Changed GSSAPI opaque types (gss_name_t, gss_cred_id_t, gss_ctx_id_t) from
void* to pointers to opaque structs. This change removed some casts and
introduced or changed a bunch of other casts to suppress warnings.
krb5_gss_accept_sec_context(): Fixed a bug found by the above changes
where krb5_gss_release_cred() was being called with the wrong argument 2
(gss_cred_id_t instead of gss_cred_id_t*).
KFW integrated login was failing when the user is
not a power user or administrator. This was occurring
because the temporary file ccache was being created in
a directory the user could not read. While fixing this
it was noticed that the ACLs on the ccache were too broad.
Instead of applying a fix to the FILE: krb5_ccache
implementation it was decided that simply applying a new
set of ACLs (SYSTEM and "user" with no inheritance) to
the file immediately after the krb5_cc_initialize() call
would close the broadest security issues.
The file is initially created in the SYSTEM %TEMP% directory
with "SYSTEM" ACL only. Then it is moved to the user's %TEMP%
directory with "SYSTEM" and "user" ACLs. Finally, after
copying the credentials to the API: ccache, the file is deleted.
acquire_cred(), kg_caller_provided_ccache_name(): On further reflection
and testing the correct thing appears to be to have gss_krb5_ccache_name()
stop gss_acquire_cred() from searching for the desired name in the cache
collection. If the caller sets the ccache name then gss_acquire_cred will only
look in that ccache. Added kg_caller_provided_ccache_name() to tell whether
or not the caller has actually set the ccache. This should fix the problem for
both Mac OS X and Windows.
Ken Raeburn [Wed, 19 Jul 2006 16:14:57 +0000 (16:14 +0000)]
need to look harder for tclConfig.sh
Our current scheme doesn't find tclConfig.sh as installed by NetBSD's
pkg system, even if it finds tclsh and gets the library pathname from
it. The problem is that tclConfig.sh is one directory up.
* aclocal.m4 (AC_KRB5_TCL_FIND_CONFIG): Check $tcl_dir/.. for tclConfig.sh.
acquire_cred(): Realized that my previous patch now basically favors the
ccache over the desired name. Added a KLL function to search for the
desired name, favoring the default ccache.
This commit corrects errors in the Wix installer script
files that violate the Wix schema but which were not
caught by earlier releases of the Wix 2.0 installer.
Ken Raeburn [Tue, 18 Jul 2006 00:40:19 +0000 (00:40 +0000)]
Merge remaining changes from LDAP integration branch
svn+ssh://svn.mit.edu/krb5/branches/ldap-integ@18333.
* plugins/kdb/ldap: New directory.
* aclocal.m4 (WITH_LDAP): New macro.
(CONFIG_RULES): Invoke it.
* configure.in: Test ldap option, maybe configure and generate makefiles for
new directories, and set and substitute ldap_plugin_dir.
* Makefile.in (SUBDIRS): Add @ldap_plugin_dir@.
* lib/kdb/kdb5.c (kdb_load_library): Put more info in error message.
* lib/kadm5/admin.h (KADM5_CPW_FUNCTION, KADM5_RANDKEY_USED,
KADM5_CONFIG_PASSWD_SERVER): New macros, disabled for now.
(struct _kadm5_config_params): New field kpasswd_server, commented out for now.
* lib/krb5/error_tables/kdb5_err.et: Add error codes KRB5_KDB_ACCESS_ERROR,
KRB5_KDB_INTERNAL_ERROR, KRB5_KDB_CONSTRAINT_VIOLATION.
Cleaned up CCAPI v3 code to remove memory leaks. Fixed crashes in
cc_ccache <-> krb5_ccache translation code. Still testing edge cases but
the code seems to work now with the KfM CCAPI implementation.
Ken Raeburn [Fri, 30 Jun 2006 23:22:32 +0000 (23:22 +0000)]
test kdb5_util dump/load functionality in dejagnu
This new test just dumps and reloads the database. It doesn't examine
the resulting database, but kinit and other tests are run after it,
using the reloaded database.
