oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
30,892 Commits 2 Branches 2 Tags
sd-notify
Commit Graph

18285 Commits

Author SHA1 Message Date
Joseph Sutton
7369cbd11c krb5: Fix spelling of error messages 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:34:35 -05:00
Joseph Sutton
05602c2286 hx509: Fix code spelling 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:34:35 -05:00
Joseph Sutton
ef083a0e2c hx509: Fix code spelling 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:34:35 -05:00
Joseph Sutton
61bf5009a0 hx509: Fix spelling of error messages 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:34:35 -05:00
Joseph Sutton
d9d3dd448d hdb: Fix code spelling 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:34:35 -05:00
Joseph Sutton
7cb320b46a hdb: Fix error messages 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:34:35 -05:00
Joseph Sutton
551f0c32fa base: Fix code spelling 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:34:35 -05:00
Joseph Sutton
a3878d3e9d wind: Deny invalid UTF-8 encodings 
Codepoints above U+10FFFF and overlong encodings are considered invalid.
Unpaired surrogates are not, as these are known to be generated on
occasion — by Windows, for example.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-08 14:58:21 -06:00
Joseph Sutton
bf25b38c0a wind: Support UTF-8–encoding non-BMP codepoints 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-08 14:58:21 -06:00
Joseph Sutton
ba63461cd4 wind: Support UTF-16–encoding non-BMP codepoints 
View with ‘git show -b’.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-08 14:58:21 -06:00
Joseph Sutton
821fac3648 wind: Use portable integer types 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-08 14:58:21 -06:00
Joseph Sutton
db70a76074 wind: Do not perform arithmetic on a NULL pointer 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-08 14:58:21 -06:00
Joseph Sutton
ed798da1f2 wind: Fix documentation comment 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-08 14:58:21 -06:00
Nicolas Williams
2ad736a579 hx509: Fix EACCES / ENOMEM confusion 2023-11-08 14:22:02 -06:00
Nicolas Williams
be0d1e68e5 hx509: Add support for CSRs w/ BasicConstraints 2023-11-08 14:22:02 -06:00
Joseph Sutton
487ba95669 wind: Don’t use invalid escape sequences 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
a18436d709 roken: Remove excess zeros in literals 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
30e3921ad1 krb5: Fix error condition 
‘ret’ can only ever be equal to zero.

Found by Coverity (Samba CID 1518754).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
b1f7a63e41 krb5: Fix error code mapping 
Found by Coverity (Samba CID 1518726).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
b0f196880c krb5: Check result of calling decode_Ticket() 
Found by Coverity (Samba CID 241005).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
0334d9e55a krb5: Check function return values 
Found by Coverity (Samba CID 240644).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
e53d594d05 krb5: Check return value of RAND_bytes() 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
62e63b2da6 krb5: Fix unused variable 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
a840986dc0 hx509: Check return value of RAND_bytes() 
Found by Coverity (Samba CID 1544600).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
d1b9d2c2f9 hx509: Add missing format specifier 
Found by Coverity (Samba CID 1544604).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
7ee2ddd71a hx509: Use correct format specifier 
Found by Coverity (Samba CID 1544606).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
13f96a2c89 hx509: Don’t pass excess arguments to variadic functions 
Found by Coverity (Samba CID 1544609).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
d71035e2d1 hdb: Initialize ‘tm’ structure 
‘tm’ must be initialized prior to calling strptime().

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
806bf5f571 hdb: Initialize ‘tm’ structure 
‘tm’ must be initialized prior to calling strptime().

