oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
28,314 Commits 2 Branches 2 Tags
27d7939d74392459741c6c99690b74f193c269c7
Commit Graph

28314 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nicolas Williams
27d7939d74 Improve valgrind suppressions 2016-12-06 22:44:23 -06:00
Nicolas Williams
6e5bbbf65d Fix FAST client memleak 2016-12-06 22:44:23 -06:00
Jelmer Vernooij
650d730d0d Increase timeout when waiting for iprop-slave. 
This is required when running on slower platforms. We're hitting the
timeout building on mips.
 2016-12-04 17:40:38 -06:00
Jelmer Vernooij
846a62a39e Use actual libdir/includedir in krb5-config and pc files. (#219) 
This fixes the library path on e.g. systems like Debian which specify a
custom includedir and libdir.
 2016-12-03 18:31:43 -06:00
Viktor Dukhovni
f0a772e3e6 More robust kadm5 server handle init and cleanup 2016-12-03 01:36:53 -05:00
Viktor Dukhovni
7209b72869 Bump master version to 7.99.1 (8.0-dev) 2016-12-02 22:38:00 -05:00
Nicolas Williams
de4bd036e1 lib/kadm5 parallel build fix went too far 2016-11-28 21:56:16 -06:00
Nicolas Williams
923105d130 Fix lib/kadm5 parallel build 2016-11-28 21:48:45 -06:00
Nicolas Williams
16b77f7dfa Fix make dist 2016-11-28 21:35:34 -06:00
Nicolas Williams
e5126ab924 Fix warnings 2016-11-28 17:34:44 -06:00
Nicolas Williams
3ba12317a0 Misc fixes (coverity) 2016-11-28 15:09:55 -06:00
Nicolas Williams
f38089257b Misc fixes (coverity) 2016-11-20 17:43:51 -06:00
Nicolas Williams
6696920d9e Fix leak in krb5_rd_rep() callers 2016-11-20 17:43:51 -06:00
Nicolas Williams
943e76f99b Fix leak in hx509_general_name_unparse() 2016-11-20 17:43:51 -06:00
Jeffrey Altman
d9f7718a42 gss/krb5: gsskrb5_acceptor_start authenticator leak (take two) 
Change-Id: I11be62ab806ea89258fe60e29e6d6488908070fa
 2016-11-19 23:59:30 -05:00
Jeffrey Altman
2be6646adc gss/krb5: gsskrb5_acceptor_start authenticator leak 
Change-Id: I78c546590776ae4c30a49bfb919285b0eb15a06b
 2016-11-19 10:18:12 -05:00
Jeffrey Altman
a1d3ab05c4 kdc: start_kdc avoid warning 
The prior structure of the code was safe but can appear otherwise to
static analyzers since the assignment to pids[i] occurs after exitting
the for() loop.

While here use calloc() instead of malloc()/memset().

Change-Id: I8455aa259fd8c7c17778827937ec26127fe0785c
 2016-11-19 09:57:14 -05:00
Jeffrey Altman
989a7c3379 kadm5: kadm5_add_passwd_quality_verifier memory leak 
if krb5_get_config_strings() returns the empty string do not return
immediately.  Instead the for() loop will be skipped because the empty
string represents the end of the string list permitting
krb5_config_free_strings() to free the allocated memory.

Change-Id: Ia6fdb13f716c07b53c8b3857af4f7ab8be578882
 2016-11-19 08:23:06 -05:00
Jeffrey Altman
a33b6d6b78 hdb: more read_master_key leaks 
Change-Id: Icf0bb8dc3cdcd2babb91b4180cec37737772373d
 2016-11-19 08:18:39 -05:00
Jeffrey Altman
bdfc24e9c0 kadmind: kadmin_dispatch leaks memory 
Change-Id: I8bc332c4c9b7a8dc1d63494a82ec7af89c0ec7ca
 2016-11-19 07:43:39 -05:00
Jeffrey Altman
055edd9669 kadm5: kadm5_add_passwd_quality_verifier leaks 'strs' 
Change-Id: Ibcc3f512016a4a095eacbd710c395aaf93c4b7f7
 2016-11-19 07:28:42 -05:00
Jeffrey Altman
6f917463ff hdb: read_master_key use free_master_key on error 
If an error occurs during read_masker_key() processing, use
free_master_key() to perform cleanup.

Change-Id: Idc0ad0131ea4855207232e9773772106cb4f5945
 2016-11-19 07:25:40 -05:00
Jeffrey Altman
04f17a5bae kadmin: stash() do not leak 'mkey' if early exit 
Change-Id: I4d9f847e833a895933dcd69cc1e7aed80d85aea5
 2016-11-19 02:16:19 -05:00
Jeffrey Altman
2f62c7c77e roken: rk_undumpdata free allocation on error 
Do not return allocated memory and an error code.
Free it instead so as to avoid memory leaks.

Change-Id: I47d42be0f6bc52062c57c00c37b665ee2f2811ce
 2016-11-19 02:08:58 -05:00
Jeffrey Altman
d8e7027c9d admin: do_list do not shadow local variables 
Remove second declaration of 's' which shadows an existing variable.

Change-Id: I2277663ab051fb4ed10823fb43489cee06bb502b
 2016-11-19 02:04:07 -05:00
Jeffrey Altman
348c425686 kdc: tgs_build_reply remove unused variable 
tgt_realm is assigned a value but is never used in tgs_build_reply().

Change-Id: I882a127f40947b9c8755af5c28f1b19d66263b4c
 2016-11-19 02:01:42 -05:00
Jeffrey Altman
0dc3d21724 hdb: read_master_key add parens around (*mkey) 
Add parens around the use of (*mkey)->next.

