oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
30,661 Commits 2 Branches 2 Tags
666ee41759920ead6013386da28b5a831e11fedf
Commit Graph

30661 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Luke Howard
666ee41759 roken: fix Solaris build 
libroken needs to be linked against libsocket for socket()
 2023-01-07 12:08:30 +11:00
Luke Howard
62f83ad024 base: don't duplicate prototypes in heimbase.h 2023-01-07 12:08:25 +11:00
Luke Howard
b3f6f4c125 base: include config.h 
Solaris requires __EXTENSIONS__ to be defined before including string.h so that
the strnlen() prototype is visible
 2023-01-07 11:40:48 +11:00
Luke Howard
37f7c5476d roken: fix Solaris build 
libroken needs to be linked against libnsl for inet_ntoa()
 2023-01-07 11:40:44 +11:00
Nicolas Williams
ece456b028 krb5: Do not fail to rd_req if no AD-KDC-ISSUED 
We reject tickets that have no AD-KDC-ISSUED(!).

This was reported by Samba.  The workaround they found was to set
check_pac = true in krb5.conf, as that clobbers the ret from
krb5_ticket_get_authorization_data_type() not having found an
AD-KDC-ISSUED element.

This was introduced in 1cede09a0b.
 2023-01-05 17:57:36 -06:00
Nicolas Williams
b87b813fee sanon: Fix export/import_cred mismatch 
SANON cred export/import never worked correctly as the export function was
producing the wrong form of token, which was leading gss_import_cred() to
allocate more than 64MB of memory to parse the SANON exported credential.  The
recent change to reduce the default `max_alloc` of krb5_storage exposed this.
 2023-01-05 16:58:57 -06:00
Nicolas Williams
561c60ca29 kdc: Explicitly ignore return in audit code 2023-01-04 16:25:22 -06:00
Nicolas Williams
a13c3fc32c httpkadmind: If early ENOMEM, close the connection 2023-01-04 16:24:55 -06:00
Nicolas Williams
e27ddc6596 bx509d: If early ENOMEM, close the connection 2023-01-04 16:24:32 -06:00
Nicolas Williams
23c13886c4 bx509: Fix error path NULL dereference 2023-01-04 16:23:56 -06:00
Nicolas Williams
cc631eb63f gssmask: Fix wrong sizeof() expression 2023-01-04 16:23:07 -06:00
Nicolas Williams
d2bc2a4ce5 kadmin: Fix return value non-checking in format_field() 2023-01-04 16:22:41 -06:00
Nicolas Williams
ad86671923 kadm5: Fix return value non-checking 2023-01-04 16:22:12 -06:00
Nicolas Williams
5725353a36 negoex: Fix incorrect ENOMEM check in storage_from_memory() 2023-01-04 16:21:34 -06:00
Nicolas Williams
3bdb1167c2 gsskrb5: Explicitly ignore return from _gsskrb5_lifetime_left() 2023-01-04 16:21:11 -06:00
Nicolas Williams
f99145ad78 gsskrb5: Add missing unlock in _gsskrb5_duplicate_cred() failure case 2023-01-04 16:20:32 -06:00
Nicolas Williams
485b5d575a hxtool: Check hx509_request_init() return 2023-01-04 16:17:57 -06:00
Nicolas Williams
fefc380568 krb5: Quiet warning in socket_free() 2023-01-04 16:17:30 -06:00
Nicolas Williams
45cd575d83 krb5: Reduce storage max_alloc 2023-01-04 16:17:09 -06:00
Nicolas Williams
ae4ccb87da asn1: Don't check for NULL when it's not (template_members()) 2023-01-04 16:07:13 -06:00
