Use a helper function add_policy_mods() in
krb5_ldap_create_password_policy() and krb5_ldap_put_password_policy()
to avoid duplicating code for each field.
Corrections to stuff noticed by kaduk:
* Eliminate a space before paren in a call to free().
* Use %lu for unsigned long in format strings.
* Simplify the tokens table definition.
* Add DEFCCNAME, DEFKTNAME, and DEFCKTNAME configure variables to
change the built-in ccache and keytab names.
* Add krb5-config options to display the built-in ccache and keytab
names.
* In the default build, use krb5-config to discover the system's
built-in ccache and keytab names and use them (if not overridden).
This can be controlled with the --with-krb5-config=PATH or
--without-krb5-config configure options.
* Make the built-in ccache name subject to parameter expansion.
Generalize the ccache collection tests in t_cccol.py to multiple kinds
of ccache tests, and rename it to avoid confusion with the lower-level
lib/krb5/ccache/t_cccol.py. Move a test from t_general.py into
t_ccache.py.
Eliminate the USE_CCAPI variant of get_from_os() which was only used
in KfM. Make get_from_os() allocate its result (wrapping the Windows
implementation so it can continue to use a fixed-size buffer).
Simplify krb5_cc_set_default_name() and krb5_cc_default_name(). Make
some minor style adjustments.
Add an adapted version of Heimdal's expand_path.c, defining
k5_expand_path_tokens() and k5_expand_path_tokens_extra(). These
functions allow template paths like %{TEMP}/krb5cc_%{uid} to be
resolved. Also add a test program to exercise the path expansion
code.
Simo Sorce [Fri, 2 Mar 2012 23:27:49 +0000 (18:27 -0500)]
Introduce credential store extensions
Add new APIs gss_acquire_cred_from, gss_add_cred_from, and
gss_store_cred_into, which take additional argments to specify the
location of the credential storage using a key-value map, where keys
are interpreted by the mechanisms.
In combination with -k, -i will cause kinit or klist to use the
default client keytab instead of the default acceptor keytab. This
gives an easy way to figure out what default client keytab name is in
use and to get credentials using it.
wshelper is clearly not intended to use unicode:
wprintf is used extensively and exclusively to write to char[] buffers and
fields in dns structs are used as explicitly ASCII text.
Kevin Wasserman [Wed, 6 Jun 2012 22:22:22 +0000 (18:22 -0400)]
KFW win-mac.h fixes
kfw: add int16_t, uint16_t typedefs to win-mac.h
uint16_t is used in chpw.c
include stdlib.h, crtdbg.h in win-mac.h
Allows leak-tracking using built-in msvc tools on windows.
crtdbg.h needs to come _after_ stdlib.h, but _before_ checking for
strdup. Define DEBUG and CRTDBG_MAP_ALLOC for full tracking.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7204 (new)
tags: pullup
Ben Kaduk [Fri, 29 Jun 2012 18:33:20 +0000 (14:33 -0400)]
Sync configure options with configure
We should try to stay coupled with the actual configure options, as
documented by 'configure --help'.
Remove an option which is no longer present and add several that
were missing.
Ben Kaduk [Fri, 29 Jun 2012 18:13:05 +0000 (14:13 -0400)]
Only list --enable-dns-for-realm once
If we list something as "commonly used", we seem to not also
list it with the rest of the options. This has the advantage
of not requiring us to remember to update two things for future
changes, but the disadvantage of requiring users to look in two
places for options. Stick with the prevailing form for now.
Ben Kaduk [Fri, 29 Jun 2012 18:10:07 +0000 (14:10 -0400)]
Sort configure options
Stick to the order of 'configure --help' for most sections, but
sort environment variables alphabetically (since, e.g.,
configure --help does not list CPPFLAGS and there is not a good
way to add that).
Note that this does not add or remove any content, even though
some options are missing/extra.
Ben Kaduk [Wed, 27 Jun 2012 18:35:30 +0000 (14:35 -0400)]
Cleanup docs for DNS lookup configure options
DNS lookups for KDCs have been unconditionally enabled in
configure since 2003; configure options only affect whether
DNS lookups are used for realm names.
Change the RST documentation of configure options to catch up.
