Tom Yu [Sun, 2 May 1999 22:58:37 +0000 (22:58 +0000)]
* kdc_util.c (kdc_process_tgs_req): If not using the reply cache,
properly handle a failure return from
krb5_rd_req_decode_anyflag().
[pullup from trunk]
Tom Yu [Sat, 24 Apr 1999 03:17:04 +0000 (03:17 +0000)]
* update_utmp.c (pty_update_utmp): utx.ut_pid is a pid_t, and
ent.ut_pid is sometimes a short; accordingly, use pid rather than
ent.ut_pid, which might have gotten truncated. This fixes an Irix
problem found by <rbasch@mit.edu>.
Tom Yu [Fri, 23 Apr 1999 20:03:22 +0000 (20:03 +0000)]
* update_wtmp.c: Don't use updwtmpx() even if it exists for glibc
2.1, since it's the same as updwtmp(), and glibc doesn't
define PATH_WTMPX. updwtmpx() is not part of the XPG
standard anyway. (Needed for RedHat 6.0.)
[pullup from trunk]
wrap_size_limit.c (krb5_gss_wrap_size_limit): Fix wrap_size limit so
that it correctly calculates its results, and underestimates the
correct size instead of overestimating it, and not returning zero all
the time. (Which it used to do after the March 25 fix.)
Tom Yu [Wed, 21 Apr 1999 19:37:15 +0000 (19:37 +0000)]
* configure.in: Check for setupterm() in libncurses in addition to
libcurses. Only set STREAMSPTY if both grantpt and
sys/streams.h exists. (Will be needed for Linux/Redhat 6.0)
[pullup from trunk]
Tom Yu [Sun, 28 Mar 1999 21:56:03 +0000 (21:56 +0000)]
* update_utmp.c (pty_update_utmp): If the ut_exit differs test
indicates the structures differ, and we don't have a special case,
do nothing rather than trying to copy the field. It's not worth
breaking the build over.
[pullup from trunk]
Theodore Tso [Sat, 27 Mar 1999 03:51:24 +0000 (03:51 +0000)]
[ Pullup to 1.0 branch]
acquire_cred.c (krb5_gss_acquire_cred): Don't use strcmp to compare
against principal components (they aren't null terminated!)
gssapi_krb5.c: Rearrange OID's so that the V1V2 mechanism set returns
all three mechanism ID's recognized by this implementation, with the
RFC1964 OID first (and thus preferred).
import_sec_context.c (krb5_gss_convert_static_mech_oid): Make the old
convert_static_oid() function globally accessible with a namespace
compliant name, since init_sec_context() needs to be able to use this
function.
indicate_mechs.c (krb5_gss_indicate_mechs): Return the both mechanism
set OID, since we should return all the mechanisms that we support.
init_sec_context.c (krb5_gss_init_sec_context): Make ctx->mech_used
use a static OID, since it is returned by gss_inquire_context which
must return a static OID.
wrap_size_limit.c (krb5_gss_wrap_size_limit): Fix bug where we would
overestimate the size of the allowable input message by one byte,
because we weren't passing the right estimate of the wrapped data to
g_token_size().
gssapi_krb5.c, gssapi_krb5.h: Export the oid of static arrays as
krb5_gss_oid_array since it's needed by gss_import_sec_context.
import_sec_context.c: Fix up the OID of the mechanism in the imported
security context so that we use the static OID if at all possible.
This is needed since gss_inquire_context() must return a static OID.
inq_names.c (krb5_gss_inquire_names_for_mech): Add the the new OID
value for the host-based service name and the exported name OID to the
list of OID's supported by this mechanism.
import_name.c (krb5_gss_import_name): Add support for the new OID
value for the host-based service name.
krb5_gss_glue.c: Add GSSAPI V2 calls to the glue layer.
import_name.c (krb5_gss_import_name): Add support for importing the
exported name call
Makefile.in: Add canon_name.c, duplicate_name.c, export_name.c to the
GSSAPI library.
canon_name.c (krb5_gss_canonicalize_name): New GSSAPI V2 function
duplicate_name.c (krb5_gss_duplicate_name): New GSSAPI V2 function
export_name.c (krb5_gss_export_name): New GSSAPI V2 function
gssapiP_krb5.h (KG_IMPLFLAGS): Add support for GSS_C_PROT_STATE_READY
and GSS_C_TRANS_FLAG
Theodore Tso [Sat, 27 Mar 1999 03:16:01 +0000 (03:16 +0000)]
[ Pullup from mainline ]
util_buffer.c (g_make_string_buffer): Don't include the trailing NULL
of the string in the gss buffer's length.
util_ordering.c (g_order_free):
rel_oid_set.c (generic_gss_release_oid_set):
disp_major_status.c: General lint cleanup.
util_oid.c (g_copy_OID_set): Copy the OID set with entirely dynamic
memory (don't alias the contents of the OID set).
disp_major_status.c (g_display_major_status): Fix a typo in previous.
disp_major_status.c (display_unknown): Change to not return
GSS_S_CONTINUE_NEEDED, per the standard C bindings specification.
gssapi_generic.c: Add support for the new OID value for host-based
service name.
gssapi_generic.c, gssapi_generic.h: Added definition for the generic
gsspi OID type "gss_nt_exported_name".
gssapi.hin: Add the GSS_C_PROT_READY_FLAG and GSS_C_TRANS_FLAG Add
prototypes for the V2 functions gss_export_name(),
gss_duplicate_name(), and gss_canonicalize_name().