* standalone.exp (dump_and_reload): New proc.
(doit): Invoke it.
Ken Raeburn [Fri, 30 Jun 2006 21:05:21 +0000 (21:05 +0000)]
* kdb_db2.c: Don't include kdb_compat.h.
(OLD_COMPAT_VERSION_1): Don't define.
(krb5_db2_db_create): For temporary db, use different names for all files.
(krb5_db2_open, krb5_db2_create, krb5_db2_destroy): Fix check for "temporary"
in supplied db_args.
(krb5_db2_db_rename): New function, restored from pre-DAL code and hacked up
a lot to mostly work.
(krb5_db2_promote_db): New function.
* db2_exp.c: Add promote_db entry.
Tom Yu [Fri, 30 Jun 2006 05:59:46 +0000 (05:59 +0000)]
* src/lib/krb5/krb/srv_rcache.c (krb5_get_server_rcache):
Oops, krb5_rc_close actually does free rcache, so actually do null
rcache on error from krb5_rc_recover_or_initialize. Thanks to
Shawn Emery for noticing.
Tom Yu [Fri, 30 Jun 2006 03:57:20 +0000 (03:57 +0000)]
* src/lib/krb5/krb/srv_rcache.c (krb5_get_server_rcache): Adapted
patch from Shawn Emery to set rcache = 0 in case of
krb5_rc_resolve_full failure because krb5_rc_resolve_full frees
but doesn't null rcache. Also restore free of rcache in cleanup
code. Continue to not null rcache in failure on
krb5_rc_recover_or_initialize because krb5_rc_close doesn't free
rcache.
Ken Raeburn [Thu, 29 Jun 2006 23:51:55 +0000 (23:51 +0000)]
* kdb5_util.c (add_db_arg): New function.
(main): Use it.
* kdb5_util.h (add_db_arg): Declare it.
* kdb5_create.c (kdb5_create): Use it.
* dump.c (load_db): Use it.
Tom Yu [Thu, 29 Jun 2006 22:12:19 +0000 (22:12 +0000)]
re-order inclusions in spnego_mech.c to avoid breaking system headers
* src/lib/gssapi/spnego/spnego_mech.c: Move inclusion of
gssapiP_spnego.h to after mglueP.h. mglueP.h includes
k5-thread.h, which pulls in the pthread headers, which on at least
some Tru64 versions is vulnerable to definitions of non-reserved
macro names such as CONTEXT, which is defined in
gssapiP_spnego.h.
ticket: new
tags: pullup
target_version: 1.5
version_reported: 1.5
component: krb5-build
Ken Raeburn [Thu, 29 Jun 2006 21:29:03 +0000 (21:29 +0000)]
* lib/gssapi/Makefile.in: Merge the new target into the existing
target list with generated headers mostly in subdirectories, which
happens to be inside a "##DOS##!if 0" block, since the all-recurse
target isn't defined for Windows.
Ezra Peisach [Thu, 29 Jun 2006 13:26:42 +0000 (13:26 +0000)]
Makefile.in: Change T_STD_CONF_OBJS to only list t_std_conf.o and pull in the
rest from libkrb5. This fixes the problem of linking in init_os_ctx.o which
was trying to use the private copy_profile() that was not exported.
Also - updated dependencies - init_os_ctx.c now includes prof-int.h...
Ken Raeburn [Thu, 29 Jun 2006 01:42:42 +0000 (01:42 +0000)]
check calling conventions specified for Windows
When we're making changes on UNIX, sometimes we update the Windows
export list but forget to make sure we've annotated the function
declaration in the header file with a calling convention
specification.
This patch checks the krb5 and gssapi public headers against the
Windows export lists (which are annotated with calling-convention and
other info in comments), and flags any inconsistencies in public
interfaces.
