oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Turn on -Wextra -Wno-sign-compare -Wno-unused-paramter and fix issues.

Browse Source 
We turn on a few extra warnings and fix the fallout that occurs
when building with --enable-developer.  Note that we get different
warnings on different machines and so this will be a work in
progress.  So far, we have built on NetBSD/amd64 5.99.64 (which
uses gcc 4.5.3) and Ubuntu 10.04.3 LTS (which uses gcc 4.4.3).

Notably, we fixed

	1.  a lot of missing structure initialisers,

	2.  unchecked return values for functions that glibc
	    marks as __attribute__((warn-unused-result)),

	3.  made minor modifications to slc and asn1_compile
	    which can generate code which generates warnings,
	    and

	4.  a few stragglers here and there.

We turned off the extended warnings for many programs in appl/ as
they are nearing the end of their useful lifetime, e.g.  rsh, rcp,
popper, ftp and telnet.

Interestingly, glibc's strncmp() macro needed to be worked around
whereas the function calls did not.

We have not yet tried this on 32 bit platforms, so there will be
a few more warnings when we do.
This commit is contained in:
Roland C. Dowdeswell
2012-02-20 19:45:41 +00:00
parent 8ce8cb509a
commit cc47c8fa7b
147 changed files with 1083 additions and 665 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lib/krb5/addr_families.c
View File

@@ -799,6 +799,7 @@ static struct addr_operations at[] = {
NULL,
NULL,
NULL,
NULL,
NULL
}
};

6
lib/krb5/config_file.c
View File

@@ -444,8 +444,10 @@ krb5_config_parse_file_multi (krb5_context context,
home = pw->pw_dir;
}
if (home) {
asprintf(&newfname, "%s%s", home, &fname[1]);
if (newfname == NULL) {
int aret;
aret = asprintf(&newfname, "%s%s", home, &fname[1]);
if (aret == -1 || newfname == NULL) {
krb5_set_error_message(context, ENOMEM,
N_("malloc: out of memory", ""));
return ENOMEM;

3
lib/krb5/crypto-null.c
View File

@@ -45,6 +45,9 @@ static struct _krb5_key_type keytype_null = {
0,
NULL,
NULL,
NULL,
NULL,
NULL,
NULL
};

2
lib/krb5/derived-key-test.c
View File

@@ -72,7 +72,7 @@ static struct testcase {
{ETYPE_DES3_CBC_SHA1, {0x00, 0x00, 0x00, 0x01, 0xaa}, 5,
{0x26, 0xdc, 0xe3, 0x34, 0xb5, 0x45, 0x29, 0x2f, 0x2f, 0xea, 0xb9, 0xa8, 0x70, 0x1a, 0x89, 0xa4, 0xb9, 0x9e, 0xb9, 0x94, 0x2c, 0xec, 0xd0, 0x16},
{0xf4, 0x8f, 0xfd, 0x6e, 0x83, 0xf8, 0x3e, 0x73, 0x54, 0xe6, 0x94, 0xfd, 0x25, 0x2c, 0xf8, 0x3b, 0xfe, 0x58, 0xf7, 0xd5, 0xba, 0x37, 0xec, 0x5d}},
{0}
{0, {0}, 0, {0}, {0}}
};
int

15
lib/krb5/init_creds_pw.c
View File

@@ -2473,10 +2473,19 @@ krb5_get_init_creds_password(krb5_context context,
krb5_prompt prompt;
krb5_data password_data;
char *p, *q;
int aret = -1;
krb5_unparse_name (context, client, &p);
asprintf (&q, "%s's Password: ", p);
free (p);
ret = krb5_unparse_name (context, client, &p);
if (!ret) {
aret = asprintf (&q, "%s's Password: ", p);
free (p);
}
if (!ret || aret == -1 || !q) {
if (!ret)
ret = ENOMEM;
krb5_clear_error_message (context);
goto out;
}
prompt.prompt = q;
password_data.data = buf;
password_data.length = sizeof(buf);

5
lib/krb5/kcm.c
View File

@@ -963,6 +963,7 @@ kcm_get_default_name(krb5_context context, const krb5_cc_ops *ops,
krb5_storage *request, *response;
krb5_data response_data;
char *name;
int aret;
*str = NULL;
@@ -981,9 +982,9 @@ kcm_get_default_name(krb5_context context, const krb5_cc_ops *ops,
if (ret)
return ret;
asprintf(str, "%s:%s", ops->prefix, name);
aret = asprintf(str, "%s:%s", ops->prefix, name);
free(name);
if (str == NULL)
if (aret == -1 || str == NULL)
return ENOMEM;
return 0;

