diff options
Diffstat (limited to 'src/clients')
-rw-r--r-- | src/clients/kinit/ChangeLog | 15 | ||||
-rw-r--r-- | src/clients/kinit/Makefile.in | 4 | ||||
-rw-r--r-- | src/clients/kinit/kinit.c | 12 | ||||
-rw-r--r-- | src/clients/ksu/ChangeLog | 7 | ||||
-rw-r--r-- | src/clients/ksu/Makefile.in | 44 | ||||
-rw-r--r-- | src/clients/ksu/heuristic.c | 2 | ||||
-rw-r--r-- | src/clients/ksu/krb_auth_su.c | 4 |
7 files changed, 55 insertions, 33 deletions
diff --git a/src/clients/kinit/ChangeLog b/src/clients/kinit/ChangeLog index 802ab3e..bf365e0 100644 --- a/src/clients/kinit/ChangeLog +++ b/src/clients/kinit/ChangeLog @@ -1,3 +1,18 @@ +2003-08-01 Tom Yu <tlyu@mit.edu> + + * kinit.c (main): Apply patch from Stephen Grau to correctly + return non-zero for certain error conditions. + +2003-05-29 Ken Raeburn <raeburn@mit.edu> + + * kinit.c (KRB4_BACKUP_DEFAULT_LIFE_SECS): Update to one day. + +2003-05-23 Ken Raeburn <raeburn@mit.edu> + + * Makefile.in (kinit): Don't use krb524 library. + * kinit.c: Don't include krb524.h. + (try_convert524): Don't call krb524_init_ets. + 2002-11-05 Tom Yu <tlyu@mit.edu> * kinit.c (k4_kinit): Remove trailing colon, as new implementation diff --git a/src/clients/kinit/Makefile.in b/src/clients/kinit/Makefile.in index d7d5b95..1d2a6e4 100644 --- a/src/clients/kinit/Makefile.in +++ b/src/clients/kinit/Makefile.in @@ -13,8 +13,8 @@ all-unix:: kinit all-windows:: $(OUTPRE)kinit.exe all-mac:: -kinit: kinit.o $(KRB4COMPAT_DEPLIBS) $(KRB524_DEPLIB) - $(CC_LINK) -o $@ kinit.o $(KRB524_LIB) $(KRB4COMPAT_LIBS) +kinit: kinit.o $(KRB4COMPAT_DEPLIBS) + $(CC_LINK) -o $@ kinit.o $(KRB4COMPAT_LIBS) $(OUTPRE)kinit.exe: $(OUTPRE)kinit.obj $(BUILDTOP)\util\windows\$(OUTPRE)getopt.lib $(KLIB) $(CLIB) link $(EXE_LINKOPTS) -out:$@ $** advapi32.lib diff --git a/src/clients/kinit/kinit.c b/src/clients/kinit/kinit.c index 740b030..422c87d 100644 --- a/src/clients/kinit/kinit.c +++ b/src/clients/kinit/kinit.c @@ -55,10 +55,6 @@ extern int getopt(); #endif /* HAVE_UNISTD_H */ #endif /* GETOPT_LONG */ -#ifdef HAVE_KRB524 -#include "krb524.h" -#endif - #ifndef _WIN32 #define GET_PROGNAME(x) (strrchr((x), '/') ? strrchr((x), '/')+1 : (x)) #else @@ -117,7 +113,7 @@ static int default_k4 = 0; static int authed_k5 = 0; static int authed_k4 = 0; -#define KRB4_BACKUP_DEFAULT_LIFE_SECS 10*60*60 /* 10 hours */ +#define KRB4_BACKUP_DEFAULT_LIFE_SECS 24*60*60 /* 1 day */ typedef enum { INIT_PW, INIT_KT, RENEW, VALIDATE } action_type; @@ -994,9 +990,6 @@ static int try_convert524(k5) initialized. */ - /* or do this directly with krb524_convert_creds_kdc */ - krb524_init_ets(k5->ctx); - if ((code = krb5_build_principal(k5->ctx, &kpcserver, krb5_princ_realm(k5->ctx, k5->me)->length, @@ -1130,7 +1123,8 @@ main(argc, argv) k5_end(&k5); k4_end(&k4); - if ((got_k5 && !authed_k5) || (got_k4 && !authed_k4)) + if ((got_k5 && !authed_k5) || (got_k4 && !authed_k4) || + (!got_k5 && !got_k4)) exit(1); return 0; } diff --git a/src/clients/ksu/ChangeLog b/src/clients/ksu/ChangeLog index 44415a0..17a1dff 100644 --- a/src/clients/ksu/ChangeLog +++ b/src/clients/ksu/ChangeLog @@ -1,3 +1,10 @@ +2003-04-01 Nalin Dahyabhai <nalin@redhat.com> + + * heuristic.c (get_closest_principal): Don't try to examine + principal name components after the last. + * krb_auth_su.c (get_best_principal): Check principal name length + before examining components. + 2002-12-23 Ezra Peisach <epeisach@bu.edu> * authorization.c, heuristic.c, ksu.h: Use uid_t instead of int in diff --git a/src/clients/ksu/Makefile.in b/src/clients/ksu/Makefile.in index 5669d79..88c052c 100644 --- a/src/clients/ksu/Makefile.in +++ b/src/clients/ksu/Makefile.in @@ -47,39 +47,43 @@ install:: # $(OUTPRE)krb_auth_su.$(OBJEXT): krb_auth_su.c ksu.h \ $(SRCTOP)/include/k5-int.h $(BUILDTOP)/include/krb5/osconf.h \ - $(BUILDTOP)/include/krb5/autoconf.h $(BUILDTOP)/include/krb5.