Added CoreFoundation bundle plugin support to support library bundle plugin
code. Also modified plugin types so they allocate a list of pointers rather
than a list of structs so that we can reuse the code that generates the
pointer types. (Basically now krb5int_open_plugin_dir() can call
krb5int_open_plugin() rather than doing nearly the same thing.)
unsigned/signed int warnings in krb5_context variables
Change in_tkt_ktype_count, tgs_ktype_count and conf_tgs_ktypes_count in context to
unsigned int. Change get_profile_etype_list() to expect unsigned int as well.
Update shsUpdate to take an unsigned int length instead of signed.
The code already assumes that it is an integer >= 0. This change
cleans up a number of signed/unsigned warnings.
sha1/shs.h, shs.c, t_shs.c: change ints to unsigned int
dk/dk_encrypt.c: static function trunc_hmac change a signed int to unsigned
hash_provider/hash_sha1.c: Remove cast in argument to shsUpdate
Ken Raeburn [Wed, 19 Apr 2006 20:23:46 +0000 (20:23 +0000)]
* errors.c (krb5int_get_error): Try strerror_r if available before strerror.
* plugins.c (ERRSTR): New macro, tries strerror_r and uses strerror only if it
fails or isn't available.
(krb5int_open_plugin_dir): Use it.
When krb5_c_prf was added in r17219 to implement RFC 3961 PRF, the
prototype for krb5_c_prf has the incomming krb5_data not flagged as const.
The implementation usage in the dk_prf.c declare as const. Make everything
consistent.
Ken Raeburn [Tue, 18 Apr 2006 23:28:07 +0000 (23:28 +0000)]
* error_table.h (ET_EBUFSIZ): Increase to 1k.
* error_message.c (get_thread_buffer): New function, split out from
error_message.
(error_message): Call it. Also try strerror_r with the per-thread buffer, if
both are available, before trying strerror.
Ken Raeburn [Fri, 14 Apr 2006 22:38:00 +0000 (22:38 +0000)]
Move gmt_mktime.c from lib/krb5/os to util/support, and rename the function.
Stop exporting gmt_mktime from libkrb5, and export krb5int_gmt_mktime from
libkrb5support. Updated the one caller, asn1_decode.c.
identity/plugins/common/dynimport.c:
During the interop session we concluded that the ccapi32.dll should
not be required for netidmgr to operate. netidmgr should work with
only FILE: ccaches. After the interop the removal of the error
check post-load was not removed.
identity/doc/Makefile:
The 'clean' rules failed to specify the /Q switch which silently
removes the directory tree. As a result, during the build the
user was prompted.
Ken Raeburn [Thu, 13 Apr 2006 18:58:56 +0000 (18:58 +0000)]
Partial merge from Novell LDAP integration branch, not including the
actual LDAP bits:
* include/kdb.h (krb5_db_entry_new): Add MASK field indicating what's
changed.
(KRB5_KDB_SRV_TYPE_*): New macros indicating which type of service is
accessing the database.
* lib/kadm5/srv/svr_principal.c: Set mask field.
* lib/kadm5/srv/server_misc.c, server_init.c: Pass service type to
krb5_db_open.
* kadmin/dbutil/kdb5_stash.c (kdb5_stash): Pass service type to
krb5_db_open.
* kadmin/dbutil/kdb5_util.c (open_db_and_mkey): Pass service type to
krb5_db_open.
* kdc/main.c (init_realm): Pass service type to krb5_db_open.
* lib/kadm5/srv/svr_principal.c: Set mask field.
* kadmin/dbutil/dump.c (load_db): Pass service type to krb5_db_open.
* lib/kdb/kdb5.h (KRB5_KDB_SRV_TYPE_*): New macros.
* lib/kdb/err_handle.{c,h}: Deleted.
* lib/kadm5/clnt/err_handle.{c,h}: Deleted.
(krb5_db_clr_error): Declaration deleted.
* lib/kdb/Makefile.in, lib/kadm5/clnt/Makefile.in: Don't build them.
* lib/kdb/kdb5.c, lib/kadm5/clnt, lib/kadm5/srv: Use new error-message API.
* kdc/do_tgs_req.c (process_tgs_req): Use new error-message API.
* kdc/kdc_preauth.c (check_padata)
* kdc/do_as_req.c (process_as_req):
* kdc/main.c (init_realm):
* kadmin/server/ovsec_kadmd.c (main, do_schpw):
* schpw.c (process_chpw_request):
* kadmin/server/server_stubs.c:
* kadmin/cli/kadmin.c (extended_com_err_fn): New function.
(kadmin_startup): Tell com_err library to use it, for kadmin.local.
* lib/kdb/libkdb5.exports: Don't export krb5_db_clr_error.
* lib/kdb/Makefile.in: (SRCS, STLIBOBJS): Don't build err_handle.c.
* lib/kdb/kdb5.c (kdb_load_library): Don't pass argument to init_library.