4
lib/krb5/keytab_any.c
View File

@@ -257,5 +257,7 @@ const krb5_kt_ops krb5_any_ops = {
any_next_entry,
any_end_seq_get,
any_add_entry,
any_remove_entry
any_remove_entry,
NULL,
0
};

12
lib/krb5/keytab_file.c
View File

@@ -776,7 +776,9 @@ const krb5_kt_ops krb5_fkt_ops = {
fkt_next_entry,
fkt_end_seq_get,
fkt_add_entry,
fkt_remove_entry
fkt_remove_entry,
NULL,
0
};
const krb5_kt_ops krb5_wrfkt_ops = {
@@ -790,7 +792,9 @@ const krb5_kt_ops krb5_wrfkt_ops = {
fkt_next_entry,
fkt_end_seq_get,
fkt_add_entry,
fkt_remove_entry
fkt_remove_entry,
NULL,
0
};
const krb5_kt_ops krb5_javakt_ops = {
@@ -804,5 +808,7 @@ const krb5_kt_ops krb5_javakt_ops = {
fkt_next_entry,
fkt_end_seq_get,
fkt_add_entry,
fkt_remove_entry
fkt_remove_entry,
NULL,
0
};

4
lib/krb5/keytab_keyfile.c
View File

@@ -462,7 +462,9 @@ const krb5_kt_ops krb5_akf_ops = {
akf_next_entry,
akf_end_seq_get,
akf_add_entry,
NULL /* remove */
NULL, /* remove */
NULL,
0
};
#endif /* HEIMDAL_SMALLER */

4
lib/krb5/keytab_memory.c
View File

@@ -232,5 +232,7 @@ const krb5_kt_ops krb5_mkt_ops = {
mkt_next_entry,
mkt_end_seq_get,
mkt_add_entry,
mkt_remove_entry
mkt_remove_entry,
NULL,
0
};

2
lib/krb5/n-fold-test.c
View File

@@ -87,7 +87,7 @@ static struct testcase {
0x08, 0xa5, 0x08, 0x41, 0x22, 0x9a, 0xd7, 0x98, 0xfa, 0xb9, 0x54,
0x0c, 0x1b}
},
{NULL, 0}
{NULL, 0, {0}}
};
int

8
lib/krb5/pkinit.c
View File

@@ -183,10 +183,10 @@ find_cert(krb5_context context, struct krb5_pk_identity *id,
hx509_query *q, hx509_cert *cert)
{
struct certfind cf[4] = {
{ "MobileMe EKU" },
{ "PKINIT EKU" },
{ "MS EKU" },
{ "any (or no)" }
{ "MobileMe EKU", NULL },
{ "PKINIT EKU", NULL },
{ "MS EKU", NULL },
{ "any (or no)", NULL }
};
int ret = HX509_CERT_NOT_FOUND;
size_t i, start = 1;

5
lib/krb5/replay.c
View File

@@ -205,6 +205,7 @@ krb5_rc_store(krb5_context context,
time_t t;
FILE *f;
int ret;
size_t count;
ent.stamp = time(NULL);
checksum_authenticator(rep, ent.data);
@@ -217,7 +218,9 @@ krb5_rc_store(krb5_context context,
return ret;
}
rk_cloexec_file(f);
fread(&tmp, sizeof(ent), 1, f);
count = fread(&tmp, sizeof(ent), 1, f);
if(count != 1)
return KRB5_RC_IO_UNKNOWN;
t = ent.stamp - tmp.stamp;
while(fread(&tmp, sizeof(ent), 1, f)){
if(tmp.stamp < t)

2
lib/krb5/salt-aes.c
View File

@@ -99,5 +99,5 @@ struct salt_type _krb5_AES_salt[] = {
"pw-salt",
AES_string_to_key
},
{ 0 }
{ 0, NULL, NULL }
};

2
lib/krb5/salt-arcfour.c
View File

@@ -108,5 +108,5 @@ struct salt_type _krb5_arcfour_salt[] = {
"pw-salt",
ARCFOUR_string_to_key
},
{ 0 }
{ 0, NULL, NULL }
};

2
lib/krb5/salt-des.c
View File

@@ -219,6 +219,6 @@ struct salt_type _krb5_des_salt[] = {
DES_AFS3_string_to_key
},
#endif
{ 0 }
{ 0, NULL, NULL }
};
#endif

