Age | Commit message (Collapse) | Author | Files | Lines |
|
In parse_quoted_string(), only process an escape sequence if there is
a second character after the backlash, to avoid reading past the
terminating zero byte. Reported by Lutz Justen.
(cherry picked from commit a449bfc16c32019fec8b4deea963a3e474b0d14d)
ticket: 8825
version_fixed: 1.16.4
|
|
Commit 8f9ade8ec50cde1176411085294f85ecfb2820a4 (ticket 8391) moved
the built-in getopt() and getopt_long() implementations from a static
library in util/windows to util/support, where (on Windows) it is
built into k5sprt32.dll or k5sprt64.dll. The getopt() interface uses
global variables opterr, optind, optopt, and optarg, each renamed via
macro to have a k5_ prefix when we use the built-in implementation.
Data objects exported from DLLs need special handling in Windows; they
must be marked as DATA in the DLL .def file, and they must be declared
with "__declspec(dllimport)" in calling code. Without this handling,
optind begins with a garbage value and getopt_long() returns -1
immediately, so client programs always behave as if they have no
arguments.
Stop unnecessarily declaring optind and optarg in client programs.
Declare the getopt() global variables with __declspec(dllimport) on
Windows, except when compiling getopt.c itself. When creating
libkrb5support.exports on Windows (this file is later used by
lib/Makefile.in to create k5sprt32.def), add a DATA tag to the data
objects.
(cherry picked from commit 63246cf3513a0e8bdfc734db985af14c8c5170c5)
ticket: 8684
version_fixed: 1.16.2
|
|
Recent versions of Perl issue a warning or error when an unescaped
open curly brace is used in a position where it might introduce a
quantifier in a regular expression. Escape all regexp literal curly
braces in def-check.pl.
(cherry picked from commit 523e4ab050b13404a6929cc56ef873de8023e25c)
ticket: 8677
version_fixed: 1.16.2
|
|
Modify profile_add_node() to return the existing node, rather than
making a new one, when adding subsection configuration.
This fixes an issue where the first instance of a subsection will hide
the second instance entirely. In particular, it was previously
impossible to split realm-specific configuration across multiple
config files.
[ghudson@mit.edu: adjusted style, added test case]
(cherry picked from commit efab9fa5a6d23c486467264e20b58bf5a9c60f0c)
ticket: 7863
version_fixed: 1.16.1
|
|
Local changes:
- Update upstream URL for fedorahosted deprecation.
- Add verto_cleanup() to exports.
Upstream changes:
- Strict c89 compliance.
- Remove local asprintf() implementation.
- Fix memleak when memory allocator is realloc().
- Fix leaks of filenames during load.
- Fix many unused variable warnings.
- Factor out mutability check.
- Properly handle _GNU_SOURCE checking.
ticket: 8612 (new)
|
|
gmt_mktime() is used as a fallback when the platform does not have
timegm(). Make it work for dates in the unsigned 32-bit range, not
the signed 32-bit range.
ticket: 8352
|
|
Where we convert between UTF-8 and UCS-2 (RC4 string-to-key and PAC
client info), use UTF-16 instead of UCS-2. Add a test program for
the conversion functions.
ticket: 8577 (new)
|
|
Replace references to Apple OS X with the updated OS name "macOS"
where applicable.
|
|
|
|
Add pragma statements to verto-k5ev.c to ignore warnings generated by
the libev code in gcc and clang.
|
|
Remove unused entry points as we only need to convert between
little-endian UCS-2 byte buffers and UTF-8. Rename and simplify the
remaining two function contracts. Avoid pointer alignment and
endianness issues by operating on byte buffers and using store_16_le()
and load_16_le(). Avoid two-pass operation using k5buf.
[ghudson@mit.edu: simplified code using k5buf; simplified function
names and contracts; rewrote commit message]
|
|
Better would be to fix the generation or elminate this altogether.
|
|
|
|
|
|
|
|
In krb5int_open_plugin_dirs(), if constructing filepath fails,
filepath is set to null but accessed a few lines later. Add an error
check before calling krb5int_open_plugin().
ticket: 8565 (new)
target_version: 1.15-next
target_version: 1.14-next
tags: pullup
|
|
In verto-k5ev.c, turn off optional watchers in ev.c, and enable the
specific watcher types we use.
|
|
Editors and filesystems may create artifacts related to .conf files
which don't change the file suffix; these artifacts generally begin
with "." so that they don't appear in normal directory listings
(e.g. ".#filename" for emacs interlock files). Make sure to ignore
any such artifacts when processing a profile includedir directive.
ticket: 8563 (new)
target_version: 1.15-next
tags: pullup
|
|
In k5test.py, add the optional keyword argument "expected_msg" to
methods that run commands, to make it easier to look for substrings in
the command output. Add the optional keyword "expected_trace" to run
the command with KRB5_TRACE enabled and look for an ordered series of
substrings in the trace output.
|
|
The gcc assembly version of zap() could still be optimized out under
gcc 5.1 or later, and the krb5int_zap() function could be optimized
out with link-time optimization. Based on work by Zhaomo Yang and
Brian Johannesmeyer, use the C11 memset_s() when available, then fall
back to a memory barrier with gcc or clang, and finally fall back to
using krb5int_zap(). Modify krb5int_zap() to use a volatile pointer
in case link-time optimization is used.
ticket: 8514 (new)
target_version: 1.15-next
target_version: 1.14-next
tags: pullup
|
|
|
|
Add test cases for all of the test vectors in the aes-sha2 draft. In
t_cksums.c and t_decrypt.c, modify the test structure to allow for
binary plaintexts. In t_str2key.c, modify the test structure to allow
for binary salts. In t_derive.c, allow tests to have outputs which
don't match the key size, using krb5int_derive_random() instead of
krb5int_derive_key().
