If the file is not a regular file, the 'fname' buffer will be freed
before it is passed to the krb5_set_error_message() routine. That
this is true is not obvious from code inspection but 'newfname'
and 'fname' refer to the same memory.
Change-Id: I7780eae9ceaf01b245df488a2f7d7f406770864f
Must export hdb_generate_key_set_password_with_ks_tuple() on Windows
which was introduced in 4303174a49.
Change-Id: Iea2993a17aba44c7cb0360716138c26239254e05
The change to the signature of hdb_generate_key_set_password() in
Heimdal 7.1 broke API/ABI compatibility with previous releases. We
fix this by renaming it hdb_generate_key_set_password_with_ks_tuple()
and creating a new hdb_generate_key_set_password() which calls our
new function with zeroes for the added arguments.
Issue #246https://github.com/heimdal/heimdal/issues/246
Each KDC is a kx509 server. The service principal must be of the
form
kca_service/<localhost.domain>@<DEFAULT_REALM>
where localhost.domain is the hostname returned by gethostname()
and <DEFAULT_REALM> is one of the realms for which the KDC has a service
principal "kca_service/<localhost.domain>".
The matching code was broken by a5e77c578e
when krb5_sname_to_principal() began to always return a referral
principal.
Since the second component is a host name update the default principal
type for service "kca_service" to be KRB5_NT_SRV_HST.
Change-Id: I6bd5f90b674ebb7220d8efafa6d339fdc21e1a07
Commit 7dc4481ed2 which changed from
pidfile -> rk_pidfile was incomplete. Must handle the NO_PIDFILE case.
Change-Id: Ifc0b135e1fa7abdf4e370ad4b8fe2eb1305760f5
If some external library lives in a directory in which Heimdal is
already installed, we may pick up LD_LIBRARY_PATH Heimdal objects
from a different release. Move the external deps to the end, to
ensure a more appropriate LD_LIBRARY_PATH.
We should really check whether pthread_once() is in libc so that then we
don't have to add an unnecessary dependency on -lpthread.
Also, we have a proper once implementation that we could use when we
don't have pthread_once(), so we should fallback on that if we detect
that we have neither pthread_once() in libc and --disable-pthread is
given.