4
lib/krb5/salt-des3.c
View File

@@ -136,7 +136,7 @@ struct salt_type _krb5_des3_salt[] = {
"pw-salt",
DES3_string_to_key
},
{ 0 }
{ 0, NULL, NULL }
};
#endif
@@ -146,5 +146,5 @@ struct salt_type _krb5_des3_salt_derived[] = {
"pw-salt",
DES3_string_to_key_derived
},
{ 0 }
{ 0, NULL, NULL }
};

5
lib/krb5/scache.c
View File

@@ -1445,7 +1445,10 @@ KRB5_LIB_VARIABLE const krb5_cc_ops krb5_scc_ops = {
scc_end_cache_get,
scc_move,
scc_get_default_name,
scc_set_default
scc_set_default,
NULL,
NULL,
NULL
};
#endif

2
lib/krb5/string-to-key-test.c
View File

@@ -86,7 +86,7 @@ static struct testcase {
{0x6d, 0x2f, 0xcd, 0xf2, 0xd6, 0xfb, 0xbc, 0x3d, 0xdc, 0xad, 0xb5, 0xda, 0x57, 0x10, 0xa2, 0x34, 0x89, 0xb0, 0xd3, 0xb6, 0x9d, 0x5d, 0x9d, 0x4a}},
{"Juri\xc5\xa1i\xc4\x87@ATHENA.MIT.EDU", "\xc3\x9f", ETYPE_DES3_CBC_SHA1,
{0x16, 0xd5, 0xa4, 0x0e, 0x1c, 0xe3, 0xba, 0xcb, 0x61, 0xb9, 0xdc, 0xe0, 0x04, 0x70, 0x32, 0x4c, 0x83, 0x19, 0x73, 0xa7, 0xb9, 0x52, 0xfe, 0xb0}},
{NULL}
{NULL, NULL, 0, {0}}
};
int

44
lib/krb5/test_cc.c
View File

@@ -293,31 +293,31 @@ struct {
} cc_names[] = {
{ "foo", 0, "foo" },
{ "foo%}", 0, "foo%}" },
{ "%{uid}", 0 },
{ "%{uid}", 0, NULL },
{ "foo%{null}", 0, "foo" },
{ "foo%{null}bar", 0, "foobar" },
{ "%{", 1 },
{ "%{foo %{", 1 },
{ "%{{", 1 },
{ "%{{}", 1 },
{ "%{nulll}", 1 },
{ "%{does not exist}", 1 },
{ "%{}", 1 },
{ "%{", 1, NULL },
{ "%{foo %{", 1, NULL },
{ "%{{", 1, NULL },
{ "%{{}", 1, NULL },
{ "%{nulll}", 1, NULL },
{ "%{does not exist}", 1, NULL },
{ "%{}", 1, NULL },
#ifdef KRB5_USE_PATH_TOKENS
{ "%{APPDATA}", 0 },
{ "%{COMMON_APPDATA}", 0},
{ "%{LOCAL_APPDATA}", 0},
{ "%{SYSTEM}", 0},
{ "%{WINDOWS}", 0},
{ "%{TEMP}", 0},
{ "%{USERID}", 0},
{ "%{uid}", 0},
{ "%{USERCONFIG}", 0},
{ "%{COMMONCONFIG}", 0},
{ "%{LIBDIR}", 0},
{ "%{BINDIR}", 0},
{ "%{LIBEXEC}", 0},
{ "%{SBINDIR}", 0},
{ "%{APPDATA}", 0, NULL },
{ "%{COMMON_APPDATA}", 0, NULL},
{ "%{LOCAL_APPDATA}", 0, NULL},
{ "%{SYSTEM}", 0, NULL},
{ "%{WINDOWS}", 0, NULL},
{ "%{TEMP}", 0, NULL},
{ "%{USERID}", 0, NULL},
{ "%{uid}", 0, NULL},
{ "%{USERCONFIG}", 0, NULL},
{ "%{COMMONCONFIG}", 0, NULL},
{ "%{LIBDIR}", 0, NULL},
{ "%{BINDIR}", 0, NULL},
{ "%{LIBEXEC}", 0, NULL},
{ "%{SBINDIR}", 0, NULL},
#endif
};

