a9f21ebdac
roken: Const-qualify sys_errlist
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-28 21:37:56 -05:00
744678eb03
krb5: Use NULL pointer constant
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-28 21:37:56 -05:00
e8b42d9d42
hx509: Fix incorrect documentation comment
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-28 21:37:56 -05:00
bbe9c83b19
hx509: Remove unused variable
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-28 21:37:56 -05:00
59f89e4b15
hx509: Avoid misleading error message
...
If ‘keyid’ is an empty string, then the numeric error code that gets
appended to this error message may be mistaken for the key ID. Address
this by not mentioning any ID in such cases.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-28 21:37:56 -05:00
df6c33ff1e
hx509: Use NULL pointer constant
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-28 21:37:56 -05:00
e9bc20f5da
hcrypto: Fix errors produced by compiling with FORTIFY_SOURCE=2
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-28 21:37:56 -05:00
1f88e8c919
wind: Fix code spelling
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-28 21:34:35 -05:00
a4b4e982f3
krb5: Fix code spelling
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-28 21:34:35 -05:00
7369cbd11c
krb5: Fix spelling of error messages
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-28 21:34:35 -05:00
05602c2286
hx509: Fix code spelling
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-28 21:34:35 -05:00
ef083a0e2c
hx509: Fix code spelling
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-28 21:34:35 -05:00
61bf5009a0
hx509: Fix spelling of error messages
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-28 21:34:35 -05:00
d9d3dd448d
hdb: Fix code spelling
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-28 21:34:35 -05:00
7cb320b46a
hdb: Fix error messages
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-28 21:34:35 -05:00
551f0c32fa
base: Fix code spelling
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-28 21:34:35 -05:00
a3878d3e9d
wind: Deny invalid UTF-8 encodings
...
Codepoints above U+10FFFF and overlong encodings are considered invalid.
Unpaired surrogates are not, as these are known to be generated on
occasion — by Windows, for example.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-08 14:58:21 -06:00
bf25b38c0a
wind: Support UTF-8–encoding non-BMP codepoints
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-08 14:58:21 -06:00
ba63461cd4
wind: Support UTF-16–encoding non-BMP codepoints
...
View with ‘git show -b’.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-08 14:58:21 -06:00
821fac3648
wind: Use portable integer types
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-08 14:58:21 -06:00
db70a76074
wind: Do not perform arithmetic on a NULL pointer
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-08 14:58:21 -06:00
ed798da1f2
wind: Fix documentation comment
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-08 14:58:21 -06:00
2ad736a579
hx509: Fix EACCES / ENOMEM confusion
2023-11-08 14:22:02 -06:00
be0d1e68e5
hx509: Add support for CSRs w/ BasicConstraints
2023-11-08 14:22:02 -06:00
487ba95669
wind: Don’t use invalid escape sequences
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-02 20:19:54 -05:00
a18436d709
roken: Remove excess zeros in literals
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-02 20:19:54 -05:00
30e3921ad1
krb5: Fix error condition
...
‘ret’ can only ever be equal to zero.
Found by Coverity (Samba CID 1518754).
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-02 20:19:54 -05:00
b1f7a63e41
krb5: Fix error code mapping
...
Found by Coverity (Samba CID 1518726).
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-02 20:19:54 -05:00
b0f196880c
krb5: Check result of calling decode_Ticket()
...
Found by Coverity (Samba CID 241005).
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-02 20:19:54 -05:00
0334d9e55a
krb5: Check function return values
...
Found by Coverity (Samba CID 240644).
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-02 20:19:54 -05:00
e53d594d05
krb5: Check return value of RAND_bytes()
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-02 20:19:54 -05:00
62e63b2da6
krb5: Fix unused variable
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-02 20:19:54 -05:00
a840986dc0
hx509: Check return value of RAND_bytes()
...
Found by Coverity (Samba CID 1544600).
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-02 20:19:54 -05:00
d1b9d2c2f9
hx509: Add missing format specifier
...
Found by Coverity (Samba CID 1544604).
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-02 20:19:54 -05:00
7ee2ddd71a
hx509: Use correct format specifier
...
Found by Coverity (Samba CID 1544606).
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-02 20:19:54 -05:00
13f96a2c89
hx509: Don’t pass excess arguments to variadic functions
...
Found by Coverity (Samba CID 1544609).
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-02 20:19:54 -05:00
d71035e2d1
hdb: Initialize ‘tm’ structure
...
‘tm’ must be initialized prior to calling strptime().
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-02 20:19:54 -05:00
806bf5f571
hdb: Initialize ‘tm’ structure
...
‘tm’ must be initialized prior to calling strptime().
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-02 20:19:54 -05:00
f7bcd8665c
hdb: Remove redundant assignment
...
Found by Coverity (Samba CID 1544603).
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-02 20:19:54 -05:00
c3e3d02b01
hcrypto: Don’t cast away const
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-11-02 20:19:54 -05:00
c922303dd0
asn1: Do not emit the same ASN.1 C comments repeatedly
2023-09-21 23:08:34 -04:00
cfd2ccb546
asn1: Do not emit extra typedefs that cause warnings
2023-09-21 23:08:34 -04:00
2a38fa17b5
kdc: Add global disable_pac config param
2023-06-23 13:44:13 -05:00
f126ea6d62
kadm5: Add KRB5_KDB_AUTH_DATA_REQUIRED attribute
2023-06-23 13:44:13 -05:00
3c4548025c
hdb: Add auth-data-reqd flag
2023-06-23 13:44:13 -05:00
8ac4266021
Makefile.am: Set AM_YFLAGS and AM_LFLAGS, not YFLAGS or LFLAGS.
...
YFLAGS and LFLAGS are reserved for the user to set, not for makefiles
to set:
https://www.gnu.org/software/automake/manual/html_node/Flag-Variables-Ordering.html
fix https://github.com/heimdal/heimdal/issues/1171
2023-06-21 20:06:58 -05:00
ca0e53b64f
Pass -d to yacc(1) so it generates the header file.
...
Bison must generate this unsolicited, but BSD yacc does not.
The makefiles for lib/com_err and lib/sl already did this; this
change just adds it to lib/asn1 and lib/hx509 too.
fix https://github.com/heimdal/heimdal/issues/1100
2023-06-21 16:07:16 -05:00
e3e271ff70
hdb/hdb-mitdb: Nix unused variable key_data in mdb_seq.
...
key_data is unused. Presumably this was copypasta from DB_seq in
hdb/db.c, where it is used for the Heimdal database format in which
the value may be missing a principal but it can be recovered from the
key. In contrast, the mit-krb5 format appears to always store the
principal in the value and _hdb_mdb_value2entry always retrieves it,
with no need for a key2principal fallback.
fix https://github.com/heimdal/heimdal/issues/1102
2023-06-20 23:18:08 -05:00
8640c7c168
krb5: Return appropriate error code
2023-06-20 18:02:15 -05:00
c1bd7772ed
third_party/heimdal: Fix deprecation messages
...
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz >
2023-06-20 18:02:15 -05:00
Joseph Sutton