All of the other libraries on Windows have fixed assignments
of ordinals to the exported functions. Assign the ordinals
that were in use in the last public release, kfw 3.2.2, so
that they will remain constant into the future in case additional
exports are added to the library.
Ken Raeburn [Mon, 21 Jul 2008 18:39:34 +0000 (18:39 +0000)]
When reading from the routing socket, only provide enough space for
the header and ignore the rest of the message. Don't complain about
message size as long as we got the bits of the header we care about.
ccdefault.c:
krb5_cc_default_name() is permitted to return a NULL
pointer as a valid output. Passing a NULL pointer to
strcmp() will result in an exception as NULL is not
a valid input parameter to strcmp().
Save the output of krb5_cc_default_name() to a variable
and modify the conditional to set the new default ccache
name in the case where there is no existing default
ccache name.
Ken Raeburn [Sun, 20 Jul 2008 21:07:41 +0000 (21:07 +0000)]
Don't set LOCAL_SUBDIRS in many places and SUBDIRS in a few and
default SUBDIRS to LOCAL_SUBDIRS via pre.in. Instead, just set
SUBDIRS in each directory, and don't do anything in pre.in.
Ken Raeburn [Fri, 18 Jul 2008 06:45:34 +0000 (06:45 +0000)]
On systems with struct rt_msghdr, open a routing socket and wait for
messages; when they come in, if the types suggest a possibility of
network interface reconfiguration, shut down the KDC's networking and
bring it back up again, rescanning the interfaces in the process.
Leaving the ticket open because it should be improved:
* It should only close down sockets on addresses we no longer have, and
bring up sockets only on new addresses.
* If we have IPV6_PKTINFO support, it should only listen for IPv4
routing changes.
* If we also have IP_PKTINFO support, it shouldn't be used at all.
* If we build a KDC on a system with neither struct rt_msghdr nor
IP_PKTINFO (do we have any such?), we'll need another solution.
Thanks to Nico Williams for the routing socket suggestion, and Apple
for the initial (signal-driven) reconfiguration code.
Ken Raeburn [Tue, 15 Jul 2008 23:57:03 +0000 (23:57 +0000)]
r1926@ken-wireless: raeburn | 2008-07-15 16:49:17 -0400
ticket: 5947
status: open
Add a test script for the walk_rtree code, and run some test cases
that exercise the problem reported in RT ticket 5947.
r1927@ken-wireless: raeburn | 2008-07-15 19:55:10 -0400
Some more test cases.
Tom Yu [Tue, 15 Jul 2008 21:43:35 +0000 (21:43 +0000)]
krb5_get_cred_via_tkt() should null out_cred on errors
Helper function krb5_kdcrep2creds(), called from
krb5_get_cred_via_tkt(), should null its output pointer after freeing
allocated memory, to avoid returning an invalid pointer.
ticket: new
tags: pullup
target_version: 1.6.4
component: krb5-libs
Ken Raeburn [Sat, 12 Jul 2008 00:55:18 +0000 (00:55 +0000)]
Use all local addresses except loopback addresses, even if a non-loopback
address appears on a loopback interface. This might happen if that's how
your VPN code makes your local address visible.
Use a variant of Apple's patch, extended to handle the other variations of
local address determination.
CCacheServer crashes iterating over creds which have been destroyed
ccs_list_release was trying to manually delete the iterators with a
broken for loop which skipped iterators. Since the iterators were referenced
by the client, when the client exited it would tell the iterators to release
themselves. The orphaned itertors would attempt to remove themselves from
their list (which had been released) resulting in a crash.
On Fedora 9, glibc 2.8 is used. The kdc code conditionalizes
IPV6_PKTINFO and HAVE_STRUCT_IN6_PKTINFO in a number of places = but
misses two for the struct one.
/usr/include/netinet/in.h conditionalizes struct in6_pktinfo on
__USE_GNU - which I believe implies a gnu libc extension. People on
the net have defined GNU_SOURCE for various things to compile, etc.
I do note that /usr/include/linux/ipv6.h exists with the same definition.
I believe that ipv6 support in the kdc will not work with these changes - but
the tree compiles.
Added support for stash files with a consistent endianness (big endian)
so that one can migrate a KDC from a machine with one endianess to
a machine with the other endianess. Used by Kerberos for Macintosh.
Ken Raeburn [Fri, 27 Jun 2008 04:18:38 +0000 (04:18 +0000)]
fix ktutil listing with timestamp
ktutil's "list -t" option is supposed to show the timestamp stored in
the keytab file. Instead, it shows some random (uninitialized) value,
interpreted as a timestamp.
Jeffrey Altman [Wed, 18 Jun 2008 19:36:49 +0000 (19:36 +0000)]
This patch is derived from a patch originally submitted to RT
by: Nik Conwell <nik@bu.edu>
krb5_set_real_time() accepts as input the time of the KDC
or an application server as a combination of seconds and
microseconds. Often it is the case that the time source
does not provide the real time with less than one second
granularity. Up until this patch such a caller would fill
in the microseconds parameter as zero. krb5_set_real_time()
would treat the zero microseconds as the actual reported
time and compute a microsecond based offset.
During a one second window subsequent calls to
krb5_set_real_time() would have an ever increasing offset
size until the number of seconds is incremented. This
in turn produces a side effect in which the microseconds
value of the local clock is effectively erased.
If there are multiple processes or threads on the same
machine each requesting service tickets using the same
client principal for the same service principal where
the number of seconds reported by the KDC are equivalent,
then they will now all create authenticators with
exactly the same timestamp. As a result, the authenticating
service will detect a replay attack even though the
authenticators are actually unique. The replay cache
only maintains a tuple of client, server and timestamp.
This patch modifies the interpretation of the microseconds
parameter. If -1 is specified, the microseconds offset is
ignored.
Ken Raeburn [Wed, 18 Jun 2008 18:14:55 +0000 (18:14 +0000)]
Disable check for invalid client-side admin config parameters in the
config file. Since KDC configuration parameters can now be put in
krb5.conf, this doesn't make sense any more.
Ken Raeburn [Mon, 2 Jun 2008 19:45:16 +0000 (19:45 +0000)]
Change krb5_context.db_context to point to the real structure type,
and change uses to not cast all the time. Also rename it from
db_context to dal_handle, since one of the fields in the pointed-to
structure is also called db_context.
Commit of Apple PKINIT patches under "APPLE_PKINIT" preprocessor symbol.
Long term goal is to merge these patches with the pkinit preauth plugin which
does not currently have support for Mac OS X crypto libraries or the exported
functions used by Back To My Mac.
Warnings in server_stubs.c (signed vs unsigned errmsg, gcc printf)
server_stubs.c uses char * for error messages which it gets from com_err,
throwing away the constness of the com_err output. Made error message args
be const char * to remove warnings and prevent accidental modification of
com_err strings.
In calls to krb5_klog_syslog server_stubs.c passes void* into %s printf
formats and passes size_ts in for the field widths in %.*s formats. After
verifying that the size_ts cannot be bigger than ints (which is ensured by
trunc_name) added casts to remove spurious warnings.
projects / thirdparty / krb5.git / log