338
lib/krb5/verify_krb5_conf.c
View File

@@ -353,227 +353,227 @@ struct entry {
};
struct entry all_strings[] = {
{ "", krb5_config_string, NULL },
{ NULL }
{ "", krb5_config_string, NULL, 0 },
{ NULL, 0, NULL, 0 }
};
struct entry all_boolean[] = {
{ "", krb5_config_string, check_boolean },
{ NULL }
{ "", krb5_config_string, check_boolean, 0 },
{ NULL, 0, NULL, 0 }
};
struct entry v4_name_convert_entries[] = {
{ "host", krb5_config_list, all_strings },
{ "plain", krb5_config_list, all_strings },
{ NULL }
{ "host", krb5_config_list, all_strings, 0 },
{ "plain", krb5_config_list, all_strings, 0 },
{ NULL, 0, NULL, 0 }
};
struct entry libdefaults_entries[] = {
{ "accept_null_addresses", krb5_config_string, check_boolean },
{ "allow_weak_crypto", krb5_config_string, check_boolean },
{ "accept_null_addresses", krb5_config_string, check_boolean, 0 },
{ "allow_weak_crypto", krb5_config_string, check_boolean, 0 },
{ "capath", krb5_config_list, all_strings, 1 },
{ "check_pac", krb5_config_string, check_boolean },
{ "clockskew", krb5_config_string, check_time },
{ "date_format", krb5_config_string, NULL },
{ "default_cc_name", krb5_config_string, NULL },
{ "default_etypes", krb5_config_string, NULL },
{ "default_etypes_des", krb5_config_string, NULL },
{ "default_keytab_modify_name", krb5_config_string, NULL },
{ "default_keytab_name", krb5_config_string, NULL },
{ "default_realm", krb5_config_string, NULL },
{ "dns_canonize_hostname", krb5_config_string, check_boolean },
{ "dns_proxy", krb5_config_string, NULL },
{ "dns_lookup_kdc", krb5_config_string, check_boolean },
{ "dns_lookup_realm", krb5_config_string, check_boolean },
{ "dns_lookup_realm_labels", krb5_config_string, NULL },
{ "egd_socket", krb5_config_string, NULL },
{ "encrypt", krb5_config_string, check_boolean },
{ "extra_addresses", krb5_config_string, NULL },
{ "fcache_version", krb5_config_string, check_numeric },
{ "fcc-mit-ticketflags", krb5_config_string, check_boolean },
{ "forward", krb5_config_string, check_boolean },
{ "forwardable", krb5_config_string, check_boolean },
{ "http_proxy", krb5_config_string, check_host /* XXX */ },
{ "ignore_addresses", krb5_config_string, NULL },
{ "kdc_timeout", krb5_config_string, check_time },
{ "kdc_timesync", krb5_config_string, check_boolean },
{ "log_utc", krb5_config_string, check_boolean },
{ "maxretries", krb5_config_string, check_numeric },
{ "scan_interfaces", krb5_config_string, check_boolean },
{ "srv_lookup", krb5_config_string, check_boolean },
{ "srv_try_txt", krb5_config_string, check_boolean },
{ "ticket_lifetime", krb5_config_string, check_time },
{ "time_format", krb5_config_string, NULL },
{ "transited_realms_reject", krb5_config_string, NULL },
{ "no-addresses", krb5_config_string, check_boolean },
{ "v4_instance_resolve", krb5_config_string, check_boolean },
{ "v4_name_convert", krb5_config_list, v4_name_convert_entries },
{ "verify_ap_req_nofail", krb5_config_string, check_boolean },
{ "max_retries", krb5_config_string, check_time },
{ "renew_lifetime", krb5_config_string, check_time },
{ "proxiable", krb5_config_string, check_boolean },
{ "warn_pwexpire", krb5_config_string, check_time },
{ "check_pac", krb5_config_string, check_boolean, 0 },
{ "clockskew", krb5_config_string, check_time, 0 },
{ "date_format", krb5_config_string, NULL, 0 },
{ "default_cc_name", krb5_config_string, NULL, 0 },
{ "default_etypes", krb5_config_string, NULL, 0 },
{ "default_etypes_des", krb5_config_string, NULL, 0 },
{ "default_keytab_modify_name", krb5_config_string, NULL, 0 },
