Commit Graph

1044 Commits

Author SHA1 Message Date
Roland C. Dowdeswell
cc47c8fa7b Turn on -Wextra -Wno-sign-compare -Wno-unused-paramter and fix issues.
We turn on a few extra warnings and fix the fallout that occurs
when building with --enable-developer.  Note that we get different
warnings on different machines and so this will be a work in
progress.  So far, we have built on NetBSD/amd64 5.99.64 (which
uses gcc 4.5.3) and Ubuntu 10.04.3 LTS (which uses gcc 4.4.3).

Notably, we fixed

	1.  a lot of missing structure initialisers,

	2.  unchecked return values for functions that glibc
	    marks as __attribute__((warn-unused-result)),

	3.  made minor modifications to slc and asn1_compile
	    which can generate code which generates warnings,
	    and

	4.  a few stragglers here and there.

We turned off the extended warnings for many programs in appl/ as
they are nearing the end of their useful lifetime, e.g.  rsh, rcp,
popper, ftp and telnet.

Interestingly, glibc's strncmp() macro needed to be worked around
whereas the function calls did not.

We have not yet tried this on 32 bit platforms, so there will be
a few more warnings when we do.
2012-02-20 19:45:41 +00:00
Andrew Bartlett
5ce504c1fb use ETYPE_DES3_CBC_SHA1 for the verify step in verify_mic_des3
This allows a strict link between checksum types and key types to be
enforced.

Andrew Bartlett

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2012-01-10 22:54:16 +01:00
Nicolas Williams
40a7d4b62f More fixes for -Werror (GCC 4.6 catches more stuff) 2011-11-02 23:20:55 -05:00
Luke Howard
07777511d1 implement gss_localname 2011-10-08 12:15:09 +11:00
Love Hörnquist Åstrand
f1c1e1bc6e remove used variables 2011-07-24 20:05:05 -07:00
Love Hörnquist Åstrand
8060a561db switch to KRB5_ENCTYPE 2011-07-24 16:02:22 -07:00
Love Hörnquist Åstrand
f60ec15834 partly unify enctype/keytype since there is only enctypes 2011-07-24 14:03:08 -07:00
ghudson@MIT.EDU
3c725a465e Initialize zero before using it in unwrap_des().
Heimdal since fc702a97f5 (August 2009)
can't process DES wrap tokens unless the stack garbage in the zero
array happens to be all zeros.

Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
2011-06-13 21:18:07 -07:00
Love Hornquist Astrand
0879b9831a remove trailing whitespace 2011-05-21 11:57:31 -07:00
Love Hornquist Astrand
4c063f2955 quite const warning 2011-05-18 22:00:20 -07:00
Jeffrey Altman
aaa4400942 Apply missing function modifiers
GSSAPI_CALLCONV, GSSAPI_LIB_FUNC, GSSAPI_LIB_CALL as appropriate

Change-Id: I5198cfc7dd665bdc064aa0e613dac7db7465e2b9
2011-05-17 14:02:49 -04:00
Jeffrey Altman
87aad6a13a Add NO_LOCALNAME
The pname to uid functionality at present assumes there is
an implementation of getpwnam() and that the local user
identifier is an integer.  On Windows, the local user identifier
is a SId.  Add NO_LOCALNAME as a build option so that Windows
(for now) can build without providing a getpwnam() implementation.

Change-Id: I04cfd6d2cd52e6228733f1da1dab420b453e6566
2011-05-17 13:56:37 -04:00
Jeffrey Altman
217ada7a06 use const consistently for acquire_cred
Change-Id: I000d954267efa16439e19b0604c660f3c5be791c
2011-05-17 13:51:12 -04:00
Jeffrey Altman
771f29a451 remove extra initializers to krb5_mech
Change-Id: Iee4d7dfd668a6e6da251b93dfd6ca3a7f7bcb062
2011-05-17 13:44:04 -04:00
Jeffrey Altman
6c1ad560ea no C99 named struct initializers on Windows
commit f5f9014c90 added the
first use of C99 named struct initializers which are not
supported on Windows.  Remove their use in external.c and
in ks_dir.c.

Change-Id: Ibb6b2d5b3dbd4041cb638d2c7a9bd6f916fd45d7
2011-05-17 12:02:16 -04:00
Jeffrey Altman
6850d6a65f avoid uninit variable and unreachable code warnings
most of these warnings are not problems because of ample
use of abort() calls.  However, the large number of warnings
makes it difficult to identify real problems.  Initialize
the variables to shut up the compilers.