* util/def-check.pl: Be quiet about normal stuff by default; accept a
"-v" option to be verbose. Exit with non-zero status if something
wrong is detected. Fix some problems in parsing gssapi header files.
Handle DECSCRIPTION and HEAPSIZE directives in .def files, and DATA
annotation in comments.
* include/Makefile.in (verify-calling-conventions-krb5): New target.
(all-unix): Depend on it in maintainer mode.
* lib/gssapi/Makefile.in (verify-calling-conventions-gssapi): New target.
(all-unix): Depend on it in maintainer mode.
(merged-gssapi-header.h): New target; assemble public headers into one input
file.
(clean-misc-unix): New target; delete merged-gssapi-header.h.
(clean-unix): Depend on it.
Jeffrey Altman [Wed, 28 Jun 2006 23:00:09 +0000 (23:00 +0000)]
cc_mslsa.c: The WOW64 environment on 64-bit versions of
Windows prior to Vista Beta 2 did not implement the Lsa
functions used by the MSLSA: ccache. This patch disables
the MSLSA: ccache in broken WOW64 environments by checking
the Windows version and the existence and response of the
IsWow64Process API.
Ken Raeburn [Wed, 28 Jun 2006 05:31:52 +0000 (05:31 +0000)]
allow multiple calls to krb5_get_error_message to retrieve message
(krb5int_get_error): Don't discard old message if the error codes don't match.
Try a little harder not to keep messages in the scratch buffer. Return a copy
of the message, or "out of memory" in the scratch buffer.
(krb5int_vset_error): Try a little harder not to keep messages in the scratch
buffer.
Ken Raeburn [Wed, 28 Jun 2006 05:18:38 +0000 (05:18 +0000)]
implement symbol export restrictions for Solaris
* lib.in (solaris.versions): New target. Currently no version id, just a
symbol list.
* libnover.in (solaris.versions): New target.
(clean-libs): Delete it.
* shlib.conf (*-*-solaris*): Use solaris.versions as map file.
(clean-libs): Delete it.
Ken Raeburn [Tue, 27 Jun 2006 00:00:03 +0000 (00:00 +0000)]
Revise comment on when we should switch from writing back to reading
on a TCP stream. (We don't currently, ever, and we probably should
eventually, but sometimes closing the connection is required.)
Ken Raeburn [Mon, 26 Jun 2006 23:47:03 +0000 (23:47 +0000)]
* kdc/network.c (make_toolong_error): New function.
(process_tcp_connection): If the specified length exceeds the internal limit,
stop reading and send back a FIELD_TOOLONG error.
* tests/dejagnu/krb-standalone/standalone.exp (doit): When testing TCP mode,
connect to the KDC and send a length of -1, and check that it sends back a
non-empty message.
Jeffrey Altman [Sun, 25 Jun 2006 19:21:41 +0000 (19:21 +0000)]
NetIDMgr updates
* add scrollbars to option tree pane in configuration dialog
* convert to using Microsoft's safe string library both to ensure
safe string manipulation and to avoid deprecation warnings
* disable deprecation warnings for Platform SDK header shlwapi.h
which cannot otherwise be compiled
* add kerberos 5 kvno property to tickets. display in properties
dialog and main window if column selected by user
* improve manifest handling in order to support both manifests
generated by the compiler and those hand crafted in order to
specify the correct versions of the custom control libraries.
* update khimaira message types and credential acquisition
documentation
Ken Raeburn [Sat, 24 Jun 2006 02:39:52 +0000 (02:39 +0000)]
Fix krb5_get_profile to create a new profile duplicating the list of
files from the one in the provided context, instead of constructing
and checking the file list from scratch. Uses a new function in the
profile library, not put into the public API yet.
* util/profile/prof_init.c (profile_copy): New function.
* util/profile/prof_int.h (profile_copy): Declare it.