(krb5_db_clr_error): Function deleted.
* lib/kdb/kdb5.h (struct _kdb_vftabl): Remove argument from init_library field.
* lib/kadm5/logger.c (krb5_klog_init): Save the krb5_context pointer.
(klog_com_err_proc): Use it, and call new error-message API.
* lib/kadm5/srv/svr_principal.c: Use new error-message API.
* kadmin/dbutil/kdb5_util.c (extended_com_err_fn): New function.
(main): Tell com_err library to use it.
* plugins/kdb/db2: Use new error-message APIs and updated DAL
interface.
* lib/kadm5/kadm_rpc.h: Delete err_str fields.
* lib/kadm5/kadm_rpc_xdr.c: Don't process them.
* kadmin/server/server_stubs.c: Don't use ret.err_str field.
Sam Hartman [Tue, 11 Apr 2006 21:28:48 +0000 (21:28 +0000)]
Remove ChangeLog files from the source tree. From now on, the
subversion commit log entry needs to include information that would
have been in the changelog.
- work without kerberos 4 libraries including krb524
- add a mechanism to add and remove identities from
the options dialog. This allows a configuration
to be specified using a separate file based ccache
for each identity
- work without availability of ccapi
- force a renew of credentials on startup to support
the case when MSLSA is the only credential cache
Ken Raeburn [Sat, 1 Apr 2006 01:26:39 +0000 (01:26 +0000)]
* configure.in: Check for access, ftime, getcwd, srand48, srand, srandom, stat,
strchr, strerror, strstr, timezone, umask, waitpid, sem_init, sem_trywait,
daemon, alloca.h, dlfcn.h, limits.h, pthread.h, semaphore.h, krb_db.h, kdc.h,
sockaddr.sa_len, sockaddr_in.sin_len, stat.st_mtimensec,
stat.st_mtimespec.tv_nsec, and stat.st_mtim.tv_nsec. Invoke
KRB5_AC_REGEX_FUNCS, AC_TYPE_OFF_T, CHECK_WAIT_TYPE, CHECK_SIGPROCMASK,
AC_TYPE_GETGROUPS, CHECK_SETJMP, and DECLARE_SYS_ERRLIST. Add checks for
perror declaration, strptime prototype, setrpcent and endrpcent return types
from configure.in scripts in subdirectories.
With this patch, nearly every -D option used to compile a file that we care
about for KfM should now be duplicated in include/autoconf.h. There are still
other -D options not represented here (e.g., in appl/, util/pty, and the python
sample plugin).
Ken Raeburn [Fri, 31 Mar 2006 20:08:46 +0000 (20:08 +0000)]
* kt_file.c (krb5_ktf_keytab_externalize, krb5_ktf_keytab_internalize): Read
and write file position as 64 bits rather than trying to figure out size of
long.
Ken Raeburn [Fri, 31 Mar 2006 02:10:57 +0000 (02:10 +0000)]
* secure.c: Include autoconf.h. Include stdint.h and inttypes.h if available.
(ftp_uint32, ftp_int32): Always define as [u]int32_t instead of testing
configure-time type size macros.
Ken Raeburn [Fri, 31 Mar 2006 01:55:36 +0000 (01:55 +0000)]
Stop checking sizeof(type) at configure time.
Pull stdint.h and inttypes.h into gssapi.h if available.
Don't use size/limit tests for choosing gss_[u]int32; just use [u]int32_t.
Ken Raeburn [Fri, 31 Mar 2006 01:34:38 +0000 (01:34 +0000)]
* util_token.c: Include limits.h.
(der_length_size, der_write_length): Test INT_MAX instead of SIZEOF_INT.
(der_read_length): Test sizeof(int) instead of SIZEOF_INT.
Ken Raeburn [Tue, 28 Mar 2006 21:10:48 +0000 (21:10 +0000)]
* aclocal.m4 (CHECK_UTMP): Call AC_CHECK_FUNCS once instead of AC_CHECK_FUNC
for each function.
(CHECK_SIGPROCMASK, CHECK_SETJMP, CHECK_UTMP, AC_KRB5_TCL_TRYOLD,
KRB5_AC_LIBUTIL): Supply all three arguments in AC_DEFINE calls.
Ken Raeburn [Sun, 26 Mar 2006 20:55:59 +0000 (20:55 +0000)]
Initial enhanced error message support, similar to what I sent to
krbdev except for some function renaming (krb5_free_error was already
in use, so added _message to everything), and the context is allowed
to be NULL (in which case we fall back to error_message() and storing
no strings) to simplify some code.
Low-level routines in the support library, using a private data
structure; higher-level routines in libkrb5, using a krb5_context.
Added error info strings to the KRB_ERR_GENERIC case in gc_via_tkt.c
and the python sample service location plugin. Added code to kinit
and kvno to look up and display the strings.
projects / thirdparty / krb5.git / log