Tom Yu [Fri, 26 Mar 1999 04:16:56 +0000 (04:16 +0000)]
* ftpd.c (login): Check that the luid is not the uid we want to
change to prior to calling setluid() so that we can run as
non-root.
[pullup from trunk]
Tom Yu [Wed, 24 Mar 1999 22:22:36 +0000 (22:22 +0000)]
* ftpcmd.y (urgsafe_getc): New function; like getc() except it
retries once if SIOCATMARK returns TRUE.
(getline): Use urgsafe_getc() rather than getc() to avoid problems
with certain Mac clients that cause the urgent pointer to end up
in a location that results in EOF from getc().
[pullup from trunk]
Tom Yu [Mon, 22 Mar 1999 22:01:11 +0000 (22:01 +0000)]
* g_cnffile.c: Use krb5__krb4_context instead of init'ing and
free'ing a krb5_context each time we need to read data
from the configuration file. We also define
krb5__krb4_context in g_cnnfile.c, since it's a likely
that any use of the krb4 library will pull in that file.
Tom Yu [Tue, 9 Mar 1999 03:42:46 +0000 (03:42 +0000)]
* sendauth.c (krb5_sendauth): Set credspout to NULL if it's
destined to be returned to avoid freeing it. Also,
unconditionally free credspout if it's non-NULL so that if someone
doesn't pass in a ticket and doesn't give us a non-NULL out_creds,
we don't leak it. [krb5-libs/699]
[pullup from trunk]
Tom Yu [Fri, 5 Mar 1999 22:00:51 +0000 (22:00 +0000)]
* replay.c (kdc_check_lookaside):
(kdc_insert_lookaside): Add code to originating address of packet,
as krb4 initial ticket requests don't contain an address. This
would cause a subtle problem wherein two simultaneous krb4 initial
ticket requests for the same principal originating from different
addresses would result in both replies containing the same
address.
* kdc_util.h: Modify prototype for lookaside functions.
* dispatch.c (dispatch): Update to new calling conventions of the
lookaside functions.
[pullup from trunk]
Tom Yu [Fri, 5 Mar 1999 03:46:17 +0000 (03:46 +0000)]
* krshd.c (doit): Apply ghudson's patch so that rshd passes the
port numbers for the local and foreign addresses so that
the V4 encrypted RCP will work correctly. [krb5-appl/638]
* v4rcp.c (answer_auth): Apply ghudson's patch so that if
KRB5LOCALPORT and KRB5REMOTEPORT are set, use them to set
the foreign and local ports so that encrypted rcp for the
same machine. [krb5-appl/638]
[pullup from trunk]
Tom Yu [Fri, 5 Mar 1999 03:17:49 +0000 (03:17 +0000)]
* krb5.tex (krb5_mk_safe): Fix reference to a non-existent flag.
(KRB5_AUTH_CONTEXT_DO_TIME_NOTIME should have been
KRB5_AUTH_CONTEXT_DO_TIME). [krb5-doc/528]
[pullup from trunk]
Tom Yu [Tue, 2 Mar 1999 02:28:31 +0000 (02:28 +0000)]
* ovsec_kadmd.c (log_badverf): Actually make a real lookup table
for procedure numbers. Also, if we don't find the procedure
number, just log the number rather than falling off the end of an
array.
[pullup from trunk and slightly backported]
Tom Yu [Fri, 26 Feb 1999 04:40:56 +0000 (04:40 +0000)]
* ftpd.c (reply): Don't call secure_gss_error() or secure_error()
from within reply() to avoid setting up an infinite
loop. [krb5-appl/684]
[pullup from trunk]
Tom Yu [Fri, 26 Feb 1999 04:17:45 +0000 (04:17 +0000)]
* secure.c (secure_putbuf): Revert Sam's last change; if
FUDGE_FACTOR is wrong, then badness can happen. Also, if
out_buf.length != nbytes+FUDGE_FACTOR, heap corruption could
happen. We really should be using gss_wrap_size_limit() or
something like that, but doing so would require substantial
amounts of reworking. [krb5-appl/685]
[pullup from trunk]
Tom Yu [Thu, 25 Feb 1999 23:57:08 +0000 (23:57 +0000)]
* tf_util.c (tf_init): Add call to getuid() to initialize me
* tf_util.c (tf_init): Fixed a potential race condition in the opening
of v4 ticket files. tf_init() was calling lstat() followed by fopen().
Now it calls fopen() and then calls lstat() and fstat() to check file
ownership and to check that it opened the file it thought it did. I
patched the shared memory code similarly, but since nothing uses it I
don't have a good way to test it properly.
