We build variants of kinit and test_acquire_cred that define their
own symbols rk_dns_lookup, gethostbyname, gethostbyname2, and
getaddrinfo to print a message and abort. For getaddrinfo, we abort
only if the caller failed to specify AI_NUMERICHOST; otherwise we use
dlsym(RTLD_NEXT, "getaddrinfo") instead.
The new test tests/gss/check-nodns is like tests/gss/check-basic, but
uses kinit_auditdns and test_acquire_cred_auditdns to verify that no
DNS resolution happens.
This test should work and be effective on ELF platforms where the
getaddrinfo function is implemented by the symbol `getaddrinfo'. On
non-ELF platforms it may not be effective -- and on platforms where
the getaddrinfo function is implemented by another symbol (like
`__getaddrinfo50') it may not work, but we can cross that bridge when
we come to it.
Verified manually that the test fails, with the expected error
message and abort, without `block_dns = yes' in krb5-nodns.conf. No
automatic test of the mechanism for now because it might not work on
some platforms.
XXX check-nodns.in is copypasta of check-basic.in, should factor out
the common parts so they don't get out of sync.
Previously, the hostname was initialized to `localhost'. If it was
not cleared by init_syslog, init_logger_addr (via openlog) would
query gethostbyname to find the IP address of `localhost', which will
essentially always be 127.0.0.1. But if it was cleared by
init_syslog, init_logger_addr would return 127.0.0.1 anyway.
This way, it always returns 127.0.0.1 in the event of no init_syslog
call, and avoids a DNS lookup. You can always force a DNS lookup by
passing `localhost' to init_syslog explicitly, of course.
I'm not sure if anything even uses this as a fallback in Heimdal, but
let's avoid leaving a rake to step on.
If block_dns is set, call getaddrinfo with AI_NUMERICHOST set and
AI_CANONNAME clear.
Some paths may not have set AI_CANONNAME, but it's easier to audit
this way when the getaddrinfo prelude is uniform across call sites,
and the compiler can optimize it away.
heimdal uses 8-byte (64-bits) atomic operations for a while now (ie in
lib/krb5/krcache.c). however some platforms (ie i386, i486, ARM < 7)
don't support them natively and need to be linked against libatomic in
order to implement functionallity from <stdatomic.h>.
if the header was found check 64-bit atomics work without any additional
libraries. if not try to add linking with libatomic. if that fails as
well fallback to -DHEIM_BASE_ATOMICS_FALLBACK
no change for platfroms without <stdatomic.h>
Fixes: #1186
Instead of freeing host->ai on return from submit_request in the
http_proxy path, stash the proxy's ai in another member host->freeai
which will be freed when host is freed.
Assumption: All hosts created in submit_request cease to be used
before any of them are freed, so it's safe to pick one host to hang
the proxy's ai on and free the ai when that host is freed.
fix https://github.com/heimdal/heimdal/issues/1205
In the future we should also make it so that `make check` for `tests/db`,
`tests/gss`, and `tests/kdc` first initializes all the realms and starts all
the daemons, then runs the actual checks possibly in parallel, then shuts down
the daemons. This will require quite a bit of work, so for now we just disable
parallel make in those directories.
If multiple valid CRLs are specified for a particular issuer, only the
first will be checked. The documentation didn’t really hint at this.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
If ‘keyid’ is an empty string, then the numeric error code that gets
appended to this error message may be mistaken for the key ID. Address
this by not mentioning any ID in such cases.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Codepoints above U+10FFFF and overlong encodings are considered invalid.
Unpaired surrogates are not, as these are known to be generated on
occasion — by Windows, for example.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Under C99, Sec 6.2.4, paragraph 2:
The value of a pointer becomes indeterminate when the object it
points to reaches the end of its lifetime.
`Indeterminate' (3.17.2) includes a trap representation, and any
reference to a trap representation is undefined behaviour. Thus,
after realloc(res, ...) succeeds, any reference to res (or p) is
undefined behaviour.
So, instead of using `p - res` after res has been freed, use the
existing name for the value we know it has now: len. (We could also
use alloced because p == end in this branch, and end = res + alloced,
and p = res + len. Of course, we would have to move it up a line to
before we update alloced to have a different value.)
fix https://github.com/heimdal/heimdal/issues/1164
