oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
30,594 Commits 2 Branches 2 Tags
b0b4510f9f49ab3b2bd0ce724a400f3dd03bd97c
Commit Graph

18096 Commits

Author SHA1 Message Date
Nicolas Williams
995c8279b1 One more missing file 2016-12-15 12:21:17 -06:00
Nicolas Williams
3e65dfbc32 Fix make dist missing files (#228) 2016-12-15 12:15:56 -06:00
Viktor Dukhovni
3657f23a9e Fix more doxygen bitrot 2016-12-15 04:28:21 -05:00
Nicolas Williams
2ebec2e4ec Fix some Doxygen warnings 2016-12-14 22:05:46 -06:00
Viktor Dukhovni
a1c505309c More extensive SRV order tests 
Based largely on initial version by Nico.
 2016-12-12 19:42:11 -05:00
Viktor Dukhovni
32f8564296 Fix incorrect scaling of weight 0 SRV records 
Loosely based on patch by Nico.
 2016-12-12 17:51:13 -05:00
Nicolas Williams
a7f8732d79 Fix #182, add -lpthread to libheimbase as needed 
We should really check whether pthread_once() is in libc so that then we
don't have to add an unnecessary dependency on -lpthread.

Also, we have a proper once implementation that we could use when we
don't have pthread_once(), so we should fallback on that if we detect
that we have neither pthread_once() in libc and --disable-pthread is
given.
 2016-12-08 18:44:41 -06:00
Nicolas Williams
87b234e154 roken_detach_prep() close pipe 2016-12-06 22:44:23 -06:00
Nicolas Williams
d609264a00 Only rm pidfile if PID matches 2016-12-06 22:44:23 -06:00
Nicolas Williams
a6e8ff2ae5 pidfile(): write newline too 2016-12-06 22:44:23 -06:00
Nicolas Williams
12eb54d03f rk_pidfile() should call pidfile() if HAVE_PIDFILE 
This is necessary so we can use --detach in tests even on NetBSD and
OpenBSD.
 2016-12-06 22:44:23 -06:00
Nicolas Williams
bbaae5f43c Fix 32-bit time_t regression (#220) 2016-12-06 22:44:23 -06:00
Nicolas Williams
6e5bbbf65d Fix FAST client memleak 2016-12-06 22:44:23 -06:00
Viktor Dukhovni
f0a772e3e6 More robust kadm5 server handle init and cleanup 2016-12-03 01:36:53 -05:00
Nicolas Williams
de4bd036e1 lib/kadm5 parallel build fix went too far 2016-11-28 21:56:16 -06:00
Nicolas Williams
923105d130 Fix lib/kadm5 parallel build 2016-11-28 21:48:45 -06:00
Nicolas Williams
e5126ab924 Fix warnings 2016-11-28 17:34:44 -06:00
Nicolas Williams
3ba12317a0 Misc fixes (coverity) 2016-11-28 15:09:55 -06:00
Nicolas Williams
f38089257b Misc fixes (coverity) 2016-11-20 17:43:51 -06:00
Nicolas Williams
6696920d9e Fix leak in krb5_rd_rep() callers 2016-11-20 17:43:51 -06:00
Nicolas Williams
943e76f99b Fix leak in hx509_general_name_unparse() 2016-11-20 17:43:51 -06:00
Jeffrey Altman
d9f7718a42 gss/krb5: gsskrb5_acceptor_start authenticator leak (take two) 
Change-Id: I11be62ab806ea89258fe60e29e6d6488908070fa
 2016-11-19 23:59:30 -05:00
Jeffrey Altman
2be6646adc gss/krb5: gsskrb5_acceptor_start authenticator leak 
Change-Id: I78c546590776ae4c30a49bfb919285b0eb15a06b
 2016-11-19 10:18:12 -05:00
Jeffrey Altman
989a7c3379 kadm5: kadm5_add_passwd_quality_verifier memory leak 
if krb5_get_config_strings() returns the empty string do not return
immediately.  Instead the for() loop will be skipped because the empty
string represents the end of the string list permitting
krb5_config_free_strings() to free the allocated memory.

Change-Id: Ia6fdb13f716c07b53c8b3857af4f7ab8be578882
 2016-11-19 08:23:06 -05:00
Jeffrey Altman
a33b6d6b78 hdb: more read_master_key leaks 
Change-Id: Icf0bb8dc3cdcd2babb91b4180cec37737772373d
 2016-11-19 08:18:39 -05:00
Jeffrey Altman
055edd9669 kadm5: kadm5_add_passwd_quality_verifier leaks 'strs' 
Change-Id: Ibcc3f512016a4a095eacbd710c395aaf93c4b7f7
 2016-11-19 07:28:42 -05:00
Jeffrey Altman
6f917463ff hdb: read_master_key use free_master_key on error 
If an error occurs during read_masker_key() processing, use
free_master_key() to perform cleanup.

Change-Id: Idc0ad0131ea4855207232e9773772106cb4f5945
 2016-11-19 07:25:40 -05:00
Jeffrey Altman
2f62c7c77e roken: rk_undumpdata free allocation on error 
Do not return allocated memory and an error code.
Free it instead so as to avoid memory leaks.

Change-Id: I47d42be0f6bc52062c57c00c37b665ee2f2811ce
 2016-11-19 02:08:58 -05:00
Jeffrey Altman
0dc3d21724 hdb: read_master_key add parens around (*mkey) 
Add parens around the use of (*mkey)->next.

