Ken Raeburn [Mon, 28 Jun 2004 19:02:51 +0000 (19:02 +0000)]
Missed some log data with last checkin:
* cc_memory.c (struct _krb5_mcc_data): Delete 'next' pointer. Add a mutex.
(krb5_mcc_*): Lock and unlock the mutex as appropriate.
(struct krb5_mcc_list_node): New type, separates the linked-list
container from the data for individual nodes.
(mcc_head): Now points to krb5_mcc_list_node.
Ken Raeburn [Fri, 25 Jun 2004 19:42:10 +0000 (19:42 +0000)]
* k5-platform.h (JOIN4, JOIN4_2, JOIN3, JOIN3_2): Unused macros deleted.
(JOIN__2, JOIN__2_2): Renamed from JOIN2 and JOIN2_2. Insert two underscores
between the tokens supplied. All uses changed to use new macros, and not use
identifiers with leading underscores.
Ken Raeburn [Thu, 24 Jun 2004 22:43:58 +0000 (22:43 +0000)]
* cc_file.c (krb5_fcc_read_data): Combine stdio and posix versions of code with
gratuitous minor differences.
(krb5_fcc_read_int32, krb5_fcc_next_cred): Likewise.
(krb5_fcc_read_addr): Likewise. Check that filled-in length field matches the
value we tried to store (i.e., that type conversion didn't throw away
information).
(krb5_fcc_read_authdatum): Likewise.
Ken Raeburn [Thu, 24 Jun 2004 22:30:16 +0000 (22:30 +0000)]
* threads.c: Reorganize code: One definition of each function, with
per-platform conditional tests inside, instead of per-platform definitions for
each function. Combine common aspects of each function across platforms.
Tom Yu [Thu, 24 Jun 2004 20:10:05 +0000 (20:10 +0000)]
use host-based service name for kadmin client
* kadmin.c (kadmin_startup): Use host-based service name from
kadm5_get_admin_service_name() for SEAM compatibility when old
AUTH_GSSAPI not requested.
Ken Raeburn [Tue, 22 Jun 2004 18:14:15 +0000 (18:14 +0000)]
Delete preprocessor tests for macintosh, __MWERKS__, applec, and THINK_C, all
part of the pre-Mac OS X support. (Except the bits in the Yarrow code, where
it was part of the upstream source.)
Jeffrey Altman [Tue, 22 Jun 2004 06:39:43 +0000 (06:39 +0000)]
cc_mslsa.c: Comment out calls to FormatMessage and do not terminate
the program on a failure to generate a message. The existing code fails
on non-English systems. We do not need this code in a library unless we
are logging to the Event Log which is currently not done. Ignore this
for the time being until such time as we decide Event Log entries are
important to us.
Ken Raeburn [Mon, 21 Jun 2004 20:58:34 +0000 (20:58 +0000)]
* threads.c (key_lock): Change to a k5_mutex_t.
(k5_key_register): Use k5_ lock routines.
(pthread_getspecific, pthread_setspecific, pthread_key_create,
pthread_key_delete) [HAVE_PRAGMA_WEAK_REF]: Declare weak.
(tsd_if_single) [HAVE_PRAGMA_WEAK_REF]: New variable.
(krb5int_thread_support_init): Do pthread key creation only if pthread code is
loaded.
(krb5int_thread_support_fini): Do pthread key deletion only if pthread code is
loaded.
(k5_key_register, k5_getspecific, k5_setspecific): Use tsd_if_single when
pthread code is not loaded.
Jeffrey Altman [Sat, 19 Jun 2004 04:40:58 +0000 (04:40 +0000)]
* cc_mslsa.c: Enforce acceptable enctypes by checking against
the default_tgs_enctypes list instead of the permitted_enctypes
list; only enforce the desired enctype when retrieving tickets
to deliver to an application. do not enforce when attempting
to determine the current principal name. this is important
because specifying an enctype results in a TGS_REQ being sent
to the KDC; close memory leak of krb5_cred objects in
krb5_lcc_retrieve().
Tom Yu [Sat, 19 Jun 2004 02:11:58 +0000 (02:11 +0000)]
fix some 64-bit bugs in RPCSEC_GSS
* auth_gss.h: Add prototype for xdr_rpc_gss_buf.
* authgss_prot.c (xdr_rpc_gss_buf): New function.
(xdr_rpc_gss_cred, xdr_rpc_gss_init_args, xdr_rpc_gss_init_res):
(xdr_rpc_gss_wrap_data, xdr_rpc_gss_unwrap_data): Use
xdr_rpc_gss_buf, to avoid passing a (size_t *) to a xdr_bytes(),
which expects (u_int *).
(xdr_rpc_gss_wrap_data): Use tmplen to avoid passing (size_t *) to
xdr_u_int.
Ken Raeburn [Sat, 19 Jun 2004 00:21:48 +0000 (00:21 +0000)]
* aclocal.m4 (WITH_CC): Use -Wl,-search_paths_first for linking on Darwin.