Add test cases for KRB-FX-CF2 and for gss_pseudo_random() using test
vectors generated ourselves.
Add k5test and dejagnu test passes for aes-sha2 enctypes.
ticket: 8490
|
|
Shipping a 10MB+ doc/CHANGES file in the release tarball doesn't make
much sense in a modern context where historical information is readily
available in a distributed version control system.
ticket: 8488 (new)
|
|
threads.c failed to build on Solaris afer commit
17932091cc0d5981c5a78d389ffa4a5c7b532bd6 because k5-thread.h did not
define the conditional k5_once_t structure (because NO_WEAK_PTHREADS
is defined) but threads.c tried to build the conditional k5_once()
function.
Use a single preprocessor symbol, USE_CONDITIONAL_PTHREADS, to
determine whether to use and define pthreads functions which
conditionalize on whether pthreads is loaded. In threads.c, move the
new k5_once() definitions into the USE_CONDITIONAL_PTHREADS block,
defining a stub function if other code will not refer to it.
Also move #pragma weak declarations from k5-threads.h into threads.c,
as we should no longer be conditionally referring to those symbols
outside of threads.c.
Also eliminate some missing-prototype warnings where we define
functions for linker-visibility but don't have corresponding
prototypes in k5-threads.h.
|
|
k5-thread.h has several pthread support calls defined as macros which
conditionally call pthread functions. If a program is linked with
libkrb5support and uses these macros, and the program isn't compiled
with -fPIC, then it can crash if the pthread functions are linked at
runtime (via LD_PRELOAD, for instance) but not at compile time.
Convert the conditional macros to functions, so that libkrb5support is
responsible for determining whether pthreads is loaded and for calling
the pthreads functions if it is.
[ghudson@mit.edu: clarified commit message, adjusted whitespace]
|
|
When a k5test failure occurs, display the last executed command, its
command index, and its output. This will make it easier to understand
"make check" failures when it is not easy to run subsequent commands
or investigate the filesystem of the build host.
|
|
The upgrade to libev 4.22 introduced the use of "memory fences" for
more reliable signal processing. Memory fences are usually
implemented using assembly or compiler primitives, but may be
implemented using pthreads as a last resort. The unmodified libev
errors out at compile time if pthreads is used, but notes that this
error can be removed if relying on pthreads is okay. Because the
project's nightly build infrastructure includes an old Solaris machine
whose toolchain is too old for any of the non-pthreads memory fence
implementations, remove the error to allow the build to succeed. (A
dependency on pthreads functions on Solaris does not require linking
with libpthread.)
|
|
Eliminate memory leaks detected by asan in test programs, to make it
easier to find more serious leaks.
|
|
This update fixes a memory leak when freeing null pointers using
ev_realloc_emul(). In 4.04, that function assumed that realloc(x, 0)
is equivalent to free(x) under glibc, but in at least some versions of
glibc, realloc(NULL, 0) behaves like malloc(0) rather than free(NULL)
and allocates memory.
ticket: 8436 (new)
|
|
Remove the plugin modules wpse, cksum_body, and locate/python, which
aren't used by the test suite or built by default.
Remove util/collected-client-lib, as we no longer have a need to
create a smaller client-only library.
Remove util/gss-kernel-lib, as it turned out not to be useful for
facilitating kernel integrations.
|
|
Change the build system to descend into every directory where we
create a Makefile, but not to build or run anything during "make all"
and "make check" in directories we previously didn't visit. Document
specific build targets that can be used in those directories.
Do not generate a Makefile for the securid_sam2 module unless we are
building it, for consistency with other conditionally built
directories.
|
|
|
|
Add some missing files to .gitignore, EXTRADEPSRCS, and clean rules.
|
|
Double-colon rules allow the flexibility to specify commands in
multiple places, but they also make the order of commands and
dependencies dependent on the order of declarations in the Makefile.
Convert all of our double-colon rules to single-colon rules, with the
exception of "clean-unix" and "clean-windows" which have commands
defined in both post.in and in numerous Makefile.in files.
|
|
The gss-kernel-lib Makefile overrides ALL_CFLAGS. It was setting
the CFLAGS and CPPFLAGS to occur before local includes, which
causes some compilers to include system header files before the
local header files. Moving the CPPFLAGS and CFLAGS to the end of
ALL_CFLAGS corrects this behavior.
|
|
krb5kdc has always only supported binding to the wildcard addresses.