Change-Id: I3b60c2432d1c5dee8483795bed52ff24c7aa6a70
 2016-11-19 01:26:08 -05:00
Jeffrey Altman
9e72c475ae hdb: need prototypes for hdb_ldap[i]_create 
Commit 4b6bd40106 made hdb_ldap_create and
hdb_ldapi_create static in the OPENLDAP_MODULE case.  However, by
failing to leave a blank line between the static and the function
declaration the perl program that produces the hdb-protos.h file
skips the functions.

Add appropriate spacing.

Change-Id: I9ad24176fc31a0bce92b51f7adab141e8fa70fa3
 2016-11-19 01:23:08 -05:00
Jeffrey Altman
e772511b78 hdb: read_master_keytab free memory on failure 
read_master_keytab() should always return with *mkey == NULL on
failure.  Doing otherwise can result in memory leaks or use of
an uninitialized pointer.

Change-Id: Ice1fd504ca573d73bb51dd3b01770c3f8bc59fd4
 2016-11-19 00:16:59 -05:00
Nicolas Williams
52a562a3a4 Misc fixes (coverity) 2016-11-18 22:21:45 -06:00
Nicolas Williams
4b6bd40106 Quiet warning in --enable-hdb-openldap-module case 
Functions that are not exported in this case should be static in this
case.
 2016-11-18 22:21:45 -06:00
Jeffrey Altman
69fbbfdfcb krb5: fix verify_conf syslog facility check 
search for facility not severity

Change-Id: I79e9104d1fd27e8d11f7f9c6006676d947086ac5
 2016-11-18 21:24:26 -05:00
Jeffrey Altman
5cf454ca54 krb5: _krb5_expand_path_tokens missing va_end() 
when returning early due to memory allocation error must call va_end()

Change-Id: Icc42771c166453f67679334cea19ed9be692bd87
 2016-11-18 21:12:36 -05:00
Jeffrey Altman
97a40d8838 hdb: hdb_add_aliases frees uninitialized memory 
This bug was never shipped in a release.  It was introduced by commit
1c81ddf4e2.

Change-Id: Ia9f6d69b2858a75cc51e50034fe70e29f13b8fc1
 2016-11-18 20:58:39 -05:00
Jeffrey Altman
d07fe95b61 krb5: krb5_data_free() do not test before free() 
Change-Id: I739eb0b227eb7885bb83b6e68eaf39db81b1ceb5
 2016-11-18 20:43:19 -05:00
Nicolas Williams
7fa85e6d6d Round #3 of scan-build warnings cleanup 2016-11-16 23:27:27 -06:00
Nicolas Williams
1c81ddf4e2 Round #2 of scan-build warnings cleanup 2016-11-16 17:03:14 -06:00
Nicolas Williams
953dc07391 Round #1 of scan-build warnings cleanup 2016-11-15 21:27:20 -06:00
Nicolas Williams
995966f9d1 Fix hdb_create() HDB dbname parsing 2016-11-15 15:35:19 -06:00
Nicolas Williams
475c222472 Fix lib/hdb/test_hdbplugin 2016-11-15 13:54:45 -06:00
Nicolas Williams
09f0a25fda kdc --builtin-hdb should list loadable backends 
This fixes the following problems from #210:

 - hdb_ldap doesn't load even when installed correctly
 - loadable hdb backends not listed by kdc --builtin-hdb

Not fixed:

 - hdb_ldap.so not installed in plugin dir
 2016-11-15 11:34:54 -06:00
Viktor Dukhovni
c69a205b4c Properly integrate upstream vis/unvis 
Adding appropriate changes to configure.ac and config.h
 2016-11-15 02:17:58 -05:00
Viktor Dukhovni
f5b9ec280e Import (unmodified) updated upstream vis/unvis 
Will not compile, full integration in next commit.
 2016-11-15 02:17:03 -05:00
Jeffrey Altman
f561b55d38 krb5: windows tests require HEIMBASE 
When building the lib/krb5 tests link against HEIMBASE in order to
make use of heim_abort() and friends.

Change-Id: Ifaf54177bbb14cddf0f3544add370cda158783d1
 2016-11-15 00:33:55 -05:00
Jeffrey Altman
961f543a27 Set princ type to NT-SMTP-NAME when parsing 
In krb5_parse_name_flags(), if the principal name is not an enterprise
name, is one component in length and contains an '@', set the principal
type to NT-SMTP-NAME as specified by RFC 4120.
 2016-11-14 21:29:47 -06:00
Jeffrey Altman
6a1db3fb1c princ type NT-UNKNOWN + "host" == NT-SRV-HST 
Treat principals of type NT-UNKNOWN as NT-SRV-HST if the first component
of the principal name is "host".

Change-Id: I28fb619379daac827436040e701d4ab7b279852b
 2016-11-14 21:29:47 -06:00
Jeffrey Altman
5aef50c800 gss-krb5: do_delegate remove dead comment 
The check on principal type has been commented out since do_delegate()
was committed.  Remove it.

Change-Id: Id98f35471e346cb3d0e9666b7cdb6f564191e6c1
 2016-11-14 21:29:47 -06:00
Jeffrey Altman
09bdb3ab3e Set the right name type for anon princ (client) 
In fast_wrap_req() set the correct type in KDC_REQ client principal
name.

Also fix ENOMEM handling.
 2016-11-14 21:29:47 -06:00