(KRB5_AC_ENABLE_THREADS): On AIX, add PTHREAD_LIBS to LIBS; don't do it on
other platforms. Override CC with PTHREAD_CC only if CC is not gcc. Don't add
PTHREAD_CFLAGS to CFLAGS; substitute PTHREAD_CFLAGS separately.
Ken Raeburn [Sat, 19 Jun 2004 00:19:03 +0000 (00:19 +0000)]
* shlib.conf (*-*-darwin*, *-*-rhapsody*): Don't set PICFLAGS or LDFLAGS.
Force static libraries only always, instead of just as the default.
(*-*-aix*): The initfini argument should be "-binitfini". Use -bernotok, not
-berok. Do use the INIT_FINI_PREP command in constructing MAKE_SHLIB_COMMAND.
Ken Raeburn [Sat, 19 Jun 2004 00:06:48 +0000 (00:06 +0000)]
* Makefile.in (all-windows): Make autoconf.h in include\krb5 before building
anything else.
(WINMAKEFILES): Add util\support\Makefile.
(util\support\Makefile) [DOS]: New target.
(CE): New variable.
($(CE)test1.h, $(CE)test2.h, $(CE)test1.c, $(CE)test2.c): New targets.
Ken Raeburn [Fri, 18 Jun 2004 23:43:47 +0000 (23:43 +0000)]
* k5-platform.h (MAKE_INIT_FUNCTION, CALL_INIT_FUNCTION, INITIALIZER_RAN): Use
the linker-driven version for Windows. The auxinit function definition needs
an argument list.
(MAKE_FINI_FUNCTION): Likewise.
Ken Raeburn [Fri, 18 Jun 2004 23:36:57 +0000 (23:36 +0000)]
* Makefile.in (SLIBS, SDEF, S_GLUE, COMERR_GLUE, PROF_GLUE, SGLUE): New
variables.
(NO_GLUE): Deleted.
(CGLUE, PGLUE): Use new separate glue files instead of no_glue.
(SRES) [WIN32]: New variable.
($(SRES), $(SLIB)) [WIN32]: New targets.
($(CLIB), $(PLIB), $(KLIB), $(GLIB)) [WIN32]: Depend on and link against
$(SLIB) too.
($(SDEF)): New target. Generate Windows export list from common symbol list.
($(COMERR_GLUE), $(PROF_GLUE), $(S_GLUE)): New targets.
* win_glue.c (control): Reference add/remove_error_table only if building for
krb4 library. Add calls to library init/fini functions for other libraries.
For support library, also call a hook function on DLL_THREAD_DETACH. If no
recognized library-specific macro is defined, don't compile.
(DllMain): Do call control() on DLL_THREAD_DETACH.
Ken Raeburn [Fri, 18 Jun 2004 22:49:55 +0000 (22:49 +0000)]
* Makefile.in (BUILDTOP, LIBNAME, XTRA, OBJFILE): Define for Windows.
(LIBOBJS): Define.
($(BUILDTOP)/include/krb5/autoconf.h): Disable rule on Windows.
* threads.c (tls_idx, key_lock, destructors, destructors_set): New variables
for Windows.
(krb5int_thread_support_init, krb5int_thread_support_fini, k5_key_register,
k5_getspecific, k5_setspecific, k5_key_delete, krb5int_thread_detach_hook):
New functions for Windows. Some are just placeholders.
Ken Raeburn [Fri, 18 Jun 2004 22:47:27 +0000 (22:47 +0000)]
* Makefile.in ($(OUTPRE)test_et.exe): New target.
(check-windows): Build and run test_et.exe.
* error_message.c: Include autoconf.h.
(HAVE_STRERROR) [_WIN32]: Don't define.
(error_message) [_WIN32]: Check for range WSABASEERR+[0,1100) instead of
all values under 12000. Use k5_getspecific and k5_setspecific for local buffer.
* test_et.c (EXPORT_LIST): Define on Windows.
(main): Use add/remove_error_table, not the initialize_ routines.
(main) [EXPORT_LIST]: Don't test error_table_name, it's not in the export list.
Tom Yu [Wed, 16 Jun 2004 03:11:54 +0000 (03:11 +0000)]
This commit merges the RPCSEC_GSS integration branch onto the trunk.
Remaining work includes:
* Default to using kadmin/fqdn for SEAM compatibility
* Namespace cleanups and other API tweaks -- this API is not stable yet
* Fix lib/rpc/unit-test testsuite to test RPCSEC_GSS in addition to
AUTH_GSSAPI
Additional work will be tracked in separate tickets. This merge is
bracketed between the tags "tlyu-umich-rpc-merge-pre" and
"tlyu-umich-rpc-merge-post".
Tom Yu [Wed, 16 Jun 2004 02:37:23 +0000 (02:37 +0000)]
ok, let's try this again..
* accept_sec_context.c (krb5_gss_accept_sec_context): Only null
out the auth_context's rcache if it was provided by acceptor
creds; this prevents a leak.
* delete_sec_context.c (krb5_gss_delete_sec_context): Only null
out the auth_context's rcache if it was provided by acceptor
creds; this prevents a leak.
* gssapiP_krb5.h (krb5_gss_ctx_id_rec): Add cred_rcache to track
whether acceptor creds provided an rcache.
