oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
27,911 Commits 4 Branches 2 Tags
c450abd01ac6d1bd7b4f460806dc3d3ee8cd1815
Commit Graph

186 Commits

Author SHA1 Message Date
Santosh Kumar Pradhan e5144acab0 heimdal: Use krb5_free_default_realm() for free() 
The resource allocated by krb5_default_default_realm() should be
free()'d by krb5_free_default_realm() instead of plain free()
for better readability.

Signed-off-by: Santosh Kumar Pradhan <spradhan@redhat.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2015-06-17 17:41:26 -05:00
Nicolas Williams e7b5efb103 coverity 1164091 2015-04-18 23:19:26 -05:00
Nicolas Williams febe23a399 Improve and export krb5_principal_set_comp_string 2015-04-13 16:59:20 -05:00
Nicolas Williams b48bed5f42 Daemons detach atomically to avoid having to wait 
Tests that start daemons have to "wait" for them to start.

This commit makes Heimdal daemons prep to detach (when requested) by
forking early, then having the child signal readiness to the parent when
the child really is ready.  The parent exits only which the child is
ready.  This means that tests will no longer need to wait for daemons.

However, tests will still need a pidfile or such so they can stop the
daemons.

Note that the --detach options should not be used on OS X from launchd,
only from tests.
 2015-03-24 11:49:59 -05:00
Nicolas Williams a7587b08e2 Support hostname:port svc princs 2015-03-24 11:49:59 -05:00
Nicolas Williams 5fffc4061f Don't use canon rules in principal name comparison 2015-03-24 11:49:59 -05:00
Nicolas Williams 487b6820f6 Revamp name canonicalization code 2015-03-24 11:49:58 -05:00
Viktor Dukhovni cfdf6d5cbe gsskrb5: Make krb5 mech use referrals 
Modify the gss krb5 mech to always use referrals unless the
KRB5_NCRO_NO_REFERRALS flag is set.

Change-Id: I7efd873ac922a43adafa2c492703b576847a885f
 2015-03-14 16:08:32 -04:00
Viktor Dukhovni d4fda7e4f0 LLVM unused variable warning 2015-03-04 19:52:58 -05:00
Jeffrey Altman c07aaee128 krb5_get_name_canon_rules: fix profile location 
[realms] <realm> { name_canon_rules = <strings> }

not

[libdefaults] <realm> { name_canon_rules = <strings> }

Change-Id: I770c2250333d2649f983f015de94f30740c9771d
 2014-02-14 22:32:15 -05:00
Jeffrey Altman c1f822f7af rename struct krb5_name_canon_* name collisions 
C++ does not permit struct names and typedef names to be the same.
Rename

  struct krb5_name_canon_rule to struct krb5_name_canon_rule_data

and

  struct krb5_name_canon_iterator to struct krb5_name_canon_iterator_data

Change-Id: I92766e0878bf0beef92de1649baf9e5cafbf86aa
 2013-10-06 16:42:05 -04:00
Viktor Dukhovni 2433496ea6 Simplify user_realm support by removing krb5_parse_name_flags_realm() 
and setting the realm as necessary in the caller.
 2013-05-16 23:15:00 -04:00
Viktor Dukhovni 4ce879c938 Fix: double free 2013-05-16 00:34:24 -04:00
Viktor Dukhovni 4fcad71a3a Two new flags for krb5_parse_name_flags_realm(): 
- KRB5_PRINCIPAL_PARSE_IGNORE_REALM: MIT compatible

    - KRB5_PRINCIPAL_PARSE_NO_DEF_REALM: Don't default the realm

The first ignores the realm if present.

The second does not impute the default realm if no realm is given and
leaves the realm NULL.  This will be used in kinit to determine whether
the user provided a realm or not, and if not we may use the user_realm,
or find the realm via the keytab.
 2013-05-16 00:32:08 -04:00
Viktor Dukhovni a2127d091d New krb5_parse_name_flags_realm supports explicit default realm. 
Set the realm argument to NULL to get the usual default realm.

