Sam Hartman [Mon, 19 Sep 2011 00:34:48 +0000 (00:34 +0000)]
In pkinit_crypto_openssl.c, modified pkinit_octetstring2key() to
eliminate a possible memory leak in the error path, where the
key_block->length was set to zero but the key_block->contents were
not freed. Also, changed calloc() call to a malloc() call to avoid
allocating up to 8 times as much buffer space as needed.
In keyblocks.c, modified kr5_free_keyblock_contents() to set the
key->length to zero after the key->contents have been freed.
Sam Hartman [Mon, 19 Sep 2011 00:34:40 +0000 (00:34 +0000)]
asn1_encode.{c,h}: support DEFOCTETWRAPTYPE
Support a way of defining a type that indicates that the DER encoding
of some other type is wrapped inside an octet string in a produced
encoding. To support this, support encoding of tagged things where
the class is not constructed; in this case it will be primitive.
Ken Raeburn [Sun, 18 Sep 2011 09:43:25 +0000 (09:43 +0000)]
Add invocations of AC_LANG_SOURCE to deal with autoconf 2.68 warning
messages. Verified to produce the same configure script (under
autoconf 2.68 on Mac OS X) as before.
This avoids a race condition where a child reports "starting..." and
begins to service requests before the monitor is ready to handle
termination signals. Really only an issue for the test suite. From
npmccallum@redhat.com.
When we build with the internal verto, we include verto-k5ev.h in
order to create loops. When we build with the system verto, we don't
include that header file. Add depfix logic and pre.in variables to
avoid depending on verto-k5ev.h for a system verto build.
When we have conditionally built bundled source, we need logic in
depfix.pl and variables in pre.in to avoid depending on the bundled
verto.h in generated dependencies. Add that logic for verto.
Tom Yu [Wed, 7 Sep 2011 21:31:48 +0000 (21:31 +0000)]
Fall back to EV_USE_SELECT
ev.c explicitly disables poll() on Mac and FreeBSD, which left our
standalone version without any working back ends on Mac OS X, for
example. Fall back to using select() on these platforms.
Now that we're not using dynamic loading for libverto-k5ev, we don't
need to use hard links for liblinks, and using them would interfere
with an AFS build tree.
Give libverto-k5ev a header file. When using the internal verto
library, link against -lverto-k5ev and use verto_default_k5ev()
instead of verto_default(), bypassing the module loading logic and
making static builds possible.
cred could be used uninitialized if krb5_timeofday() failed. defcred
had the wrong type. kg_cred_resolve() should be used instead of
krb5_gss_validate_cred() to do delayed name/ccache resolution and get
a lock.
For default credentials, defer ccache resolution until we need the
information. If this happens in init_sec_context when we have the
target principal in hand, use krb5_cc_select() to pick a cache. If
the target principal is not known, use the default cache.
For credentials with a specified principal, use krb5_cc_cache_match()
to find the cache. If no cache is found and a password is specified,
create a new cache within the collection to hold the new credentials,
if the default cache type supports a collection.
The interface has two built-in modules. The realm module guesses a
cache based on the server realm if it is known. The k5identity module
(Unix only) chooses a client principal based on rules in a .k5identity
file in the user's homedir.
* "kdestroy -A" destroys all caches in collection.
* "kinit princ" searches the collection for a matching cache and
overwrites it, or creates a new cache in the collection, if the
type of the default cache is collection-enabled. The chosen cache
also becomes the primary cache for the collection.
* "klist -l" lists (in summary form) the caches in the collection.
* "klist -A" lists the content of all of the caches in the collection.
* "kswitch -c cache" (new command) makes cache the primary cache.
* "kswitch -p princ" makes the cache for princ the primary cache.
Do not yield any default caches in the top level cccol implementation.
In the FILE type, yield the default cache if it exists and is of type
FILE, instead of yielding the set of open file caches.
* krb5_cc_get_full_name retrieves the full type:name of a cache.
* krb5_cc_switch makes a cache the primary cache.
* krb5_cc_cache_match searches the collection for a client principal.
* krb5_free_string releases a string (for the krb5_cc_get_full_name
result).
All of these are from Heimdal except for krb5_free_string (Heimdal uses
krb5_xfree).
