As we move more and more state into astgs_request_t we need to be
careful not to leave locals and function arguments aliasing objects from
the astgs_request_t.
We weren't checking for errors, and we weren't using the convience
SEQUENCE OF add_METHOD_DATA() and add_ETYPE_INFO() functions generated
by the ASN.1 compiler. Using those utilities made get_pa_etype_info()
and make_etype_info_entry() sufficiently simpler that merging the two
makes for simpler, more readable code.
Build the entry to write to the log file in memory, the write it with
O_APPEND. This should make writes to the request log file safer in
multi-process KDC configurations.
Also, check results of krb5_store_*() functions (coverity alerted to
this).
We will use the kdc_ rather than krb5_kdc_ prefix for new public APIs exported
from libkdc. Amend the recently introduced
request_{get,set,copy,delete}_attribute APIs to conform.
Let the KRB5_SENDTO_DONE and KRB5_SENDTO_FAILED action states be
handled by the provided switch blocks. This ensures that the
'ret' value is set appropriately before exiting the loop.
Change-Id: I56f4cea83efd86203a9a7a36cf48c80f632cf779
If use_strongest_session_key and no keys are found the return
code will be set to KRB5KDC_ERR_ETYPE_NOSUPP. However, before
exiting if the principal is a weak exception then the return
code will be set to success and a NULL key pointer will be
dereferenced. Skip the weak exception check if the return
code is non-zero.
Change-Id: I36d0e1b179b3392171ad6767c75111d59c3f2f7d
warning: 'mp_read_unsigned_bin' is deprecated
(declared at ./libtommath/tommath.h:732): replaced by mp_from_ubin
[-Wdeprecated-declarations]
warning: 'mp_unsigned_bin_size' is deprecated
(declared at ./libtommath/tommath.h:731): replaced by mp_ubin_size
[-Wdeprecated-declarations]
warning: 'mp_to_unsigned_bin' is deprecated
(declared at ./libtommath/tommath.h:733): replaced by mp_to_ubin
[-Wdeprecated-declarations]
warning: 'mp_unsigned_bin_size' is deprecated
(declared at ./libtommath/tommath.h:731): replaced by mp_ubin_size
[-Wdeprecated-declarations]
warning: ignoring return value of 'mp_init_multi',
declared with attribute warn_unused_result [-Wunused-result]
warning: ignoring return value of 'mp_to_unsigned_bin',
declared with attribute warn_unused_result [-Wunused-result]
warning: ignoring return value of 'mp_read_unsigned_bin',
declared with attribute warn_unused_result [-Wunused-result]
Change-Id: I510fd7a57c9cd52b59086a85d13aa6204ebb9fd9