{ "default_keytab_name", krb5_config_string, NULL, 0 },
{ "default_realm", krb5_config_string, NULL, 0 },
{ "dns_canonize_hostname", krb5_config_string, check_boolean, 0 },
{ "dns_proxy", krb5_config_string, NULL, 0 },
{ "dns_lookup_kdc", krb5_config_string, check_boolean, 0 },
{ "dns_lookup_realm", krb5_config_string, check_boolean, 0 },
{ "dns_lookup_realm_labels", krb5_config_string, NULL, 0 },
{ "egd_socket", krb5_config_string, NULL, 0 },
{ "encrypt", krb5_config_string, check_boolean, 0 },
{ "extra_addresses", krb5_config_string, NULL, 0 },
{ "fcache_version", krb5_config_string, check_numeric, 0 },
{ "fcc-mit-ticketflags", krb5_config_string, check_boolean, 0 },
{ "forward", krb5_config_string, check_boolean, 0 },
{ "forwardable", krb5_config_string, check_boolean, 0 },
{ "http_proxy", krb5_config_string, check_host /* XXX */, 0 },
{ "ignore_addresses", krb5_config_string, NULL, 0 },
{ "kdc_timeout", krb5_config_string, check_time, 0 },
{ "kdc_timesync", krb5_config_string, check_boolean, 0 },
{ "log_utc", krb5_config_string, check_boolean, 0 },
{ "maxretries", krb5_config_string, check_numeric, 0 },
{ "scan_interfaces", krb5_config_string, check_boolean, 0 },
{ "srv_lookup", krb5_config_string, check_boolean, 0 },
{ "srv_try_txt", krb5_config_string, check_boolean, 0 },
{ "ticket_lifetime", krb5_config_string, check_time, 0 },
{ "time_format", krb5_config_string, NULL, 0 },
{ "transited_realms_reject", krb5_config_string, NULL, 0 },
{ "no-addresses", krb5_config_string, check_boolean, 0 },
{ "v4_instance_resolve", krb5_config_string, check_boolean, 0 },
{ "v4_name_convert", krb5_config_list, v4_name_convert_entries, 0 },
{ "verify_ap_req_nofail", krb5_config_string, check_boolean, 0 },
{ "max_retries", krb5_config_string, check_time, 0 },
{ "renew_lifetime", krb5_config_string, check_time, 0 },
{ "proxiable", krb5_config_string, check_boolean, 0 },
{ "warn_pwexpire", krb5_config_string, check_time, 0 },
/* MIT stuff */
{ "permitted_enctypes", krb5_config_string, mit_entry },
{ "default_tgs_enctypes", krb5_config_string, mit_entry },
{ "default_tkt_enctypes", krb5_config_string, mit_entry },
{ NULL }
{ "permitted_enctypes", krb5_config_string, mit_entry, 0 },
{ "default_tgs_enctypes", krb5_config_string, mit_entry, 0 },
{ "default_tkt_enctypes", krb5_config_string, mit_entry, 0 },
{ NULL, 0, NULL, 0 }
};
struct entry appdefaults_entries[] = {
{ "afslog", krb5_config_string, check_boolean },
{ "afs-use-524", krb5_config_string, check_524 },
{ "encrypt", krb5_config_string, check_boolean },
{ "forward", krb5_config_string, check_boolean },
{ "forwardable", krb5_config_string, check_boolean },
{ "proxiable", krb5_config_string, check_boolean },
{ "ticket_lifetime", krb5_config_string, check_time },
{ "renew_lifetime", krb5_config_string, check_time },
{ "no-addresses", krb5_config_string, check_boolean },
{ "krb4_get_tickets", krb5_config_string, check_boolean },
{ "pkinit_anchors", krb5_config_string, NULL },
{ "pkinit_win2k", krb5_config_string, NULL },
{ "pkinit_win2k_require_binding", krb5_config_string, NULL },
{ "pkinit_require_eku", krb5_config_string, NULL },
{ "pkinit_require_krbtgt_otherName", krb5_config_string, NULL },
{ "pkinit_require_hostname_match", krb5_config_string, NULL },
{ "afslog", krb5_config_string, check_boolean, 0 },
{ "afs-use-524", krb5_config_string, check_524, 0 },
{ "encrypt", krb5_config_string, check_boolean, 0 },
{ "forward", krb5_config_string, check_boolean, 0 },
{ "forwardable", krb5_config_string, check_boolean, 0 },
{ "proxiable", krb5_config_string, check_boolean, 0 },