The DIR ccache type supports a collection of credential caches within
a private directory (which must be created out of band). One cache is
designated as primary at any given time. Setting the default cache
name to DIR:dirname will cause caches within dirname to be present in
the global cache collection.
verto uses dladdr() to figure out where it should look for modules,
and dladdr may or may not follow symlinks. Hard links ensure that it
always looks in the directory where liblinks are, allowing it to find
the verto-k5ev module.
Make symlinks within the lib directory for .so and .so.X instead of
symlinking those back to the library build directory.
Ken Raeburn [Mon, 5 Sep 2011 01:58:48 +0000 (01:58 +0000)]
Instead of passing a 0 to add_new_mkey for kvno and leaving
new_mkey_kvno (used when stashing) uninitialized, use get_next_kvno to
set the latter to the only non-zero value that add_new_mkey will
accept.
Ken Raeburn [Mon, 5 Sep 2011 01:22:03 +0000 (01:22 +0000)]
Fix "may be used uninitialized" warnings in db2 code, even though all
such cases appear to be safe. This will permit making
uninitialized-variable messages fatal.
Ken Raeburn [Mon, 5 Sep 2011 01:21:55 +0000 (01:21 +0000)]
Silence various "may be used uninitialized" warnings from GCC caused
by it not figuring out the control flow (initialization and use both
tied to some other variable).
Add configure and build support for libverto and the libverto-k5ev
module. Fix the version script rules to work for libraries with
hyphens in their names.
By making an entry for $hostname in [domain_realm], we can relax the
requirement that the canonicalized local hostname must have a parent
domain. This makes the test suite work more easily on Fedora.
socket.getfqdn() tries to produce a result containing a period, so it
may disagree with krb5_sname_to_principal's result--for example, in
Fedora's default DHCP configuration. Use getaddrinfo and getnameinfo
calls mirroring krb5_sname_to_principal's logic instead.
When terminating a connection, close and invalidate conn->fd so that
we don't look for it in selstate on the next select or poll
invocation. Looking for such an fd is harmless when using select, but
results in an assertion failure when using poll.
Greg Hudson [Mon, 29 Aug 2011 17:20:37 +0000 (17:20 +0000)]
Fix style issues in r25087
* Function names should be at the beginning of lines in definitions.
* Changes should not create lines >79 characters.
* Continuation lines should align after left parens when appropriate.
Also, krb5_gss_accept_sec_context_ext and acquire_accept_cred are
not gss mechanism functions and should not have been tagged.
Greg Hudson [Fri, 26 Aug 2011 17:56:44 +0000 (17:56 +0000)]
Remember and close the kadmin socket we opened
Prior to ticket #6746, the RPC library opened the kadmin socket and
took responsibility for closing. When we added IPv6 support, the
calling code became the owner of the socket but wasn't closing it,
resulting in a file descriptor leak.
Zhanna Tsitkov [Mon, 22 Aug 2011 20:24:07 +0000 (20:24 +0000)]
Minor reformating of kdb5_ldap_util documentation. Also, removed duplicates from ldap_operations documentation by referencing to kdb5_ldap_util documentation subsections
Zhanna Tsitkov [Mon, 22 Aug 2011 16:54:20 +0000 (16:54 +0000)]
Removed repetitive text from "Operations on the Kerberos database" sub-section of database administration section. Reference to kdb5_util commands documentation instead
Greg Hudson [Thu, 11 Aug 2011 16:37:55 +0000 (16:37 +0000)]
Fix call to gss_inquire_cred from spnego_gss_acquire_cred_impersonate_name
If desired_mechs is NULL (this should never happen when invoked from
the MIT mechglue), we call gss_inquire_cred to get a list of mechs.
This call needs to pass a union cred handle, not the SPNEGO handle we
got as input. Reported by aberry@likewise.com.
Greg Hudson [Thu, 11 Aug 2011 15:13:52 +0000 (15:13 +0000)]
Fix major status handling in gss_acquire_cred
If we have at least one cred element after the mech loop, reset major
before continuing on, or we could mistakenly return a failure status
from the last mech (and free the returned creds). Reported by
aberry@likewise.com.
projects / thirdparty / krb5.git / log
