Ken Raeburn [Wed, 9 Feb 2005 00:50:50 +0000 (00:50 +0000)]
Exercise the dynamic loading/unloading of libraries a bit more.
Athena's old IRIX systems fail this test now.
* t_loader.c (verbose): New variable.
(do_close_1): Drop filename argument. Change messages accordingly, and only
display them if verbose. Line up "done" messages vertically.
(do_open_1): Likewise. Add library version argument, used when on AIX, in
combination with RTLD_MEMBER.
(do_open): Don't pass filename. Do pass library version; callers changed.
(do_close): Don't pass filename.
(get_sym_1): Renamed from get_sym, added line number argument. Print messages
if verbose.
(get_sym): New macro.
(xbasename): Function deleted.
(HORIZ): New macro.
(main): Turn off output buffering. Print messages before and after calling
functions in loaded libraries. Disable first set of tests, that don't call any
functions. Test gssapi library without loading any other libraries, then test
it after loading com_err, and unload com_err first.
Ken Raeburn [Wed, 9 Feb 2005 00:41:40 +0000 (00:41 +0000)]
There is a memory leak here, if a thread has registered some per-thread data
when we delete the key. Fixing it will require walking through the per-thread
data of every thread and freeing the objects... and watching for deadlocks in
the case where a thread is exiting at the same time.
* threads.c (k5_key_delete) [pthread case]: Reset flags and destructor function
pointer to unset state.
(krb5int_thread_support_init, krb5int_thread_support_fini): If
SHOW_INITFINI_FUNCS is defined, print some tracing messages.
Ken Raeburn [Wed, 9 Feb 2005 00:11:14 +0000 (00:11 +0000)]
Build system support for a library having more than one init/fini symbol
defined, when using linker options to specify these functions. Now
LIBINITFUNC/LIBFINIFUNC are considered lists of symbols, ordered from
lowest-level (init run first, fini run last) to highest-level.
* lib.in (config.status): Change target to be in $thisconfigdir rather than
local.
(osf1.exports): Create a temporary file then rename into place. Add options
for library init/fini symbols, handling multiple values.
* shlib.conf (case alpha*-dec-osf*): Don't handle init/fini symbols here.
(case mips-sgi-irix*): Handle multiple init/fini symbols. Always set $initfini
before it gets used.
(case *-*-solaris*, not gcc): Handle multiple init/fini symbols.
(case *-*-aix*): Handle multiple fini symbols.
Ken Raeburn [Thu, 3 Feb 2005 00:27:33 +0000 (00:27 +0000)]
* Makefile.in (gssapi.h): Change SIZEOF symbols to start with GSS_ when
extracting from autoconf.h. Don't look for HAVE_ or USE_ symbols. Add
${include_xom} to the prologue.
(include_xom): New variable.
* gssapi.h: Always include stddef.h unconditionally.
(GSS_SIZEOF_INT, GSS_SIZEOF_LONG, GSS_SIZEOF_SHORT): Don't define.
* k5-thread.h (k5_os_mutex_lock): Under Irix, invoke
k5_pthread_mutex_lock() with the k5_os_mutex, not the
pthread_mutex_t.
(k5_pthread_assert_locked,unlocked): If DEBUG_THREADS not used, provide
correct prototype. Add missing close paren.
Test programs show that under irix, the mutex locking/unlocking code was
working - even with the wrong memory use... I do not understand why.
Jeffrey Altman [Mon, 17 Jan 2005 23:57:51 +0000 (23:57 +0000)]
Some applications such as Eudora on Windows load and unload the Kerberos
libraries as part of a plug-in. Plugins are often loaded for a specific
purpose and then unregistered. In order to support this model, the libraries
must restore the library state to the uninitialized state when the library
is unloaded.
Ezra Peisach [Mon, 17 Jan 2005 17:37:27 +0000 (17:37 +0000)]
* gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): More memory leaks
fixed as introduced in ticket #2541. Do not rely on knowledge that
upon failure from krb5_cc_retrieve_cred, returned credential data
is untouched.
Testsuite passes all tests, but would like another set of eyes to look over code
before closing ticket.