Nicolas Williams
933f805079 wind: Quiet warnings in idn-lookup utility 2023-01-04 16:06:06 -06:00
Nicolas Williams
ede0c59d4b ipc: Quiet warning about ignoring fcntl() and chmod() return values 2023-01-04 16:05:38 -06:00
Nicolas Williams
c157054c51 roken: Move dead code in rk_time_add/sub() into #ifdefs 2023-01-04 16:05:04 -06:00
Nicolas Williams
5395918877 roken: Quiet warning about ignoring fcntl() return value 2023-01-04 16:04:40 -06:00
Nicolas Williams
1d5435043a roken: Move dead code in rk_getauxval() into #ifdefs 2023-01-04 16:03:35 -06:00
Nicolas Williams
2d5880734b httpkadmind: Quiet warning 2023-01-04 02:23:01 -06:00
Nicolas Williams
cb09267ed9 kdc: Fix deref-before-NULL-check in _kdc_db_fetch() 2023-01-04 02:07:25 -06:00
Nicolas Williams
6b2e65592d krb5: Limit AP-REQs to 1MB in krb5_recvauth*() 2023-01-04 02:03:12 -06:00
Nicolas Williams
1d06e8fcb9 hcrypto: Quell div-by-zero in mp_root_u32() 2023-01-04 02:02:44 -06:00
Nicolas Williams
ffd4013be7 kadmin: Fix uninit variable in add_kvno_diff() 2023-01-04 01:48:34 -06:00
Luke Howard
2a594a3bd1 base: Fix CID 1518898 Resource leak 
Don't leak new_node if invalid node type in heim_path_vcreate()
 2023-01-04 01:36:03 -06:00
Nicolas Williams
f2b25c1493 otp: Fix write-but-not-read variable warning 2023-01-04 01:36:03 -06:00
Nicolas Williams
0bedcc5c62 appl: Fix warnings in test utils 2023-01-04 01:36:03 -06:00
Nicolas Williams
a791f45e62 iprop: Fix leak in ipropd-master 2023-01-04 01:36:03 -06:00
Nicolas Williams
8c23a706f3 admin: Fix double-free in keytab JSON listing 2023-01-04 01:36:03 -06:00
Nicolas Williams
dfe592ef35 kadmin: Fix uninit variable in cpw --key 2023-01-04 01:36:03 -06:00
Nicolas Williams
95a458adbd kadmin: Add missing error check in ank 2023-01-04 01:36:03 -06:00
Nicolas Williams
31ee9c0ce5 kadmind: Quiet tainted data warning 2023-01-04 01:36:03 -06:00
Nicolas Williams
cfb2c74923 kadmind: Add fuzzing options 2023-01-04 01:36:03 -06:00
Nicolas Williams
1baec53f8d kpasswdd: Fix out-of-bounds read (#1058) 2023-01-04 01:36:02 -06:00
Nicolas Williams
914cd2f31c ktutil: Fix leak 2023-01-04 01:36:02 -06:00
Nicolas Williams
82475cbf8e httpkadmind: Fix ENOMEM leak 2023-01-04 01:36:02 -06:00
Nicolas Williams
cd4e693865 httpkadmind: Quiet set-but-not-use variable warning 2023-01-04 01:36:02 -06:00
Nicolas Williams
1a0e535871 hpropd: Fix use-after-free? (WIP) 2023-01-04 01:36:02 -06:00
Nicolas Williams
12160382a0 bx509d: Fix leaks 2023-01-04 01:36:02 -06:00
Nicolas Williams
c6074377bc bx509d: Fix free() of text string 
Also fix a leak, and quiet some warnings.
 2023-01-04 01:36:02 -06:00
Nicolas Williams
e3bcc21dcb test_token_validator: Quiet set-but-not-use variable warning 2023-01-04 01:36:02 -06:00
Nicolas Williams
90856e35cc test_csr_authorizer: Fix use-after-free 2023-01-04 01:36:02 -06:00
Nicolas Williams
6cf01fea19 kdc: Quiet warnings re: debug logging 2023-01-04 01:36:02 -06:00
Nicolas Williams
d33e26de1a kdc: Quiet set-but-not-use variable warning in HDB dump code 2023-01-04 01:36:02 -06:00