Instead of allocating a separate mutex object on the heap,
include the HEIMDAL_MUTEX in the krb5_context structure.
Change-Id: If6db484177410487176985e43e3b43e0f2166518
Instead of hard coding 10 hours as the default ticket lifetime within
lib/krb5/init_cred_pw.c init_cred(), add a preprocessor macro,
KRB5_TKT_LIFETIME_DEFAULT, that can be overridden at build time.
The value of KRB5_TKT_LIFETIME_DEFAULT is 10 hours if not previously
defined.
Change-Id: I63e729fedee8e8c6f542e4a4665de5f40db34c03
Windows treats '\\' and '/' equivalently but we cannot control
the form that will be used by end users. Introduce ISPATHSEP()
macro which tests only for '/' on UNIX and both on Windows.
Introduce ISTILDE() macro to test for '~'. When testing for
'/' with strchr() or strrchr() add conditional checks for '\\' on
Windows.
Change-Id: Ia85e698fc88f15a6a71db649db5417f02ef7e5fe
Currently the Heimdal code calls connect(2) on TCP connexions to
the KDC without setting O_NONBLOCK. This code implements a
timed_connect() function which will in the case of SOCK_STREAM
sockets put the socket into non-blocking mode prior to calling
connect and use select(2) to apply the configured timeout to connect
completion. This does not entirely solve the problem of potential
timeouts in the code as it is still possible to block while writing
to the socket. A proper implementation would also likely start
new connexions after a short interval before timing out existing
connexions and return the results from the first KDC which successfully
responds but we did not do that yet.
This patch is from heimdal-1-5-branch patches:
5b55e4429caed27b32aac4bc5930f2672a43f273
6b66321b271ee4672e70ad349ec796dd755cf897
2e12c7f3e8dca7e1696ebd92199617ce413565e7
Squashed together along with a quick shadowed variable warning fix
to allow it to compile with --enable-developer.
A colon can't be used to separate paths on Windows since they are used
in drive sepecification. Define a macro that can be used as a path
separator string. On Windows, this is defined as ";". It is a ":"
everywhere else.
lib/krb5/crypto.c was a large, monolithic block of code which made
it very difficult to selectively enable and disable particular
alogrithms.
Reorganise crypto.c into individual files for each encryption and
salt time, and place the structures which tie everything together
into their own file (crypto-algs.c)
Add a non-installed library (librfc3961) and test program
(test_rfc3961) which builds a minimal rfc3961 crypto library, and
checks that it is usable.
Don't make a copy of the krb5_cc_ops into krb5_context and hand that
out to callers of the api, this way its possible to free a krb5_context
w/o invalidating all krb5_ccaches that was allocated using that krb5_context
(also, it saves memory)