Jeffrey Altman [Sat, 15 Jan 2005 06:34:08 +0000 (06:34 +0000)]
* cp_key_cnt.c, copy_princ.c:
prevent krb5_copy_principal() and krb5_copy_keyblock() from
calling malloc(0). On platforms in which malloc(0) returns
NULL, these functions will return an ENOMEM error the way
they were written.
Tom Yu [Fri, 14 Jan 2005 06:02:01 +0000 (06:02 +0000)]
* authgss_prot.c (xdr_rpc_gss_wrap_data): Use xdr_alloc to avoid
size limit issues. Use (unsigned int)-1 instead of MAX_NETOBJ_SZ.
(xdr_rpc_gss_unwrap_data): Use (unsigned int)-1 instead of
MAX_NETOBJ_SZ.
* xdr.c (xdr_bytes): Don't assign from *sizep if XDR_FREE, since
it'll be uninitialized then. Shuts up Purify.
Ken Raeburn [Fri, 14 Jan 2005 05:03:48 +0000 (05:03 +0000)]
* k5-thread.h (k5_pthread_assert_locked): Only call pthread_equal if
thread support is loaded.
(k5_pthread_mutex_unlock): Use k5_pthread_assert_locked instead of
duplicating it.
Ken Raeburn [Fri, 14 Jan 2005 03:24:48 +0000 (03:24 +0000)]
* yarrow.c (yarrow_reseed_locked): Renamed from krb5int_yarrow_reseed and made
static.
(Yarrow_detect_fork, yarrow_input_maybe_locking, krb5int_yarrow_output_Block):
Call it.
(krb5int_yarrow_reseed): New function, grabs lock and calls the old version.
(krb5int_yarrow_final): Hold the lock until after clearing the Yarrow context
data.
Ken Raeburn [Fri, 14 Jan 2005 03:19:39 +0000 (03:19 +0000)]
More paranoid checking...
* k5-thread.h (k5_os_mutex) [pthread case]: Add new field "owner" if
DEBUG_THREADS.
(k5_pthread_mutex_lock, k5_pthread_mutex_unlock, k5_pthread_assert_locked): New
macros/functions; if DEBUG_THREADS, set or check the owner field.
(K5_OS_MUTEX_PARTIAL_INITIALIZER) [pthread case && DEBUG_THREADS]: Set the
owner field. If PTHREAD_ERRORCHECK_MUTEX_INITIALIZER_NP is defined, use it.
(k5_os_mutex_lock, k5_os_mutex_unlock, k5_os_mutex_assert_locked) [pthread
case]: Use k5_pthread_ versions.
(k5_mutex_destroy): Update the location data with the mutex locked, before
destroying it.
(k5_mutex_unlock): Update the location data while the mutex is still locked,
and check the assertion that the mutex really is locked. Convert inline
function to macro.
Jeffrey Altman [Thu, 13 Jan 2005 11:51:30 +0000 (11:51 +0000)]
correction to previous commit. do not call krb5_gss_release_cred()
if the cred was not acquired. destroy each field of the cred one
piece at a time based upon what was allocated.
Ken Raeburn [Wed, 12 Jan 2005 18:24:44 +0000 (18:24 +0000)]
* default.exp (start_tail): New proc. Handles GNU tail race condition with
less delay than the old code that was in start_kerberos_daemons.
(start_kerberos_daemons): Call start_tail for both log files.
Ken Raeburn [Wed, 12 Jan 2005 01:06:04 +0000 (01:06 +0000)]
* gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Free credentials retrieved from
ccache before returning. Based on patch from fumihiko kakuma
<kakuma@valinux.co.jp>. Also whitespace changes for readability.
Ken Raeburn [Sun, 9 Jan 2005 06:03:56 +0000 (06:03 +0000)]
* k5-thread.h (KRB5_CALLCONV, KRB5_CALLCONV_C): Define if not defined.
(krb5int_mutx_lock_update_stats, krb5int_mutex_unlock_update_stats,
krb5int_mutex_report_stats) [!DEBUG_THREADS_STATS]: Declare, with KRB5_CALLCONV.
(k5_debug_make_loc): Change "lineno" to type int.
(k5_debug_make_loc): Likewise for argument "line".
Jeffrey Altman [Wed, 5 Jan 2005 07:51:46 +0000 (07:51 +0000)]
Add new function krb5_boolean krb5_is_thread_safe(void) to library.