Tom Yu [Thu, 12 Jul 2012 18:26:15 +0000 (14:26 -0400)]
Handle huge /bin directories in libdb2 test
The test suite for libdb2 uses /bin as a source of filenames and
contents for insertion into databases. Fedora 17 (and possibly other
OSes) have /bin symlinked to /usr/bin, which can vastly increase the
number of files found, exceeding some limits of the test databases.
Truncate this list of files at 100 to prevent this problem.
Tom Yu [Thu, 12 Jul 2012 03:35:44 +0000 (23:35 -0400)]
Always recreate acl files during dejagnu tests
The dejagnu tests create some persistent acl files containing
hostname-derived principal names. These can get out of date if the
host has changed names since the last time the dejagnu tests were run,
causing failures (notably in iprop.exp). To avoid this problem,
change the dejagnu tests to always create new acl files for each test
run.
Kevin Wasserman [Sun, 6 May 2012 19:14:46 +0000 (15:14 -0400)]
Add krb5int_cc_user_set_default_name
Set the default credential cache name for all processes for the current
user. Currently implemented, for windows only, by setting
HKEY_CURRENT_USER\Software\MIT\Kerberos5:ccname to the specified
ccache name. This will not override the environment variable 'KRB5CCNAME'.
It will override HKEY_LOCAL_MACHINE and 'indirect' registry values.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7199 (new)
tags: pullup
Kevin Wasserman [Sun, 6 May 2012 19:23:10 +0000 (15:23 -0400)]
Implement switch_to for ccapiv3
krb5_stdccv3_switch_to() calls cc_ccache_set_default().
krb5_stdccv3_resolve() checks for NULL or empty residual and calls
cc_context_get_default_ccache_name() in those cases.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7198 (new)
tags: pullup
Kevin Wasserman [Fri, 20 Apr 2012 15:36:13 +0000 (11:36 -0400)]
Translate WinSock errors to Posix counterparts
MSVC 2010 defines both Posix and WinSock error values so we can no longer
simply #define the Posix error values to be their WinSock counterpart.
This patch explicitly #includes <errno.h> in port-sockets.h and still
conditionally defines the Posix error values for compatibility with older
MSVC but also translates WinSock errors to Posix for MSVC 2010
compatibility.
The downside to this approach is that there are some Posix errors we
do not currently detect (e.g. EADDRINUSE) that are neither #defined nor
translated. If we use one of those in the future but fail to update
TranslateWSAGetLastError() we'll once again be in the situation that the
windows build will compile but fail to work, possibly only when some rare
error condition occurs.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7197 (new)
tags: pullup
If the directory for a DIR ccache doesn't exist yet, try to create it
(but not its parents) with mode 700. Exercise this in test scripts by
not pre-creating directories.
In gssint_import_internal_name, don't map the minor code from
mech->gss_duplicate_name if it returned successfully. Fixes an
"unexpected non-zero minor status" error reported by SAP's gsstest
when it invokes gss_canonicalize_name().
Commit f609e5caff410cc8f71db7d95b4da219541437db accidentally omitted
the check for extra realm separators, leading to an assertion error
when parsing x@y@z or similar. Restore the check.
Ben Kaduk [Fri, 6 Jul 2012 22:56:57 +0000 (18:56 -0400)]
Revert "Document absolute times for 'kinit -s'"
This reverts commit 20f85a81151f69689e3c060e89852687eb6c5a3c.
The ability of 'kinit -s' to accept an absolute time is
intentionally undocumented and remains only for backwards
compatibility.
Leave a comment in the source to this effect, for future generations.
Ben Kaduk [Fri, 6 Jul 2012 19:45:20 +0000 (15:45 -0400)]
Allow using locales when gettext is absent
Previously, if configure did not detect dgettext(), we disabled
anything that smelled like localization, inadvertently including
setlocale(). Now that we use setlocale(LC_ALL, ""), we have
localized dates available as well as messages, so we should not
disable calls to setlocale() any more.
Since the routines from locale.h are only used in a relatively
small number of places, just include the header directly in those
files and remove it from k5-platform.h.
Ben Kaduk [Fri, 6 Jul 2012 00:18:32 +0000 (20:18 -0400)]
Pass the user's CPPFLAGS in ALL_CFLAGS
We need them if any headers we depend on are not in the default
search path (e.g., gettext.h). These files are built for
'make check' but not for the normal build.