{ "ticket_lifetime", krb5_config_string, check_time, 0 },
{ "renew_lifetime", krb5_config_string, check_time, 0 },
{ "no-addresses", krb5_config_string, check_boolean, 0 },
{ "krb4_get_tickets", krb5_config_string, check_boolean, 0 },
{ "pkinit_anchors", krb5_config_string, NULL, 0 },
{ "pkinit_win2k", krb5_config_string, NULL, 0 },
{ "pkinit_win2k_require_binding", krb5_config_string, NULL, 0 },
{ "pkinit_require_eku", krb5_config_string, NULL, 0 },
{ "pkinit_require_krbtgt_otherName", krb5_config_string, NULL, 0 },
{ "pkinit_require_hostname_match", krb5_config_string, NULL, 0 },
#if 0
{ "anonymous", krb5_config_string, check_boolean },
{ "anonymous", krb5_config_string, check_boolean, 0 },
#endif
{ "", krb5_config_list, appdefaults_entries },
{ NULL }
{ "", krb5_config_list, appdefaults_entries, 0 },
{ NULL, 0, NULL, 0 }
};
struct entry realms_entries[] = {
{ "forwardable", krb5_config_string, check_boolean },
{ "proxiable", krb5_config_string, check_boolean },
{ "ticket_lifetime", krb5_config_string, check_time },
{ "renew_lifetime", krb5_config_string, check_time },
{ "warn_pwexpire", krb5_config_string, check_time },
{ "kdc", krb5_config_string, check_host },
{ "admin_server", krb5_config_string, check_host },
{ "kpasswd_server", krb5_config_string, check_host },
{ "krb524_server", krb5_config_string, check_host },
{ "v4_name_convert", krb5_config_list, v4_name_convert_entries },
{ "v4_instance_convert", krb5_config_list, all_strings },
{ "v4_domains", krb5_config_string, NULL },
{ "default_domain", krb5_config_string, NULL },
{ "win2k_pkinit", krb5_config_string, NULL },
{ "forwardable", krb5_config_string, check_boolean, 0 },
{ "proxiable", krb5_config_string, check_boolean, 0 },
{ "ticket_lifetime", krb5_config_string, check_time, 0 },
{ "renew_lifetime", krb5_config_string, check_time, 0 },
{ "warn_pwexpire", krb5_config_string, check_time, 0 },
{ "kdc", krb5_config_string, check_host, 0 },
{ "admin_server", krb5_config_string, check_host, 0 },
{ "kpasswd_server", krb5_config_string, check_host, 0 },
{ "krb524_server", krb5_config_string, check_host, 0 },
{ "v4_name_convert", krb5_config_list, v4_name_convert_entries, 0 },
{ "v4_instance_convert", krb5_config_list, all_strings, 0 },
{ "v4_domains", krb5_config_string, NULL, 0 },
{ "default_domain", krb5_config_string, NULL, 0 },
{ "win2k_pkinit", krb5_config_string, NULL, 0 },
/* MIT stuff */
{ "admin_keytab", krb5_config_string, mit_entry },
{ "acl_file", krb5_config_string, mit_entry },
{ "dict_file", krb5_config_string, mit_entry },
{ "kadmind_port", krb5_config_string, mit_entry },
{ "kpasswd_port", krb5_config_string, mit_entry },
{ "master_key_name", krb5_config_string, mit_entry },
{ "master_key_type", krb5_config_string, mit_entry },
{ "key_stash_file", krb5_config_string, mit_entry },
{ "max_life", krb5_config_string, mit_entry },
{ "max_renewable_life", krb5_config_string, mit_entry },
{ "default_principal_expiration", krb5_config_string, mit_entry },
{ "default_principal_flags", krb5_config_string, mit_entry },
{ "supported_enctypes", krb5_config_string, mit_entry },
{ "database_name", krb5_config_string, mit_entry },
{ NULL }
{ "admin_keytab", krb5_config_string, mit_entry, 0 },
{ "acl_file", krb5_config_string, mit_entry, 0 },
{ "dict_file", krb5_config_string, mit_entry, 0 },
{ "kadmind_port", krb5_config_string, mit_entry, 0 },
{ "kpasswd_port", krb5_config_string, mit_entry, 0 },
{ "master_key_name", krb5_config_string, mit_entry, 0 },
{ "master_key_type", krb5_config_string, mit_entry, 0 },