Add two configuration options to allow specifying the address/port
that krb5kdc listens on for UDP and TCP connections.
[ghudson@mit.edu: edited documentation; preserved kdc_ports = ""
behavior; made kdc_ports and kdc_tcp_ports continue to work in
kdcdefaults section]
ticket: 1093
|
|
In write_data_to_file(), do not clear the profile data object's flags.
If the call to this function resulted from profile_flush_to_file(), we
do not want to clear the DIRTY flag, and we especially do not want to
clear the SHARED flag for a data object which is part of
g_shared_trees. Instead, clear the DIRTY flag in
profile_flush_file_data().
Add a test case to prof_test1 to exercise the bug in unfixed code.
Also modify test1 to abandon the altered profile after flushing it to
a file, to preserve the external behavior of the script before this
fix.
ticket: 8431
target_version: 1.14-next
tags: pullup
|
|
In _onexit() in k5test.py, output an absolute path to the testlog
file, and output explicit directions on re-running the script with the
-v flag.
|
|
emacs_reindent() is intended to fail gracefully when emacs is not
installed, but instead subprocess.call() throws an OSError. Check for
this error and return normally.
|
|
For each file we check in cstyle-file.py, try to use emacs to
batch-reindent a copy of the file, and compare the resulting lines to
the input to detect indentation errors.
|
|
gssapi_krb5.h declared some well-known OID constants as pointers to
const gss_OID_desc, which can't be assigned to application-declared
gss_OID variables or passed to GSSAPI functions without causing
warnings.
Declare these OID constants without the const qualifier on
gss_OID_desc, at the expense of some type safety. (Fixing this
"correctly" probably requires some standards revision.)
ticket: 8399 (new)
|
|
Set up a SIGINT handler in k5test.py to avoid printing a stack trace
or debugging instructions on control-C.
|
|
appveyor.com is a hosted continuous integration service for Windows.
Add an appveyor.yml file containing build instructions. The appveyor
virtual machines do not include the MFC libraries, so change
util/wshelper/resource.rc to avoid including <afxres.h> (which it does
not need) and add a build conditional for leash.
Right now we do not build the installers; the appveyor VMs do not
appear to have the version of the WiX toolkit we need, and we would
also have problems with the missing leash executable.
|
|
Relocate the internal getopt() and getopt_long() code to util/support,
and build conditionally. Put declarations in k5-platform.h. Adjust
Windows build directives for src/clients. Remove getopt-related #defines
from kinit.c, allowing kinit to use getopt_long() on all platforms.
[ghudson@mit.edu: fix some Windows build issues]
ticket: 8391
|
|
Since the main config file is krb5.conf, it is intuitive to name
included files with a ".conf" extension; currently such files are
silently ignored. Accept filenames ending in ".conf" as well as files
with no special characters.
[ghudson@mit.edu: shorten commit message and comment; accept the
filename ".conf" itself for simplicity; add a test; adjust
documentation change to note that allowing .conf is new in 1.15]
ticket: 8389 (new)
|
|
The KDC was still listening on port 750 despite the fact that
this functionality was supposed to have been removed in the
past. Remove port 750 from the list of UDP ports that the KDC
listens on. Also remove port 750 from the default ports that
the client connects to, and from example config fragments.
ticket: 8388 (new)
|
|
A new attribute named KRB5_KDC_LOCKDOWN_KEYS can be set on principals.
This flag prevents keys for the principal from being extracted or set
to a known value by the kadmin protocol. Principals with this flag
cannot be deleted or renamed, and cannot have keys set by setkey or
chpass. chrand operations are allowed, but keys are not returned.
This attribute can be set via the modify operation but cannot be
reset; an authorization error is resturned if an attempt to reset it
is performed.
When creating a KDB, set the lockdown flag on the krbtgt and kadmin
principals.
[ghudson@mit.edu: squash with t_kadmin_acl.py commit; condense commit
message]
ticket: 8365 (new)
|
|
Change the prototype of kadm5_get_principal_keys() to report kvno and
salt information along with each key. Add an RPC for extracting keys,
requiring a new permission bit (which is not implied by 'x' or '*' in
kadm5.acl). Add kadm5_free_kadm5_key_data().
In kadmin, deconditionalize "kadmin ktadd -norandkey". Use the new
information from kadm5_get_principal_keys() to correctly set the kvno
for each key when existing keys are extracted, fixing issue #7852.
Add tests to t_keytab.py for the #7852 fix. Add tests to
lib/kadm5/unit-test for the get_principal_keys RPC.
[ghudson@mit.edu: factor out fetch_new_keys() from add_principal();
rewrite commit message to describe new RPC; add #7852 test cases;
squash with lib/kadm5/unit-test commit]
ticket: 8364 (new)
|
|
Some older code in the tree uses form feed characters. kdevelop does
not appear to preserve them, and it is not our current practice to use
them, so get rid of them in almost all files under src. Leave alone
lib/gssapi/krb5/3des.txt, which is a formatted internet draft.
|
|
|