The krb5_parse_name_flags() function is now a wrapper around
krb5_parse_name_flags_realm().
 2013-05-16 00:32:08 -04:00
Viktor Dukhovni 01fff2ca9c Allow krb5_principal_set_realm to set the realm to NULL. 2013-05-16 00:32:06 -04:00
Love Hornquist Astrand 55e5bfdfe0 add krb5_principal_is_root_krbtgt 2013-05-07 13:10:02 -07:00
Viktor Dukhovni bf40b8cc63 Comment wordsmithing 2013-05-02 01:31:01 -04:00
Love Hornquist Astrand dfaedb7847 plug a memory leak, don't use strcpy/strcat 2013-05-01 13:55:21 -07:00
Viktor Dukhovni 9ca0a2b62f More consistent error checks in build_principal() 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2013-04-24 16:26:23 -07:00
Viktor Dukhovni 5903031630 Don't SEGV on as-is rules without realm= 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2013-04-24 16:23:36 -07:00
Love Hornquist Astrand 58ff480763 rewrite send to kdc to be more agressive, try kdcs in paralell and easier to configure behavior 2013-02-10 19:02:52 -08:00
Love Hornquist Astrand c979a356f7 uninited memory free 2012-11-27 21:58:05 -08:00
Love Hornquist Astrand b0ed05395a tell coverity that principal returns an allocated pointer 2012-11-27 21:58:05 -08:00
Love Hornquist Astrand c12dc3fa9d tell coverity that ret_princ returns an allocated pointer 2012-11-27 21:58:05 -08:00
Love Hörnquist Åstrand 9c830f5237 indent 2011-10-31 22:10:09 -07:00
Love Hörnquist Åstrand 877df213eb make sure we don't use stack content, don't count on that unsigned value can be negative 2011-10-31 22:05:42 -07:00
Nicolas Williams c353962428 Oops, mismerge in principal.c 2011-10-31 00:29:36 -05:00
Nicolas Williams 7da9d7d75f Fix memory leak in name canon rule iterator 2011-10-31 00:15:07 -05:00
Nicolas Williams 1192120b86 Fix 64-bit warnings in name canon rules code 2011-10-29 16:48:56 -05:00
Love Hörnquist Åstrand a57988153e indent 2011-10-28 20:08:08 -07:00
Nicolas Williams 3a393427e9 krb5_principal_compare() can't return errors... 2011-10-27 22:57:02 -05:00
Nicolas Williams c433fefb23 Fix contributewd by Roland Dowdeswell for 64-bit bug in name canon patches 2011-10-27 17:34:57 -05:00
Nicolas Williams 5c54736678 Removed "weak" option and implemented use-referrals/no-referrals 2011-10-22 14:54:26 -05:00
Nicolas Williams f4471b11d6 Call krb5_set_error_message() and don't clobber ret in debug code 2011-10-22 14:54:25 -05:00
Nicolas Williams 248e1eb772 Cleanups: s/\<assert\>/heim_assert/ 2011-10-22 14:54:25 -05:00
Nicolas Williams 9f5a43084c Cleanups: s/ENOMEM/krb5_enomem(context)/ 2011-10-22 14:54:25 -05:00
Nicolas Williams 2f03603d6b Cleanups: s/krb5int_/_krb5_/ and moved priv stuff from krb5.h 2011-10-22 14:54:25 -05:00
Nicolas Williams 001fc24102 Removed vestiges of no-reverse-lookup/reverse-lookup option that was never implemented 2011-10-22 14:54:24 -05:00
Nicolas Williams a5e77c578e Deferred hostname canon using name canon rules 2011-10-22 14:54:13 -05:00
Love Hornquist Astrand 0879b9831a remove trailing whitespace 2011-05-21 11:57:31 -07:00
Love Hornquist Astrand f5f9014c90 Warning fixes from Christos Zoulas 
- shadowed variables
- signed/unsigned confusion
- const lossage
- incomplete structure initializations
- unused code
 2011-04-29 20:25:05 -07:00
Asanka C. Herath 0f853405fe Add missing export and calling convention annotations 2010-11-24 15:32:49 -05:00
Love Hornquist Astrand fae3d127a2 remove krb4 support 2010-11-20 14:38:21 -08:00
Love Hornquist Astrand 71150bb1bc add krb5_principal_is_krbtgt 2010-03-07 01:00:48 -08:00
Love Hornquist Astrand 687db64c56 Patch from Secure Endpoints/Asanka Herath for windows support 2009-12-21 08:45:28 +01:00
Love Hornquist Astrand d7e7640d46 fix argumentin doxygen 2009-10-05 20:29:37 -07:00
Love Hornquist Astrand 0d10dfb529 doxygen 2009-10-04 11:33:45 -07:00
Love Hornquist Astrand 80816d275e more doxygen 2009-08-29 12:13:41 -07:00
Stefan Metzmacher 5b8a319a7e lib/krb5: fix the build without KRB4 
metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2009-08-04 20:19:44 +02:00