Change-Id: I8477c11b17c7b6a7d9074c721fdd2d7303b186a8
2011-05-17 12:02:16 -04:00
Luke Howard
6d9be164b7 add GSS_C_INQ_SSPI_SESSION_KEY for Kerberos 2011-05-16 16:50:01 +02:00
Luke Howard
33d1877c21 use gss_const_OID for gss_acquire_cred_ext 2011-05-14 17:16:49 +02:00
Luke Howard
dfba868910 Merge branch 'master' into lukeh/acquire-cred-ex-moonshot-integ
Conflicts:
	lib/gssapi/Makefile.am
	lib/gssapi/mech/gss_acquire_cred_with_password.c
	lib/gssapi/test_context.c
	lib/gssapi/version-script.map
2011-05-14 16:48:49 +02:00
Luke Howard
3069d80734 Merge branch 'master' into lukeh/acquire-cred-ex 2011-05-14 14:56:16 +02:00
Luke Howard
272a30405f remove trailing whitespace 2011-05-14 14:51:41 +02:00
Luke Howard
eec71dac7c Revert "disable _gsskrb5_pname_to_uid, there's no aname_to_localname"
This reverts commit ad69ac97b1.
2011-05-14 14:51:10 +02:00
Luke Howard
9f2cd17add Revert "remove krb5 authorize_localname impl, there's no krb5_kuserok"
This reverts commit 4b92552c1e.
2011-05-14 14:51:08 +02:00
Luke Howard
ad69ac97b1 disable _gsskrb5_pname_to_uid, there's no aname_to_localname 2011-05-13 00:47:37 +02:00
Luke Howard
4b92552c1e remove krb5 authorize_localname impl, there's no krb5_kuserok 2011-05-13 00:46:14 +02:00
Luke Howard
8687bab419 correct switched order of pname_to_uid/authorize_localname 2011-05-13 00:41:18 +02:00
Luke Howard
f1aa972bb8 fix trailing comma 2011-05-12 13:04:59 +02:00
Luke Howard
e128b0ca01 Merge branch 'master' into lukeh/moonshot
Conflicts:
	lib/gssapi/krb5/external.c
	lib/libedit/src/vi.c
2011-05-12 13:04:55 +02:00
Love Hornquist Astrand
59f4918ef0 set the CFXSentByAcceptor flag, patch from Jaideep Padhye 2011-04-29 20:34:42 -07:00
Love Hornquist Astrand
f5f9014c90 Warning fixes from Christos Zoulas
- shadowed variables
- signed/unsigned confusion
- const lossage
- incomplete structure initializations
- unused code
2011-04-29 20:25:05 -07:00
Luke Howard
02cf28e20b implement gss_acquire_cred_ex with password support
add missing SPIs to gss_mech_switch

s/acquire_cred_ex/acquire_cred_ext/g
2011-04-16 11:06:24 +02:00
Love Hornquist Astrand
523d84b417 return error from lower layer 2011-04-14 12:54:16 -07:00
Love Hornquist Astrand
6f5b93fc8b return error from lower layer 2011-04-14 12:54:16 -07:00
Love Hornquist Astrand
ec88b5d043 move _gss_DES3_get_mic_compat to after ->target is set
Patch from Roland Dowdeswell
2011-04-14 12:54:15 -07:00
Luke Howard
0d7bc0c549 remove user_ok from gss_authorize_localname 2011-04-09 13:41:51 +10:00
Luke Howard
bac9c34172 authorize_localname SPI now includes nametype 2011-04-09 11:34:19 +10:00
Luke Howard
6c6e483e00 gss_authorize_localname implementation 2011-04-08 10:58:57 +10:00
Luke Howard
6ec5011d48 Merge branch 'master' into lukeh/moonshot 2011-04-08 09:05:36 +10:00
Love Hornquist Astrand
3d36172090 allow keytab specifiction to gsskrb5_register_acceptor_identity 2011-04-07 07:15:28 -07:00
Luke Howard
ca48b27fe7 add _gsskrb5_pname_to_uid implementation 2011-03-20 23:31:32 +11:00
Luke Howard
0dff021161 add krb5 glue for userok 2011-03-20 20:57:24 +11:00
Derrick Brashear
c5d0acb859 Correct "not newer" etypes per RFC 4121
Section 1 of RFC 4121 describes behavior which
    applies when using "newer" etypes, then goes on in
    table form to list etypes which are not newer.
    While it specifies it is ok to use new token formats
    when both initiator and acceptor are known to handle them,
    this code makes no such verification, and encoded an
    incorrect set of etypes as "not newer". Correct the list.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2011-02-24 19:22:25 -08:00
Love Hornquist Astrand
7e1ba19fda setup cfx context, found by Jaideep Padhye 2011-02-02 21:37:26 -08:00
Andrew Tridgell
9e1d467534 s4-heimdal: implement KERB_AP_ERR_TYPE_SKEW_RECOVERY
this e_data field in a kerberos error packet tells windows to do clock
skew recovery.

See [MS-KILE] 2.2.1 KERB-ERROR-DATA

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2011-01-30 11:26:31 -08:00
Luke Howard
21c5987018 Rename GSS_IOV_BUFFER_TYPE_FLAG to GSS_IOV_BUFFER_FLAG
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2011-01-03 13:22:57 +01:00
Love Hornquist Astrand
2038d6f56e don't whine when principal is not found in cache, also, use krb5_cc function to make it not hit the network 2010-11-29 09:31:07 -08:00
Love Hornquist Astrand
5dcf0753f4 fill in all mo that make sense for now 2010-11-25 23:52:43 -08:00
Love Hornquist Astrand
6ca842c5b7 gss_indicate_mechs_by_attrs 2010-11-25 21:40:25 -08:00
Love Hornquist Astrand
c1069f8a36 add _gss_oid_name_table 2010-11-25 20:20:03 -08:00
Love Hornquist Astrand
bdc9112651 add missing symbols 2010-11-25 18:36:55 -08:00