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/include/krb5/kdb.h $(BUILDTOP)/include/profile.h \ - $(SRCTOP)/include/k5-util.h $(SRCTOP)/include/syslog.h + $(BUILDTOP)/include/krb5/autoconf.h $(SRCTOP)/include/k5-platform.h \ + $(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h \ + $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(SRCTOP)/include/krb5/kdb.h $(SRCTOP)/include/k5-util.h \ + $(SRCTOP)/include/syslog.h $(OUTPRE)ccache.$(OBJEXT): ccache.c ksu.h $(SRCTOP)/include/k5-int.h \ $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/k5-platform.h $(BUILDTOP)/include/krb5.h \ + $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h $(SRCTOP)/include/port-sockets.h \ $(SRCTOP)/include/socket-utils.h $(SRCTOP)/include/krb5/kdb.h \ - $(BUILDTOP)/include/profile.h $(SRCTOP)/include/k5-util.h \ - $(SRCTOP)/include/syslog.h $(SRCTOP)/include/krb5/adm_proto.h + $(SRCTOP)/include/k5-util.h $(SRCTOP)/include/syslog.h \ + $(SRCTOP)/include/krb5/adm_proto.h $(OUTPRE)authorization.$(OBJEXT): authorization.c ksu.h \ $(SRCTOP)/include/k5-int.h $(BUILDTOP)/include/krb5/osconf.h \ - $(BUILDTOP)/include/krb5/autoconf.h $(BUILDTOP)/include/krb5.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/include/krb5/kdb.h $(BUILDTOP)/include/profile.h \ - $(SRCTOP)/include/k5-util.h $(SRCTOP)/include/syslog.h + $(BUILDTOP)/include/krb5/autoconf.h $(SRCTOP)/include/k5-platform.h \ + $(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h \ + $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ + $(SRCTOP)/include/krb5/kdb.h $(SRCTOP)/include/k5-util.h \ + $(SRCTOP)/include/syslog.h $(OUTPRE)main.$(OBJEXT): main.c ksu.h $(SRCTOP)/include/k5-int.h \ $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/k5-platform.h $(BUILDTOP)/include/krb5.h \ + $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h $(SRCTOP)/include/port-sockets.h \ $(SRCTOP)/include/socket-utils.h $(SRCTOP)/include/krb5/kdb.h \ - $(BUILDTOP)/include/profile.h $(SRCTOP)/include/k5-util.h \ - $(SRCTOP)/include/syslog.h $(SRCTOP)/include/krb5/adm_proto.h + $(SRCTOP)/include/k5-util.h $(SRCTOP)/include/syslog.h \ + $(SRCTOP)/include/krb5/adm_proto.h $(OUTPRE)heuristic.$(OBJEXT): heuristic.c ksu.h $(SRCTOP)/include/k5-int.h \ $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/k5-platform.h $(BUILDTOP)/include/krb5.h \ + $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h $(SRCTOP)/include/port-sockets.h \ $(SRCTOP)/include/socket-utils.h $(SRCTOP)/include/krb5/kdb.h \ - $(BUILDTOP)/include/profile.h $(SRCTOP)/include/k5-util.h \ - $(SRCTOP)/include/syslog.h + $(SRCTOP)/include/k5-util.h $(SRCTOP)/include/syslog.h $(OUTPRE)xmalloc.$(OBJEXT): xmalloc.c ksu.h $(SRCTOP)/include/k5-int.h \ $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/k5-platform.h $(BUILDTOP)/include/krb5.h \ + $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h $(SRCTOP)/include/port-sockets.h \ $(SRCTOP)/include/socket-utils.h $(SRCTOP)/include/krb5/kdb.h \ - $(BUILDTOP)/include/profile.h $(SRCTOP)/include/k5-util.h \ - $(SRCTOP)/include/syslog.h + $(SRCTOP)/include/k5-util.h $(SRCTOP)/include/syslog.h $(OUTPRE)setenv.$(OBJEXT): setenv.c diff --git a/src/clients/ksu/heuristic.c b/src/clients/ksu/heuristic.c index c79f943..85b94b5 100644 --- a/src/clients/ksu/heuristic.c +++ b/src/clients/ksu/heuristic.c @@ -364,7 +364,7 @@ krb5_error_code get_closest_principal(context, plist, client, found) krb5_data *p2 = krb5_princ_component(context, temp_client, j); - if ((p1->length != p2->length) || + if (!p1 || !p2 || (p1->length != p2->length) || memcmp(p1->data,p2->data,p1->length)){ got_one = FALSE; break; diff --git a/src/clients/ksu/krb_auth_su.c b/src/clients/ksu/krb_auth_su.c index 6e76149..8e18342 100644 --- a/src/clients/ksu/krb_auth_su.c +++ b/src/clients/ksu/krb_auth_su.c @@ -547,7 +547,9 @@ krb5_error_code get_best_principal(context, plist, client) krb5_princ_realm(context, temp_client)->length))){ - if(nelem){ + if (nelem && + krb5_princ_size(context, *client) > 0 && + krb5_princ_size(context, temp_client) > 0) { krb5_data *p1 = krb5_princ_component(context, *client, 0); krb5_data *p2 = |