From: Joseph Sutton Date: Wed, 1 Nov 2023 22:24:35 +0000 (+1300) Subject: third_party/heimdal: Import lorikeet-heimdal-202311012221 (commit 87159bd32148be80a0d... X-Git-Tag: talloc-2.4.2~888 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=c2fe72fb213fc4d281715f755886a97b1cd0d39d;p=thirdparty%2Fsamba.git third_party/heimdal: Import lorikeet-heimdal-202311012221 (commit 87159bd32148be80a0d9bfc984db481e4a0f2831) Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett --- diff --git a/third_party/heimdal/kdc/pkinit.c b/third_party/heimdal/kdc/pkinit.c index 88aa2887fb7..d97ae227ae6 100644 --- a/third_party/heimdal/kdc/pkinit.c +++ b/third_party/heimdal/kdc/pkinit.c @@ -111,7 +111,7 @@ pk_check_pkauthenticator_win2k(krb5_context context, static krb5_error_code pk_check_pkauthenticator(krb5_context context, - PKAuthenticator *a, + const PKAuthenticator *a, const KDC_REQ *req) { krb5_error_code ret; @@ -1509,7 +1509,7 @@ _kdc_pk_mk_pa_reply(astgs_request_t r, pk_client_params *cp) if (ret) { close(fd); kdc_log(r->context, config, 0, - "PKINIT failed to stat ocsp data %d", ret); + "PKINIT failed to allocate ocsp data %d", ret); goto out_ocsp; } ocsp.data.length = sb.st_size; @@ -1649,8 +1649,12 @@ match_ms_upn_san(krb5_context context, goto out; if (list.len != 1) { - kdc_log(context, config, 0, - "More than one PKINIT MS UPN SAN"); + if (list.len) + kdc_log(context, config, 0, + "More than one PKINIT MS UPN SAN"); + else + kdc_log(context, config, 0, + "No PKINIT MS UPN SAN"); ret = KRB5_KDC_ERR_CLIENT_NAME_MISMATCH; goto out; } @@ -1662,7 +1666,7 @@ match_ms_upn_san(krb5_context context, } if (size != list.val[0].length) { free_MS_UPN_SAN(&upn); - kdc_log(context, config, 0, "Trailing data in "); + kdc_log(context, config, 0, "Trailing data in MS UPN SAN"); ret = KRB5_KDC_ERR_CLIENT_NAME_MISMATCH; goto out; } @@ -2139,7 +2143,7 @@ krb5_kdc_pk_initialize(krb5_context context, NULL, NULL); if (ret) { - krb5_warn(context, ret, "PKINIT: "); + krb5_warn(context, ret, "PKINIT: failed to load ID"); config->enable_pkinit = 0; return ret; } diff --git a/third_party/heimdal/kuser/kinit.c b/third_party/heimdal/kuser/kinit.c index a5e00c94339..d5410df05c2 100644 --- a/third_party/heimdal/kuser/kinit.c +++ b/third_party/heimdal/kuser/kinit.c @@ -1744,7 +1744,7 @@ main(int argc, char **argv) pk_anon_fast_armor = 0; } else if (argc && argv[0][0] == '@' && (gss_preauth_mech || anonymous_flag)) { - const char *instance; + const char *instance = NULL; if (gss_preauth_mech) { instance = KRB5_FEDERATED_NAME; diff --git a/third_party/heimdal/lib/hcrypto/rsa-ltm.c b/third_party/heimdal/lib/hcrypto/rsa-ltm.c index 49e35f5a38a..aec51da757a 100644 --- a/third_party/heimdal/lib/hcrypto/rsa-ltm.c +++ b/third_party/heimdal/lib/hcrypto/rsa-ltm.c @@ -167,7 +167,7 @@ ltm_rsa_public_encrypt(int flen, const unsigned char* from, unsigned char* to, RSA* rsa, int padding) { unsigned char *p = NULL, *p0 = NULL; - size_t size, ssize, padlen; + size_t size, ssize = 0, padlen; mp_int enc, dec, n, e; mp_err ret; int where = __LINE__; @@ -222,9 +222,9 @@ static int ltm_rsa_public_decrypt(int flen, const unsigned char* from, unsigned char* to, RSA* rsa, int padding) { - unsigned char *p; + unsigned char *p = NULL; mp_err ret; - size_t size; + size_t size = 0; mp_int s, us, n, e; int where = __LINE__; @@ -273,7 +273,7 @@ static int ltm_rsa_private_encrypt(int flen, const unsigned char* from, unsigned char* to, RSA* rsa, int padding) { - unsigned char *ptr, *ptr0 = NULL; + unsigned char *ptr = NULL, *ptr0 = NULL; mp_err ret; mp_int in, out, n, e; mp_int bi, b; diff --git a/third_party/heimdal/lib/hx509/ca.c