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
f7bcd8665c hdb: Remove redundant assignment 
Found by Coverity (Samba CID 1544603).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
c3e3d02b01 hcrypto: Don’t cast away const 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Nicolas Williams
c922303dd0 asn1: Do not emit the same ASN.1 C comments repeatedly 2023-09-21 23:08:34 -04:00
Nicolas Williams
cfd2ccb546 asn1: Do not emit extra typedefs that cause warnings 2023-09-21 23:08:34 -04:00
Nicolas Williams
2a38fa17b5 kdc: Add global disable_pac config param 2023-06-23 13:44:13 -05:00
Nicolas Williams
f126ea6d62 kadm5: Add KRB5_KDB_AUTH_DATA_REQUIRED attribute 2023-06-23 13:44:13 -05:00
Nicolas Williams
3c4548025c hdb: Add auth-data-reqd flag 2023-06-23 13:44:13 -05:00
Taylor R Campbell
8ac4266021 Makefile.am: Set AM_YFLAGS and AM_LFLAGS, not YFLAGS or LFLAGS. 
YFLAGS and LFLAGS are reserved for the user to set, not for makefiles
to set:
https://www.gnu.org/software/automake/manual/html_node/Flag-Variables-Ordering.html

fix https://github.com/heimdal/heimdal/issues/1171
 2023-06-21 20:06:58 -05:00
Taylor R Campbell
ca0e53b64f Pass -d to yacc(1) so it generates the header file. 
Bison must generate this unsolicited, but BSD yacc does not.

The makefiles for lib/com_err and lib/sl already did this; this
change just adds it to lib/asn1 and lib/hx509 too.

fix https://github.com/heimdal/heimdal/issues/1100
 2023-06-21 16:07:16 -05:00
Taylor R Campbell
e3e271ff70 hdb/hdb-mitdb: Nix unused variable key_data in mdb_seq. 
key_data is unused.  Presumably this was copypasta from DB_seq in
hdb/db.c, where it is used for the Heimdal database format in which
the value may be missing a principal but it can be recovered from the
key.  In contrast, the mit-krb5 format appears to always store the
principal in the value and _hdb_mdb_value2entry always retrieves it,
with no need for a key2principal fallback.

fix https://github.com/heimdal/heimdal/issues/1102
 2023-06-20 23:18:08 -05:00
Joseph Sutton
8640c7c168 krb5: Return appropriate error code 2023-06-20 18:02:15 -05:00
Joseph Sutton
c1bd7772ed third_party/heimdal: Fix deprecation messages 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-06-20 18:02:15 -05:00
Robert Manner
e8e8b78d65 hx509/hxtool.c: ensure parse_bytes() result does not overflow 2023-06-20 12:57:28 -05:00
Robert Manner
37cd2c16b8 asn1/check-gen.c: disable some non working bignum tests on 32 bit systems 2023-06-20 12:57:28 -05:00
Robert Manner
65e5b0ab79 roken/parse_bytes: fix test for >= terabyte units on 32 bit systems 
On 32 bit systems, sizeof(ssize_t) and sizeof(unsigned long aka UL) is
32 bits which is not able to hold the value of a terabyte.
 2023-06-20 12:57:28 -05:00
Taylor R Campbell
997916e3f6 krb5: Make heimdal_version and heimdal_long_version const. 
Pretty sure it is not useful for applications to be able to write to
this.

However, caveat: this could break programs that expect to pass around
&heimdal_version or &heimdal_long_version to functions that expect
pointers to non-const objects even if they don't modify them.
 2023-06-20 12:19:48 -05:00
Taylor R Campbell
426eb46441 com_err: Constify xyz_error_strings arrays. 
Note: This changes the types of public symbols.  It is unlikely that
any applications would rightly _write_ to these arrays, but it is
possible they might require some UNCONST in order to pass the
pointers to other functions that are missing const qualifiers.
 2023-06-20 12:19:48 -05:00
Taylor R Campbell
c69ce29a31 krb5/constants.c: Make some constants constant. 
This changes the public header file but I doubt it was ever intended
that applications could change these by writing to them.  (Not sure
why they're not declared as const arrays in any case.)
 2023-06-20 12:19:48 -05:00
Taylor R Campbell
fdbf355be0 ipc/client.c: Make never-modified global ipcstable const. 2023-06-20 12:19:48 -05:00
Taylor R Campbell
29b1faaef6 krb5/send_to_kdc.c: Constify plugin stuff. 2023-06-20 12:19:48 -05:00
Taylor R Campbell
c644d051d8 krb5/pcache.c: Constify plugin stuff. 2023-06-20 12:19:48 -05:00