{ "key_stash_file", krb5_config_string, mit_entry, 0 },
{ "max_life", krb5_config_string, mit_entry, 0 },
{ "max_renewable_life", krb5_config_string, mit_entry, 0 },
{ "default_principal_expiration", krb5_config_string, mit_entry, 0 },
{ "default_principal_flags", krb5_config_string, mit_entry, 0 },
{ "supported_enctypes", krb5_config_string, mit_entry, 0 },
{ "database_name", krb5_config_string, mit_entry, 0 },
{ NULL, 0, NULL, 0 }
};
struct entry realms_foobar[] = {
{ "", krb5_config_list, realms_entries },
{ NULL }
{ "", krb5_config_list, realms_entries, 0 },
{ NULL, 0, NULL, 0 }
};
struct entry kdc_database_entries[] = {
{ "realm", krb5_config_string, NULL },
{ "dbname", krb5_config_string, NULL },
{ "mkey_file", krb5_config_string, NULL },
{ "acl_file", krb5_config_string, NULL },
{ "log_file", krb5_config_string, NULL },
{ NULL }
{ "realm", krb5_config_string, NULL, 0 },
{ "dbname", krb5_config_string, NULL, 0 },
{ "mkey_file", krb5_config_string, NULL, 0 },
{ "acl_file", krb5_config_string, NULL, 0 },
{ "log_file", krb5_config_string, NULL, 0 },
{ NULL, 0, NULL, 0 }
};
struct entry kdc_entries[] = {
{ "database", krb5_config_list, kdc_database_entries },
{ "key-file", krb5_config_string, NULL },
{ "logging", krb5_config_string, check_log },
{ "max-request", krb5_config_string, check_bytes },
{ "require-preauth", krb5_config_string, check_boolean },
{ "ports", krb5_config_string, NULL },
{ "addresses", krb5_config_string, NULL },
{ "enable-kerberos4", krb5_config_string, check_boolean },
{ "enable-524", krb5_config_string, check_boolean },
{ "enable-http", krb5_config_string, check_boolean },
{ "check-ticket-addresses", krb5_config_string, check_boolean },
{ "allow-null-ticket-addresses", krb5_config_string, check_boolean },
{ "allow-anonymous", krb5_config_string, check_boolean },
{ "v4_realm", krb5_config_string, NULL },
{ "database", krb5_config_list, kdc_database_entries, 0 },
{ "key-file", krb5_config_string, NULL, 0 },
{ "logging", krb5_config_string, check_log, 0 },
{ "max-request", krb5_config_string, check_bytes, 0 },
{ "require-preauth", krb5_config_string, check_boolean, 0 },
{ "ports", krb5_config_string, NULL, 0 },
{ "addresses", krb5_config_string, NULL, 0 },
{ "enable-kerberos4", krb5_config_string, check_boolean, 0 },
{ "enable-524", krb5_config_string, check_boolean, 0 },
{ "enable-http", krb5_config_string, check_boolean, 0 },
{ "check-ticket-addresses", krb5_config_string, check_boolean, 0 },
{ "allow-null-ticket-addresses", krb5_config_string, check_boolean, 0 },
{ "allow-anonymous", krb5_config_string, check_boolean, 0 },
{ "v4_realm", krb5_config_string, NULL, 0 },
{ "enable-kaserver", krb5_config_string, check_boolean, 1 },
{ "encode_as_rep_as_tgs_rep", krb5_config_string, check_boolean },
{ "kdc_warn_pwexpire", krb5_config_string, check_time },
{ "use_2b", krb5_config_list, NULL },
{ "enable-pkinit", krb5_config_string, check_boolean },
{ "pkinit_identity", krb5_config_string, NULL },
{ "pkinit_anchors", krb5_config_string, NULL },
{ "pkinit_pool", krb5_config_string, NULL },
{ "pkinit_revoke", krb5_config_string, NULL },
{ "pkinit_kdc_ocsp", krb5_config_string, NULL },
{ "pkinit_principal_in_certificate", krb5_config_string, NULL },
{ "pkinit_dh_min_bits", krb5_config_string, NULL },
{ "pkinit_allow_proxy_certificate", krb5_config_string, NULL },
{ "hdb-ldap-create-base", krb5_config_string, NULL },
{ "v4-realm", krb5_config_string, NULL },
{ NULL }
{ "encode_as_rep_as_tgs_rep", krb5_config_string, check_boolean, 0 },
{ "kdc_warn_pwexpire", krb5_config_string, check_time, 0 },