Ken Raeburn [Tue, 15 Jun 2004 19:06:13 +0000 (19:06 +0000)]
Localize the OS-specific bits of retrieving the current time a bit more.
** not yet tested on Windows **
* c_ustime.c: Include k5-thread.h.
(get_time_now): New function, holds system-dependent code.
(krb5int_us_time_mutex): New mutex.
(struct time_now): New type.
(last_time): New variable, replaces old last_tv, last_sec, last_usec.
(krb5_crypto_us_timeofday): Rewrite. Do locking around access to previously
returned value, and ensure that we don't return duplicate values.
* os-proto.h: Include k5-thread.h.
(krb5int_us_time_mutex): Declare.
Tom Yu [Tue, 15 Jun 2004 18:57:17 +0000 (18:57 +0000)]
don't leak rcaches in accept_sec_context
* accept_sec_context.c (krb5_gss_accept_sec_context): Don't null
out rcache of auth_context prior to free if rcache was temporarily
allocated; this prevents leaking rcaches.
ticket: new
version_reported: 1.3.4
component: krb5-libs
Ken Raeburn [Tue, 15 Jun 2004 17:52:23 +0000 (17:52 +0000)]
* rc_io.c (dir, dirlen): Top-level variables deleted.
(getdir): Now returns the pointer, doesn't set top-level variables.
(GETDIR): Set local variables dir and dirlen using the function's return value.
(krb5_rc_io_creat, krb5_rc_io_open_internal): Add the new local variables.
Ken Raeburn [Tue, 15 Jun 2004 17:45:55 +0000 (17:45 +0000)]
* Makefile.in (SHLIB_DIRS, SHLIB_EXPLIBS, SHLIB_EXPDEPLIBS): Set to depend on
the new support library.
(SHLIB_LIBS): Don't define.
* configure.in: Use BUILD_LIBRARY_WITH_DEPS instead of the no-deps version.
Ken Raeburn [Sat, 12 Jun 2004 01:09:43 +0000 (01:09 +0000)]
* Makefile.in (include/generated.stmp): New intermediate target file, to
prevent repeated generation of unchanging header files.
(include/config.h, include/db-config.h): Depend on it.
($(srcdir)/include/autoconf.stmp, $(srcdir)/include/config.h.in): Likewise.
(clean-includes): Delete the new intermediate target files.
* configure.in: Generate include/generated.stmp when config.status is run.
Ken Raeburn [Fri, 11 Jun 2004 01:08:23 +0000 (01:08 +0000)]
* asn1_encode.c (asn1_encode_generaltime): Fix memcpy argument to actually
be a pointer.
(asn1_encode_enumerated): Drop "const" from scalar argument type.
* asn1_encode.h (asn1_encode_integer, asn1_encode_enumerated,
asn1_encode_unsigned_integer, asn1_encode_octetstring,
asn1_encode_charstring, asn1_encode_printablestring,
asn1_encode_ia5string, asn1_encode_generaltime,
asn1_encode_generalstring): Drop "const" from scalar argument types.
Sam Hartman [Wed, 9 Jun 2004 18:30:01 +0000 (18:30 +0000)]
If channel bindings are supplied to server require them to be matched
Based on discussion on kerberos@mit.edu, the decision to allow null
channel bindings from a client to match even when server channel
bindings are supplied is flawed. This decision assumes that we cannot
get server implementations to change even though we are able to deploy
a new Kerberos implementation on the server. In practice the server
implementations in question have actually changed and so the only part
of revision 1.54 of accept_sec_context.c we actually need is the code
to ignore channel bindings if null channel bindings are passed into
the server. Thus the change to allow null channel bindings from the
client to match against any channel bindings on the server is backed
out.
Ken Raeburn [Tue, 8 Jun 2004 19:26:06 +0000 (19:26 +0000)]
* pre.in (AUTOCONF, AUTOHEADER): Always set to autoconf and autoheader
respectively.
(AUTOCONFFLAGS, AUTOHEADERFLAGS): Always set to empty.
* post.in (Makefile): Always run autoconf with --include, don't bother with
--localdir any more. Don't delete autom4te.cache here.
(clean-unix): Delete autom4te.cache.
Ezra Peisach [Mon, 7 Jun 2004 19:25:32 +0000 (19:25 +0000)]
* network.c (paddr): Use unsigned int for length.
(kdc_conn_type): Declare CONN_ enumerated types in connection as
distinct type.
(add_fd): Declare as taking enum type instead of simply
integer. Prevents assignment of interger to an enum.
(process_tcp_connection): Remove variable assigned to but never used.
Ken Raeburn [Fri, 4 Jun 2004 22:35:25 +0000 (22:35 +0000)]
Change all uses of LIB in UNIX makefiles to LIBBASE, for better Windows
compatibility. (Windows nmake exports make variables into the environment, and
LIB is treated by the Windows linker as a search path for libraries, thus
breaking the linking on Windows of anything needing libraries from the search
path in directories where we build libraries on UNIX.)
projects / thirdparty / krb5.git / log