Change-Id: I3b60c2432d1c5dee8483795bed52ff24c7aa6a70
 2016-11-19 01:26:08 -05:00
Jeffrey Altman
9e72c475ae hdb: need prototypes for hdb_ldap[i]_create 
Commit 4b6bd40106 made hdb_ldap_create and
hdb_ldapi_create static in the OPENLDAP_MODULE case.  However, by
failing to leave a blank line between the static and the function
declaration the perl program that produces the hdb-protos.h file
skips the functions.

Add appropriate spacing.

Change-Id: I9ad24176fc31a0bce92b51f7adab141e8fa70fa3
 2016-11-19 01:23:08 -05:00
Jeffrey Altman
11d1c81c27 kadmin: add_users leaks 'words' 
Change-Id: I2607c8f0d774dd31d3b7f2341a65f4d43867548f
 2016-11-19 00:21:42 -05:00
Jeffrey Altman
e772511b78 hdb: read_master_keytab free memory on failure 
read_master_keytab() should always return with *mkey == NULL on
failure.  Doing otherwise can result in memory leaks or use of
an uninitialized pointer.

Change-Id: Ice1fd504ca573d73bb51dd3b01770c3f8bc59fd4
 2016-11-19 00:16:59 -05:00
Jeffrey Altman
cdf5d324e3 kdc: _kdc_fast_unwrap_request leaks 'buf' 
Change-Id: If4d3852112dadc331db1d3601b2c7bd6b3129429
 2016-11-18 23:59:47 -05:00
Jeffrey Altman
a3e95f16b7 krb5: _kdc_encode_reply leaks 'buf' if early exit 
Change-Id: I9e94535cd974ba463f813982325440a4ad8ba217
 2016-11-18 23:53:53 -05:00
Nicolas Williams
52a562a3a4 Misc fixes (coverity) 2016-11-18 22:21:45 -06:00
Nicolas Williams
4b6bd40106 Quiet warning in --enable-hdb-openldap-module case 
Functions that are not exported in this case should be static in this
case.
 2016-11-18 22:21:45 -06:00
Jeffrey Altman
2fda484c2f kuser: generate_requests leaks 'words' 
Change-Id: I67a4b4cdab5bf32b9d2b28d8429bb31202cd3b6b
 2016-11-18 23:06:04 -05:00
Jeffrey Altman
5debfae6d1 er: klist print_tickets leaks 'str' 
Change-Id: Ie86f3a9d64ceb6d44cd36be06700194b978247c9
 2016-11-18 23:04:06 -05:00
Jeffrey Altman
26dd1edaa9 kswitch: memory leaks 
ids and name must be freed before they go out of scope.

Change-Id: I0133c27994f7dc2832cea6b8529c060ed779c2ab
 2016-11-18 22:51:59 -05:00
Jeffrey Altman
d4622f12e5 gssmask: HandleOp unused var principal 
Always NULL.

Change-Id: I65074562b029effcec62c4edb5d33e3289a634db
 2016-11-18 21:59:18 -05:00
Jeffrey Altman
69fbbfdfcb krb5: fix verify_conf syslog facility check 
search for facility not severity

Change-Id: I79e9104d1fd27e8d11f7f9c6006676d947086ac5
 2016-11-18 21:24:26 -05:00
Jeffrey Altman
89d87ab66a kadmin: do_mod_entry copy and paste error 
when testing hist_kvno_diff_svc_integer do not use
hist_kvno_diff_clnt_integer.

Change-Id: Ib1d0224cdb1bab95ef0b104026f854cbfd8f736f
 2016-11-18 21:18:55 -05:00
Jeffrey Altman
5cf454ca54 krb5: _krb5_expand_path_tokens missing va_end() 
when returning early due to memory allocation error must call va_end()

Change-Id: Icc42771c166453f67679334cea19ed9be692bd87
 2016-11-18 21:12:36 -05:00
Jeffrey Altman
97a40d8838 hdb: hdb_add_aliases frees uninitialized memory 
This bug was never shipped in a release.  It was introduced by commit
1c81ddf4e2.

Change-Id: Ia9f6d69b2858a75cc51e50034fe70e29f13b8fc1
 2016-11-18 20:58:39 -05:00
Jeffrey Altman
d07fe95b61 krb5: krb5_data_free() do not test before free() 
Change-Id: I739eb0b227eb7885bb83b6e68eaf39db81b1ceb5
 2016-11-18 20:43:19 -05:00
Nicolas Williams
7fa85e6d6d Round #3 of scan-build warnings cleanup 2016-11-16 23:27:27 -06:00
Nicolas Williams
1c81ddf4e2 Round #2 of scan-build warnings cleanup 2016-11-16 17:03:14 -06:00
Nicolas Williams
953dc07391 Round #1 of scan-build warnings cleanup 2016-11-15 21:27:20 -06:00
Nicolas Williams
274021f7db Make check-ldap run on Ubuntu 
Apparmor on Ubuntu prevents slapd from using the Unix domain socket we
want it to.  The fix is to copy the slapd executable into the objdir,
which disables the apparmor profile for slapd.

Also, make sure the ldapi: URI has the right path for the socket in
krb5.conf.
 2016-11-15 15:35:29 -06:00
Nicolas Williams
995966f9d1 Fix hdb_create() HDB dbname parsing 2016-11-15 15:35:19 -06:00
Nicolas Williams
2c20a5a8bc Set KRB5_CONFIG earlier in check-ldap 
Otherwise the kdc won't find the plugin.
 2016-11-15 14:16:54 -06:00
Nicolas Williams
475c222472 Fix lib/hdb/test_hdbplugin 2016-11-15 13:54:45 -06:00