b/third_party/heimdal/lib/hx509/ca.c index 1ca8d51da39..ee5d56af29c 100644 --- a/third_party/heimdal/lib/hx509/ca.c +++ b/third_party/heimdal/lib/hx509/ca.c @@ -442,7 +442,7 @@ hx509_ca_tbs_set_from_csr(hx509_context context, hx509_request req) { hx509_san_type san_type; - heim_oid oid = { 0, 0 }; + heim_oid oid = { 0, NULL }; KeyUsage ku; size_t i; char *s = NULL; @@ -2673,7 +2673,7 @@ set_template(hx509_context context, size_t i; for (i = 0; ret == 0 && ekus[i]; i++) { - heim_oid oid = { 0, 0 }; + heim_oid oid = { 0, NULL }; if ((ret = der_find_or_parse_heim_oid(ekus[i], ".", &oid)) == 0) ret = hx509_ca_tbs_add_eku(context, tbs, &oid); diff --git a/third_party/heimdal/lib/hx509/cms.c b/third_party/heimdal/lib/hx509/cms.c index c770b813262..6bf972ce492 100644 --- a/third_party/heimdal/lib/hx509/cms.c +++ b/third_party/heimdal/lib/hx509/cms.c @@ -242,7 +242,10 @@ unparse_CMSIdentifier(hx509_context context, if (len < 0) return ENOMEM; - ret = asprintf(str, "certificate with id %s", keyid); + if (len) + ret = asprintf(str, "certificate with id %s", keyid); + else + ret = asprintf(str, "certificate"); free(keyid); break; } @@ -925,7 +928,7 @@ hx509_cms_verify_signed_ext(hx509_context context, } for (found_valid_sig = 0, i = 0; i < sd.signerInfos.len; i++) { - heim_octet_string signed_data = { 0, 0 }; + heim_octet_string signed_data = { 0, NULL }; const heim_oid *match_oid; heim_oid decode_oid; @@ -1187,7 +1190,7 @@ add_one_attribute(Attribute **attr, } /** - * Decode SignedData and verify that the signature is correct. + * Sign and encode a SignedData structure. * * @param context A hx509 context. * @param flags @@ -1517,13 +1520,11 @@ hx509_cms_create_signed(hx509_context context, heim_octet_string *signed_data) { unsigned int i, j; - hx509_name name; int ret; size_t size; struct sigctx sigctx; memset(&sigctx, 0, sizeof(sigctx)); - memset(&name, 0, sizeof(name)); if (eContentType == NULL) eContentType = &asn1_oid_id_pkcs7_data; diff --git a/third_party/heimdal/lib/krb5/crypto-evp.c b/third_party/heimdal/lib/krb5/crypto-evp.c index 0ed749a243c..82237f1513a 100644 --- a/third_party/heimdal/lib/krb5/crypto-evp.c +++ b/third_party/heimdal/lib/krb5/crypto-evp.c @@ -126,7 +126,7 @@ _krb5_evp_hmac_iov(krb5_context context, ENGINE *engine) { HMAC_CTX *ctx; - krb5_data current = {0, 0}; + krb5_data current = {0, NULL}; int i; if (crypto != NULL) { diff --git a/third_party/heimdal/lib/roken/strerror.c b/third_party/heimdal/lib/roken/strerror.c index b5ec6918e69..93afee06506 100644 --- a/third_party/heimdal/lib/roken/strerror.c +++ b/third_party/heimdal/lib/roken/strerror.c @@ -38,7 +38,7 @@ #include extern int sys_nerr; -extern char *sys_errlist[]; +extern const char *const sys_errlist[]; ROKEN_LIB_FUNCTION char* ROKEN_LIB_CALL strerror(int eno) diff --git a/third_party/heimdal/lib/wind/UnicodeData.py b/third_party/heimdal/lib/wind/UnicodeData.py index 8ce3bcade27..74e76edbf06 100644 --- a/third_party/heimdal/lib/wind/UnicodeData.py +++ b/third_party/heimdal/lib/wind/UnicodeData.py @@ -1,5 +1,5 @@ #!/usr/local/bin/python -# -*- coding: iso-8859-1 -*- +# -*- coding: utf-8 -*- # $Id$ diff --git a/third_party/heimdal/lib/wind/gen-bidi.py b/third_party/heimdal/lib/wind/gen-bidi.py index e2efcbb555a..f01ed6b16af 100644 --- a/third_party/heimdal/lib/wind/gen-bidi.py +++ b/third_party/heimdal/lib/wind/gen-bidi.py @@ -1,5 +1,5 @@ #!/usr/local/bin/python -# -*- coding: iso-8859-1 -*- +# -*- coding: utf-8 -*- # $Id$ diff --git a/third_party/heimdal/lib/wind/gen-combining.py b/third_party/heimdal/lib/wind/gen-combining.py index 43e0d52eb3c..00481b22c7b 100644 --- a/third_party/heimdal/lib/wind/gen-combining.py +++ b/third_party/heimdal/lib/wind/gen-combining.py @@ -1,5 +1,5 @@ #!