[pullup from trunk]
Tom Yu [Tue, 23 Feb 1999 03:36:38 +0000 (03:36 +0000)]
* kcmd.c (kcmd): Fix up to not call sname_to_principal until after
all the addresses in hp have been iterated through to avoid
smashing. [krb5-appl/516]
[pullup from trunk]
Tom Yu [Sat, 20 Feb 1999 03:08:44 +0000 (03:08 +0000)]
* wrap_size_limit.c (krb5_gss_wrap_size_limit): Fix to round down
by 8 even if the req_output_size-ohlen is a multiple of 8, since
the wrap token is always padded regardless of whether it's a
mutiple of 8 bytes.
[pullup from trunk]
Tom Yu [Sat, 20 Feb 1999 02:34:19 +0000 (02:34 +0000)]
* ftpcmd.y (cmd): Don't allow the PORT command to accept a port
number lower than 1024; this prevents some nasty ftp
"bounce attacks" to SMTP ports, etc.
Tom Yu [Thu, 18 Feb 1999 00:47:13 +0000 (00:47 +0000)]
* klogind.M: Document things a little better, including new
options controlling hostname manipulation.
* krlogind.c: Make use of pty_make_sane_hostname() for purposes of
manipulating hostname to pass to login. Also unconditionally
syslog IP address and full hostname of remote host. Add command
line options to control such behavior.
* configure.in: Add arpa/nameser.h to CHECK_HEADERS.
Tom Yu [Fri, 4 Dec 1998 00:45:04 +0000 (00:45 +0000)]
* asn1_k_decode.c (asn1_decode_krb5_flags): Modify to deal with
BIT STRING values that are not exactly 32 bits. Throw away bits
beyond number 31 in a bit string for now. Deal with masking out
unused bits.
[pullup from trunk]
Tom Yu [Wed, 2 Dec 1998 00:23:32 +0000 (00:23 +0000)]
* asn1buf.c (asn1buf_sync): interoperation testing against heimdal
revealed a bug. if extra fields are present in a SEQUENCE, they
are not ignored and skipped. This caused the decoder to get out
of sync.
[pullup from trunk]
Tom Yu [Fri, 11 Sep 1998 16:27:14 +0000 (16:27 +0000)]
* prof_tree.c (profile_delete_node_relation): Fix bug where
deleting a node would corrupt the linked list.
(profile_add_node): Fix another linked list corruption
problem where an insertion into the middle of the linked
list didn't update a previous link. [krb5-libs/615]
[pullup from trunk]
Tom Yu [Fri, 11 Sep 1998 16:00:47 +0000 (16:00 +0000)]
* ftp.c (getreply): Restore proper setting of safe. This variable
was previously being set to the value of code rather than to the
boolean expression (code == 631), which it had been previously.
The bug resulted in all replies from the server being parsed as
krb_safe messages even when they were krb_priv messages.
[pullup from trunk]
Tom Yu [Fri, 11 Sep 1998 15:49:07 +0000 (15:49 +0000)]
* krcp.c (error): Don't call rcmd_stream_write if iamremote is not
set, because it expects a valid file descriptor [krb5-appl/359].
Also, remove mistakenly duplicated comment above the function.
* krlogin.c (main): Apply ghudson's patch so that rlogin -a
no longer dumps core. [krb5-appl/612]
* login.c: Replace strcpy with strncpy in places. Add nul
termination to some existing invocations of strncpy.
[pullups from trunk]
Tom Yu [Thu, 10 Sep 1998 23:29:29 +0000 (23:29 +0000)]
* chk_trans.c: Fix up previous fix; short-circuit out when
trans->length == 0.
* chk_trans.c (krb5_check_transited_list): Fix use of an
uninitialized variable; apparently the code was depending
on the stack garbage being non-zero(!)
[pullup from trunk]
Tom Yu [Wed, 22 Apr 1998 00:39:59 +0000 (00:39 +0000)]
* configure.in: Add CHECK_SIGNALS and CHECK_SETJMP to help with
changes in ftpd.c.
* ftpd.c (receive_data):
(send_data): Add support for sigsetjmp().
(main): Use sigaction() if we can to avoid SysV lossage.
(send_file_list): Oops missed a sigsetjmp() call.
(send_data): Add call to secure_flush() to send a zero length
buffer when aborting.
(send_file_list): Add call to secure_flush() to send a zero length
buffer when aborting.
* ftpcmd.y (PBSZ): Remove restriction on shrinking buffer size.
* ftpcmd.y: Add production "nonguest" to catch things that
anonymous users aren't supposed to do. Replace "check_login" with
"nonguest" in a few places to prevent w4r3z d00dz from being
lame with world-writable incoming directories.
Tom Yu [Wed, 22 Apr 1998 00:38:37 +0000 (00:38 +0000)]
* secure.c (secure_putbyte): Set nout = 0 *before* calling
secure_putbuf: if the transfer is aborted, the SIGURG handler will
longjmp out, so the line after the secure_putbuf will never get
executed, so nout would never be reset and the next transfer
would overrun ucbuf.
projects / thirdparty / krb5.git / log