* lib/krb5/os/Makefile.in (LOCALINCLUDES): Look in the profile source dir.
* lib/krb5/os/init_os_ctx.c (krb5_get_profile): Replace all the previous code
with a call to profile_copy.
Tom Yu [Thu, 22 Jun 2006 22:23:02 +0000 (22:23 +0000)]
* src/lib/krb5/krb/srv_rcache.c (krb5_get_server_rcache): Apply
patch from Rainer Weikusat to avoid double-free when
rc_resolve_full() fails due to misconfiguration.
Tom Yu [Thu, 22 Jun 2006 21:31:15 +0000 (21:31 +0000)]
* src/lib/kadm5/ovsec_glue.c:
* src/lib/kadm5/unit-test/init-test.c:
* src/lib/kadm5/unit-test/iter-test.c:
* src/lib/kadm5/unit-test/lock-test.c: Include string.h to avoid
implicit definitions. Patch from Michael Calmer.
Ken Raeburn [Thu, 22 Jun 2006 19:18:19 +0000 (19:18 +0000)]
(clean-unix): Use DEPTARGETS_CLEAN instead of DEPTARGETS.
(DEPTARGETS_CLEAN, DEPTARGETS_@top_srcdir@_.): New targets; define so that
DEPTARGETS_CLEAN has the DEP_VERIFY targets only at the top level.
Sam Hartman [Thu, 22 Jun 2006 18:43:20 +0000 (18:43 +0000)]
r18022@luminous: jaltman | 2006-05-19 05:18:37 -0400
Updates of portable CCAPI sources. All code compiles.
r18025@luminous: jaltman | 2006-05-20 23:48:39 -0400
Construct an outline of a sample platform specific main.c
Add ccs_serv_cleanup() routine. Currently does nothing.
Correct field names used within the authorization check.
r18026@luminous: jaltman | 2006-05-22 02:25:43 -0400
More byte order conversions in the server operations code.
r18027@luminous: jaltman | 2006-05-22 13:12:49 -0400
Source files containing common routines used by both
the client and the server.
r18028@luminous: jaltman | 2006-05-22 13:17:07 -0400
Move msg.c and marshall.c to common library.
Add dllmain.c which contains the Windows DllMain() entry
point. This must be moved later to a Windows specific
directory.
Cleanup type usage and function name references.
All that is missing now from the client DLL is a definition
of cci_perform_rpc() which is the entry point to the IPC
routine.
r18029@luminous: jaltman | 2006-05-22 13:18:27 -0400
Move generic list functions to common/generic_lists.c
so they can be used by both the client dll and the server.
r18094@luminous: jaltman | 2006-06-09 10:42:04 -0400
* corrections to windows rpc layer
* corrections to network byte order conversions
r18095@luminous: lxs | 2006-06-09 17:46:24 -0400
cci_msg_retrieve_blob(): changed argument 4 from void** to char**
to suppress the warnings from gcc.
r18096@luminous: lxs | 2006-06-09 17:55:32 -0400
moved enum cc_list_type to generic_lists.h to avoid "incomplete enum"
warnings when compiling generic_lists.c
r18097@luminous: lxs | 2006-06-09 17:56:15 -0400
Removed ancient Metrowerks tests from public headers.
r18098@luminous: lxs | 2006-06-09 17:57:20 -0400
Include string.h to get memcpy, strlen, etc on BSD OSes.
r18099@luminous: lxs | 2006-06-09 17:59:36 -0400
Added Mac OS X project file and Mach-IPC support code
r18193@luminous: jaltman | 2006-06-22 12:57:14 -0400
This commit updates lib/krb5/ccache/ccapi to support CCAPI Version 3
and above. Specify -DUSE_CCAPI_V3=1 when compiling to use CCAPI Version 3
r18194@luminous: jaltman | 2006-06-22 12:58:37 -0400
Fix parameter name in cc_credentials_iterator_t next()
projects / thirdparty / krb5.git / log