This function simply reports whether or not ENABLE_THREADS was specified
at compile time. It is meant to be used by applications which need to
know whether or not multithread libraries must be initialized OR
whether or not calls to Kerberos library functions from multi-threaded
applications must be protected by an application global mutex.
Ken Raeburn [Mon, 3 Jan 2005 19:30:18 +0000 (19:30 +0000)]
krb5_parse_name not thread-safe, not responsive to environment changes
As Ezra noted, krb5_parse_name saves away the default realm the first
time it looks it up, and will never look it up again, even if the
config file has changed, the context isn't the same one, etc. It also
used a static variable which wasn't thread-safe.
With this patch, we still won't catch changes in the config file
specification after the default realm has been looked up for a given
krb5_context, because it's cached in the context too, but this will at
least be more responsive, and thread safe.
* parse.c (krb5_parse_name): Don't cache the default realm name.
Ken Raeburn [Thu, 30 Dec 2004 22:08:18 +0000 (22:08 +0000)]
run "make depend"
In most library directories, this just affects where the line breaks
are. In most other directories, it's just dropping a trailing blank
line. One or two files really do have updated dependencies.
Ken Raeburn [Thu, 30 Dec 2004 22:05:12 +0000 (22:05 +0000)]
Do the target object file name hacking in "make depend" earlier, before the
line breaks are recomputed, instead of after. This will result in lots of
whitespace changes in dependencies in directories that build library object
files, but the final output is nicer (fewer long lines), and running "make
depend" uses one fewer invocation of sed (balancing out the extra one I added
in another checkin earlier today).
* config/post.in (.depend): Don't do target name munging here.
(.depfix2.sed): Pass extra value $(STLIBOBJS).
* util/depfix.sed: Don't change foo.o to $(OUTPRE)foo.$(OBJEXT) here.
* util/depgen.sed: Add new argument for STLIBOBJS. Do the OUTPRE/OBJEXT
substitution here, and if STLIBOBJS is non-empty, add foo.so and foo.po while
we're at it.
Ken Raeburn [Thu, 30 Dec 2004 21:12:41 +0000 (21:12 +0000)]
* post.in (.depend): Delete blank lines in generated file.
(DEP_CFG_VERIFY, DEP_VERIFY, depend-verify-*, .depend-verify-*, .depfix2.sed):
Move all the flag files to $(BUILDTOP) so there'll be only one of each.
Ezra Peisach [Sat, 25 Dec 2004 15:29:39 +0000 (15:29 +0000)]
Memory leaks in ccache due to thread integration
* cc_file.c (krb5_fcc_close): Free the cache id.
(dereference): When removing fcc_set entry from list, free the
pointer as well.
The first was accidently dropped in the dereference code writing.
The cache id pointer is never freed.
The second error is the removal of the krb5_fcc_data from the linked list.
The fcc_set is removed from the chain, but the memory for the removed fcc_set
is never freed.
Ken Raeburn [Fri, 17 Dec 2004 23:58:47 +0000 (23:58 +0000)]
can't build shared libraries on sparc64-netbsd
Current trunk code fails to build shared libraries on sparc64-netbsd
because the generated relocations with -fpic don't have the range
necessary. In general, any platform with sparc support that we want
to build for should use -fPIC instead of -fpic, with gcc. (I haven't
checked whether openbsd or freebsd support sparc these days; I think
they're the only ones in our shlib.conf that we might care about.)
* shlib.conf (*-*-netbsd*): Use -fPIC instead of -fpic, which won't work on
sparc64 at least.
Jeffrey Altman [Thu, 16 Dec 2004 19:57:17 +0000 (19:57 +0000)]
2004-12-16 Jeffrey Altman <jaltman@mit.edu>
* cc_mslsa.c:
Temporarily deactivate support for KerbSubmitTicketMessage
and KerbQueryTicketCacheEx2Message until the new Platform SDK
becomes publicly available.
Jeffrey Altman [Wed, 15 Dec 2004 08:25:28 +0000 (08:25 +0000)]
2004-12-15 Jeffrey Altman <jaltman@mit.edu>
* cc_mslsa.c:
- Activate support for KerbSubmitTicketMessage
- Activate support for KerbQueryTicketCacheEx2Message
- Add locale support for regions which use MultiByte characters
projects / thirdparty / krb5.git / log