{ "use_2b", krb5_config_list, NULL, 0 },
{ "enable-pkinit", krb5_config_string, check_boolean, 0 },
{ "pkinit_identity", krb5_config_string, NULL, 0 },
{ "pkinit_anchors", krb5_config_string, NULL, 0 },
{ "pkinit_pool", krb5_config_string, NULL, 0 },
{ "pkinit_revoke", krb5_config_string, NULL, 0 },
{ "pkinit_kdc_ocsp", krb5_config_string, NULL, 0 },
{ "pkinit_principal_in_certificate", krb5_config_string, NULL, 0 },
{ "pkinit_dh_min_bits", krb5_config_string, NULL, 0 },
{ "pkinit_allow_proxy_certificate", krb5_config_string, NULL, 0 },
{ "hdb-ldap-create-base", krb5_config_string, NULL, 0 },
{ "v4-realm", krb5_config_string, NULL, 0 },
{ NULL, 0, NULL, 0 }
};
struct entry kadmin_entries[] = {
{ "password_lifetime", krb5_config_string, check_time },
{ "default_keys", krb5_config_string, NULL },
{ "use_v4_salt", krb5_config_string, NULL },
{ "require-preauth", krb5_config_string, check_boolean },
{ NULL }
{ "password_lifetime", krb5_config_string, check_time, 0 },
{ "default_keys", krb5_config_string, NULL, 0 },
{ "use_v4_salt", krb5_config_string, NULL, 0 },
{ "require-preauth", krb5_config_string, check_boolean, 0 },
{ NULL, 0, NULL, 0 }
};
struct entry log_strings[] = {
{ "", krb5_config_string, check_log },
{ NULL }
{ "", krb5_config_string, check_log, 0 },
{ NULL, 0, NULL, 0 }
};
/* MIT stuff */
struct entry kdcdefaults_entries[] = {
{ "kdc_ports", krb5_config_string, mit_entry },
{ "v4_mode", krb5_config_string, mit_entry },
{ NULL }
{ "kdc_ports", krb5_config_string, mit_entry, 0 },
{ "v4_mode", krb5_config_string, mit_entry, 0 },
{ NULL, 0, NULL, 0 }
};
struct entry capaths_entries[] = {
{ "", krb5_config_list, all_strings },
{ NULL }
{ "", krb5_config_list, all_strings, 0 },
{ NULL, 0, NULL, 0 }
};
struct entry password_quality_entries[] = {
{ "policies", krb5_config_string, NULL },
{ "external_program", krb5_config_string, NULL },
{ "min_classes", krb5_config_string, check_numeric },
{ "min_length", krb5_config_string, check_numeric },
{ "", krb5_config_list, all_strings },
{ NULL }
{ "policies", krb5_config_string, NULL, 0 },
{ "external_program", krb5_config_string, NULL, 0 },
{ "min_classes", krb5_config_string, check_numeric, 0 },
{ "min_length", krb5_config_string, check_numeric, 0 },
{ "", krb5_config_list, all_strings, 0 },
{ NULL, 0, NULL, 0 }
};
struct entry toplevel_sections[] = {
{ "libdefaults" , krb5_config_list, libdefaults_entries },
{ "realms", krb5_config_list, realms_foobar },
{ "domain_realm", krb5_config_list, all_strings },
{ "logging", krb5_config_list, log_strings },
{ "kdc", krb5_config_list, kdc_entries },
{ "kadmin", krb5_config_list, kadmin_entries },
{ "appdefaults", krb5_config_list, appdefaults_entries },
{ "gssapi", krb5_config_list, NULL },
{ "capaths", krb5_config_list, capaths_entries },
{ "password_quality", krb5_config_list, password_quality_entries },
{ "libdefaults" , krb5_config_list, libdefaults_entries, 0 },
{ "realms", krb5_config_list, realms_foobar, 0 },
{ "domain_realm", krb5_config_list, all_strings, 0 },
{ "logging", krb5_config_list, log_strings, 0 },
{ "kdc", krb5_config_list, kdc_entries, 0 },
{ "kadmin", krb5_config_list, kadmin_entries, 0 },
{ "appdefaults", krb5_config_list, appdefaults_entries, 0 },
{ "gssapi", krb5_config_list, NULL, 0 },
{ "capaths", krb5_config_list, capaths_entries, 0 },
{ "password_quality", krb5_config_list, password_quality_entries, 0 },
/* MIT stuff */
{ "kdcdefaults", krb5_config_list, kdcdefaults_entries },
{ NULL }
{ "kdcdefaults", krb5_config_list, kdcdefaults_entries, 0 },
{ NULL, 0, NULL, 0 }
};