/usr/local/bin/python -# -*- coding: iso-8859-1 -*- +# -*- coding: utf-8 -*- # $Id$ diff --git a/third_party/heimdal/lib/wind/gen-errorlist.py b/third_party/heimdal/lib/wind/gen-errorlist.py index 97646cf5aed..a2f1bb12b00 100644 --- a/third_party/heimdal/lib/wind/gen-errorlist.py +++ b/third_party/heimdal/lib/wind/gen-errorlist.py @@ -1,5 +1,5 @@ #!/usr/local/bin/python -# -*- coding: iso-8859-1 -*- +# -*- coding: utf-8 -*- # $Id$ diff --git a/third_party/heimdal/lib/wind/gen-map.py b/third_party/heimdal/lib/wind/gen-map.py index dc10d6fae7f..2757b5a89aa 100644 --- a/third_party/heimdal/lib/wind/gen-map.py +++ b/third_party/heimdal/lib/wind/gen-map.py @@ -1,5 +1,5 @@ #!/usr/local/bin/python -# -*- coding: iso-8859-1 -*- +# -*- coding: utf-8 -*- # $Id$ diff --git a/third_party/heimdal/lib/wind/gen-normalize.py b/third_party/heimdal/lib/wind/gen-normalize.py index daf3c3dc42f..86ec5fd17d3 100644 --- a/third_party/heimdal/lib/wind/gen-normalize.py +++ b/third_party/heimdal/lib/wind/gen-normalize.py @@ -1,5 +1,5 @@ #!/usr/local/bin/python -# -*- coding: iso-8859-1 -*- +# -*- coding: utf-8 -*- # $Id$ diff --git a/third_party/heimdal/lib/wind/gen-punycode-examples.py b/third_party/heimdal/lib/wind/gen-punycode-examples.py index f2eddbb3738..0896f99d77d 100644 --- a/third_party/heimdal/lib/wind/gen-punycode-examples.py +++ b/third_party/heimdal/lib/wind/gen-punycode-examples.py @@ -1,5 +1,5 @@ #!/usr/local/bin/python -# -*- coding: iso-8859-1 -*- +# -*- coding: utf-8 -*- # $Id$ diff --git a/third_party/heimdal/lib/wind/generate.py b/third_party/heimdal/lib/wind/generate.py index 0a32fcd4d4d..510dfd9c6c3 100644 --- a/third_party/heimdal/lib/wind/generate.py +++ b/third_party/heimdal/lib/wind/generate.py @@ -1,5 +1,5 @@ #!/usr/local/bin/python -# -*- coding: iso-8859-1 -*- +# -*- coding: utf-8 -*- # $Id$ diff --git a/third_party/heimdal/lib/wind/rfc3454.py b/third_party/heimdal/lib/wind/rfc3454.py index 33f70a9b75c..0c830537240 100644 --- a/third_party/heimdal/lib/wind/rfc3454.py +++ b/third_party/heimdal/lib/wind/rfc3454.py @@ -1,5 +1,5 @@ #!/usr/local/bin/python -# -*- coding: iso-8859-1 -*- +# -*- coding: utf-8 -*- # $Id$ @@ -47,13 +47,13 @@ def read(filename): if not l: break if inTable: - m = re.search('^ *----- End Table ([A-Z0-9\.]+) ----- *$', l) + m = re.search(r'^ *----- End Table ([A-Z0-9\.]+) ----- *$', l) if m: ret[m.group(1)] = t inTable = False else: t.append(l) - if re.search('^ *----- Start Table ([A-Z0-9\.]+) ----- *$', l): + if re.search(r'^ *----- Start Table ([A-Z0-9\.]+) ----- *$', l): inTable = True t = [] f.close() diff --git a/third_party/heimdal/lib/wind/rfc4518.py b/third_party/heimdal/lib/wind/rfc4518.py index a222fce16a6..021550ca6c5 100644 --- a/third_party/heimdal/lib/wind/rfc4518.py +++ b/third_party/heimdal/lib/wind/rfc4518.py @@ -1,5 +1,5 @@ #!/usr/local/bin/python -# -*- coding: iso-8859-1 -*- +# -*- coding: utf-8 -*- # $Id$ diff --git a/third_party/heimdal/lib/wind/stringprep.py b/third_party/heimdal/lib/wind/stringprep.py index cff4d02a7b6..b75b5455e65 100644 --- a/third_party/heimdal/lib/wind/stringprep.py +++ b/third_party/heimdal/lib/wind/stringprep.py @@ -1,5 +1,5 @@ #!/usr/local/bin/python -# -*- coding: iso-8859-1 -*- +# -*- coding: utf-8 -*- # $Id$ diff --git a/third_party/heimdal/lib/wind/util.py b/third_party/heimdal/lib/wind/util.py index a05c7398f5c..06a25160dbd 100644 --- a/third_party/heimdal/lib/wind/util.py +++ b/third_party/heimdal/lib/wind/util.py @@ -1,5 +1,5 @@ #!/usr/local/bin/python -# -*- coding: iso-8859-1 -*- +# -*- coding: utf-8 -*- # $Id$