Ben Kaduk [Thu, 5 Jul 2012 18:34:56 +0000 (14:34 -0400)]
Document absolute times for 'kinit -s'
kinit's -s argument takes a parameter, which is first interpreted
as a time interval ("deltat"), in the same format used for
the -l and -r arguments. However, if that fails, the
time argument is interpreted as an absolute time, in one of
twelve different possible formats, some of which are subject to
localization via strptime(). Explicitly listing all twelve
possible interpretations is overkill, but give the user a hint that
absolute times are possible at all.
Ben Kaduk [Thu, 5 Jul 2012 18:56:50 +0000 (14:56 -0400)]
Enable all localizations in main functions
Bite the bullet and pass LC_ALL to setlocale() instead of just
LC_MESSAGES. Calls to setlocale() itself were introduced in fabbf9e443459e8c0161c84563690ed70c7f6a61 for ticket 6918, but
only for LC_MESSAGES since only localized strings were needed
and that was the most conservative option.
However, klist, kadmin, and kinit (and perhaps others) would benefit
from localized formats for times (i.e., LC_TIME). If potentially
localized data is being sent on the wire, that is a bug that should
be fixed. No such bugs are found with the current test suite, so we
are comfortable enabling LC_ALL at this time.
Avoid dereferencing a null auth_pack pointer if we run out of memory
initializing info or auth_pack. Eliminate an unnecessary switch by
just cleaning up all of the potentially allocated variables.
Ben Kaduk [Fri, 29 Jun 2012 15:35:41 +0000 (11:35 -0400)]
Take care with types in process_routing_update()
read(2) returns an ssize_t, not an int. We want to compare this
value against several unsigned size_ts, so make a local copy.
Also cast to int for printing; size_t can be wider than int, but
these values should be small.
Ben Kaduk [Wed, 27 Jun 2012 20:35:20 +0000 (16:35 -0400)]
Minor cleanups relating to size_t being unsigned
In order to use -1 as a sentinel value, we should explicitly cast
to make it clear what we are doing. It might be better to use
a less convoluted sentinel value such as SIZE_T_MAX, though.
Additionally, since size_t is unsigned and at least as wide as
an int, a loop with int index variable that compares against a
size_t for its termination check could become an infinite loop.
Make the loop index size_t for consistency.
Ben Kaduk [Wed, 27 Jun 2012 19:38:47 +0000 (15:38 -0400)]
Avoid unsigned/signed comparison in loop condition
The gid_len length is declared as an unsigned int, and loop
index 'i' is a signed int. This could manifest as an infinite
loop if gid_len is very large. In practice, gid_len should be small,
but make 'i' the same type for consistency.
Ben Kaduk [Wed, 27 Jun 2012 19:14:00 +0000 (15:14 -0400)]
Improve printf handling of size_t args
The %*s format takes two arguments, a precision length/width and
an actual string; the length is specified as a signed integer.
The size_t length field of the gss_buffer_desc type is an unsigned
type, which must be cast or otherwise converted to a signed type
to match the format string expectations.
I do not think that the length will approach SIZE_T_MAX in practice,
due to buffer constraints, so do not include handling for the
edge case.
There is a '%zu' format string for printing size_ts, but it is not
available everywhere (e.g., AIX). Instead, use the
unsigned long long abomination.
Ben Kaduk [Wed, 27 Jun 2012 18:28:16 +0000 (14:28 -0400)]
Resolve no-previous-prototype warning in os/cm.c
The warning is
../../../../krb5/src/lib/krb5/os/cm.c:43: warning: no previous prototype for 'k5
_getcurtime'
which occurs because
int k5_getcurtime(struct timeval *tvp)
is defined (and used) in cm.c but there is no forward declaration.
Include the os-proto.h (internal) header which declares this function
to eliminate the warning. k5_getcurtime() is the first declaration in
cm.c, so there is not an ABI concern.
The only other consumer of k5_getcurtime(), sendto_kdc.c, already includes
os-proto.h, so this issue is purely cosmetic.
Accept UDP datagrams up to 64K in size. We should still detect when
an oversized datagram comes in by comparing against the maximum size,
but this is trivial and covers 90% of the practical issues.
projects / thirdparty / krb5.git / log
