From 26e5159572d34d8cb08ac265f9e5209eb81cc857 Mon Sep 17 00:00:00 2001 From: Love Hornquist Astrand Date: Thu, 26 Nov 2009 10:06:22 -0800 Subject: [PATCH 1/4] Remove fd caching since we don't have unload (deconstructor) support basiclly this is reverting 164c99a4b414b614e5185a96ef8287331e9134eb the problem is when an application is using PAM loaded and unloaded and over again, the file descriptior never get closed on unload of the pam module. If main app already uses Heimdal, Heimdal doesn't get unloaded, but in some scenarios this happen more often. Since we now use fortuna for our internal random generator, this is not that bad. Bug found by Victor Guerra. --- lib/hcrypto/rand-unix.c | 38 ++++++++++---------------------------- 1 file changed, 10 insertions(+), 28 deletions(-) diff --git a/lib/hcrypto/rand-unix.c b/lib/hcrypto/rand-unix.c index fcad39f1d..4c1f33da5 100644 --- a/lib/hcrypto/rand-unix.c +++ b/lib/hcrypto/rand-unix.c @@ -42,9 +42,6 @@ #include "randi.h" -static int random_fd = -1; -static HEIMDAL_MUTEX random_mutex = HEIMDAL_MUTEX_INITIALIZER; - /* * Unix /dev/random */ @@ -93,44 +90,29 @@ static int unix_bytes(unsigned char *outdata, int size) { ssize_t count; - int once = 0; + int fd; if (size < 0) return 0; else if (size == 0) return 1; - HEIMDAL_MUTEX_lock(&random_mutex); - if (random_fd == -1) { - retry: - random_fd = get_device_fd(O_RDONLY); - if (random_fd < 0) { - HEIMDAL_MUTEX_unlock(&random_mutex); - return 0; - } - } + fd = get_device_fd(O_RDONLY); + if (fd < 0) + return 0; while (size > 0) { - HEIMDAL_MUTEX_unlock(&random_mutex); - count = read (random_fd, outdata, size); - HEIMDAL_MUTEX_lock(&random_mutex); - if (random_fd < 0) { - if (errno == EINTR) - continue; - else if (errno == EBADF && once++ == 0) { - close(random_fd); - random_fd = -1; - goto retry; - } - return 0; - } else if (count <= 0) { - HEIMDAL_MUTEX_unlock(&random_mutex); + count = read(fd, outdata, size); + if (count < 0 && errno == EINTR) + continue; + else if (count <= 0) { + close(fd); return 0; } outdata += count; size -= count; } - HEIMDAL_MUTEX_unlock(&random_mutex); + close(fd); return 1; } From d4dec5cfe3174ba278025a48dfe94211a586b450 Mon Sep 17 00:00:00 2001 From: Love Hornquist Astrand Date: Thu, 26 Nov 2009 10:26:27 -0800 Subject: [PATCH 2/4] Version Heimdal 1.3.2 Windows support --- NEWS | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/NEWS b/NEWS index 3f84285a7..84d975714 100644 --- a/NEWS +++ b/NEWS @@ -6,6 +6,17 @@ Release Notes - Heimdal - Version Heimdal 1.4 - KCM is polished up and now used in production - NTLM first class citizen, credentials stored in KCM - Table driven ASN.1 compiler, smaller!, not enabled by default + - Native Windows client support + +Release Notes - Heimdal - Version Heimdal 1.3.2 + + Bug fixes + + - Don't cache /dev/*random file descriptor, it doesn't get unloaded + - Make C++ safe + - Misc warnings + +Release Notes - Heimdal - Version Heimdal 1.3.1 Bug fixes From 50b6b639116f67661bb8404e6cfee4d6f0efaa2a Mon Sep 17 00:00:00 2001 From: Love Hornquist Astrand Date: Thu, 26 Nov 2009 10:28:21 -0800 Subject: [PATCH 3/4] add Allan McRae and Victor Guerra, sort --- doc/ack.texi | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/doc/ack.texi b/doc/ack.texi index 451da7134..52a530154 100644 --- a/doc/ack.texi +++ b/doc/ack.texi @@ -37,6 +37,7 @@ The @code{pkcs11.h} headerfile was written by the Scute project. Bugfixes, documentation, encouragement, and code has been contributed by: @table @asis @item Alexander Boström +@item Allan McRae @item Andrew Bartlett @item Andrew Cobaugh @item Anton Lundin @@ -64,8 +65,8 @@ Bugfixes, documentation, encouragement, and code has been contributed by: @item Marc Horowitz @item Mario Strasser @item Mark Eichin -@item Mattias Amnefelt @item Martin von Gagern +@item Mattias Amnefelt @item Michael B Allen @item Michael Fromberger @item Michal Vocu @@ -76,10 +77,11 @@ Bugfixes, documentation, encouragement, and code has been contributed by: @item Phil Fisher @item Rafal Malinowski @item Rainer Toebbicke -@item Roman Divacky @item Richard Nyberg +@item Roman Divacky @item Sho Hosoda, 細田 将 @item Stefan Metzmacher +@item Victor Guerra @item Zeqing Xia @item Åke Sandgren @item and we hope that those not mentioned here will forgive us. From 87d30c0e2303c4e0abb99d83057668b1d8b22a19 Mon Sep 17 00:00:00 2001 From: Brian May Date: Sun, 29 Nov 2009 21:47:29 -0800 Subject: [PATCH 4/4] glue for strsvisx --- cf/roken-frag.m4 | 3 ++- lib/roken/roken.h.in | 8 ++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/cf/roken-frag.m4 b/cf/roken-frag.m4 index 479f755c6..ae78e7e91 100644 --- a/cf/roken-frag.m4 +++ b/cf/roken-frag.m4 @@ -190,6 +190,7 @@ AC_CHECK_FUNCS([ \ setprogname \ setstate \ strsvis \ + strsvisx \ strunvis \ strvis \ strvisx \ @@ -388,7 +389,7 @@ AM_CONDITIONAL(have_fnmatch_h, AC_FOREACH([rk_func], [strndup strsep strtok_r], [AC_NEED_PROTO([#include ], rk_func)]) -AC_FOREACH([rk_func], [strsvis strunvis strvis strvisx svis unvis vis], +AC_FOREACH([rk_func], [strsvis strsvisx strunvis strvis strvisx svis unvis vis], [AC_NEED_PROTO([#ifdef HAVE_VIS_H #include #endif], rk_func)]) diff --git a/lib/roken/roken.h.in b/lib/roken/roken.h.in index edea16a8b..bf36c7eff 100644 --- a/lib/roken/roken.h.in +++ b/lib/roken/roken.h.in @@ -947,6 +947,14 @@ ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL strsvis(char *, const char *, int, const char *); #endif +#if !defined(HAVE_STRSVISX) || defined(NEED_STRSVISX_PROTO) +#ifndef HAVE_STRSVISX +#define strsvisx rk_strsvisx +#endif +ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL +strsvisx(char *, const char *, size_t, int, const char *); +#endif + #if !defined(HAVE_STRUNVIS) || defined(NEED_STRUNVIS_PROTO) #ifndef HAVE_STRUNVIS #define strunvis rk_strunvis