area and are incorporated into the installers. The substituted files are only in the installer build temp areas.
Although the Platform SDK docs suggest using ITaskbarList to add/remove
a taskbar button on the fly, it doesn't work on Vista. Instead we will
just set the window style to use WS_EX_APPWINDOW and be done with it.
Kevin Koch [Thu, 12 Apr 2007 14:29:07 +0000 (14:29 +0000)]
KfW build automation:
Consolidate all command line switch info in one section of the config.xml, flatten structure.
Don't prune .../site/... .
Use getopts negate option where possible.
New method of dealing with repository options, driven from config xml.
Adjust code to find switches in new place.
Hardwire default config to bkwconfig.xml. Makes "bkw.pl" the out-of-the-box command line.
Hardwire unixfind path to C:\tools\cygwin\bin.
Add filver to required programs list.
The doxyfile.cfg file was generated using Doxygen 1.2 which is years
old. There have been significant improvements in the quality of the
Html output since then. As of this commit, the current version is 1.5.2.
- When the root credential set is touched, trigger an identity
refresh. This is necessary to ensure that the identity list
has a complete state of the world when the identity provider
attempts to initialize an initial default identity when none
previously existed. (see krb5cred.dll section)
- Don't set the enabled state for KHUI_ACTION_DESTROY_CRED and
KHUI_ACTION_RENEW_CRED actions. They are set elsewhere.
krb5common.obj
- Initialize variables to prevent uninitialized use.
krb4cred.dll
- Re-order controls and use CheckRadioButton() for manipulating the
radio buttons which select the ticket acquisition method.
- Use symbolic constants instead of numbers.
- If Kerberos 4 is enabled for a specific identity, then that setting
takes precedence over the global setting. The global setting is
merely a default if a per-identity setting is not specified.
However, a per-identity setting is only read for the default
identity.
- If the validity of an identity is not known, assume that it is still
being checked and don't display any credential text.
- When handling WM_COMMAND messages for the new credentials panel,
only update the data when a BN_CLICKED message is received and only
update the display if the IDC_NCK4_OBTAIN checkbox is toggled.
- Remove unused symbols from langres.h
krb5cred.dll
- When renewing an identity which was imported, first try to import it
again. If that fails to obtain newer tickets, then try initializing
the MSLSA cache and then importing again.
- Refactor the code for setting an identity as the default so we can
call it internally.
- When setting the initial default identity, if there is no current
default ccache and no known last default identity, then look through
the list of ccaches with credentials and pick one with valid
tickets. If all else fails, then pick any of the ccaches.
netidmgr.exe
- Credentials Window
- Consistently use KHUI_CW_O_RELIDENT as a necessary and sufficient
indicator that the identity needs to be released when freeing an
outline node.
- Properly initialize an outline node.
- Don't group similar credentials if we aren't sorting/grouping by
any specific column.
- Use the KHUI_CW_O_EMPTY flag to indicate that an outline node
contains no children.
- Handle the case where we aren't sorting/grouping by any column.
- Make sure outline nodes have valid idx_start and idx_end values.
- Use consistent logic when painting and handling mouse hotspots.
- Don't use WS_EX_TRANSPARENT when creating the notification window.
- Use a fixed height for the notification window.
- Update the outline when the default identity changes.
- Hypertext Window
- Correctly handle the "center" attribute in the "p" element.
- Use a system brush for painting the background instead of creating
one of our own.
- Correct the handling of scroll_left and scroll_top when
calculating the coordinates for text.
- Don't check if the rectangle for the text is inside the visible
area of the window before drawing.
- Handle WM_ERASEBKGND and use a system color brush to erase the
background.
- When the size changes, force the extents to be recomputed. This
will also update the scroll bars.
- Use the proper return value after handling WM_PAINT.
- The scrollbar messages send the operation code in the low word of
wParam, not the high word.
- Use GetScrollInfo() with SIF_POS when the operation is
SB_ENDSCROLL or SB_THUMBPOSITION.
- When the hottracked link changes for a transparent window, don't
invalidate the entire parent window. Instead use
MapWindowPoints() to calculate the affected rectangle and
invalidate that.
- Misc
- Change the text of the IDS_NO_CREDS message so that it renders
better on a small window.
- Initialize COM when starting the GUI.
- When showing and hiding the main window and the new credentials
window, add a button to the task bar. This allows the user to
switch focus to the window if it's obstructed.
- Remove unused symbols from resource.h
- New Credentials Window
- Ignore the validity state of the identity when showing a password
change dialog. We don't expect the identity provider to validate
the identity when changing the password.
Ken Raeburn [Mon, 9 Apr 2007 20:58:13 +0000 (20:58 +0000)]
EAI_NODATA deprecated, not always defined
Brian Kantor reports (on the kerberos@mit list today) that krb5-1.6
doesn't build on FreeBSD 6.1 because they've done away with
EAI_NODATA, which was removed from the getaddrinfo API in RFC 3943.
This patch conditionalizes two tests for EAI_NODATA on the macro being
defined, and also adds handling for EAI_OVERFLOW, a new error code
added in RFC 3943.
Ken Raeburn [Sat, 7 Apr 2007 05:15:31 +0000 (05:15 +0000)]
use IP(V6)_PKTINFO in KDC for UDP sockets
As Denis Vlasenko pointed out in ticket 3306, using IP(V6)_PKTINFO to
get or set the local address in UDP communications instead of
allocating one socket for each address seen at startup will behave
better in environments where the addresses may change while the KDC is
running, or in certain unusual network configurations.
The patch from Denis was specific to Linux (didn't do IPV6_PKTINFO if
IP_PKTINFO wasn't defined). I've reworked it a fair amount, and
tested the results briefly on Mac OS X (which has IPV6_PKTINFO but not
IP_PKTINFO) and Linux (which has both).
With this change, on systems like Linux supporting both socket
options, the KDC should be able to use just two UDP sockets, one for
IPv4 and one for IPv6. (And if we turned off IPV6_V6ONLY, we might do
with one.)
Filed as a separate ticket, because Denis's complaint and patch in
3306 cover the RPC code as well.
- add functionality to implement previously defined "DefaultSticky"
registry based configuration parameter. This value is can be added to
an installer by a transform or pushed by Group Policy. When set, it
controls the default setting of the "sticky" flag for new identities.
nidmgr32.dll:
- fix the version resources: FileVersion, ProductName, and ProductVersion
krb5cred.dll:
- when importing an identity from the MSLSA, if there has never been a
default identity, configure the MSLSA identity to be the default.
projects / thirdparty / krb5.git / log
