oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
30,833 Commits 2 Branches 2 Tags
fa4c4430f61fa49f7a0987bcb9598ff9ebc5d333
Commit Graph

18253 Commits

Author SHA1 Message Date
Taylor R Campbell
fa4c4430f6 krb5.conf(5): New block_dns option. 
Documented and verified, not yet implemented.
 2024-01-08 10:22:02 -06:00
Nicolas Williams
42e23b1777 roken: Export rk_getpwnam_r() (fix #1097) 
Bug and fix reported by https://github.com/esaaprillia.
 2024-01-05 11:39:19 -06:00
Taylor R Campbell
3171398867 krb5: Fix use-after-free when debug is enabled with http_proxy. 
Instead of freeing host->ai on return from submit_request in the
http_proxy path, stash the proxy's ai in another member host->freeai
which will be freed when host is freed.

Assumption: All hosts created in submit_request cease to be used
before any of them are freed, so it's safe to pick one host to hang
the proxy's ai on and free the ai when that host is freed.

fix https://github.com/heimdal/heimdal/issues/1205
 2024-01-04 14:00:18 -06:00
Nicolas Williams
3253c49544 hx509: Add support for CSRs w/ BasicConstraints (fix) 2023-11-29 13:16:16 -06:00
Joseph Sutton
1baceedb87 krb5: Clarify documentation for ‘pkinit_revoke’ parameter 
If multiple valid CRLs are specified for a particular issuer, only the
first will be checked. The documentation didn’t really hint at this.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:39:18 -05:00
Joseph Sutton
13dbc0a667 krb5: Fix typos in documentation 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:39:18 -05:00
Daria Phoebe Brashear
3c62b6f5d7 kadm5: allow setting password_lifetime to 0 to clear 
when [kadmin] password_lifetime is set to 0, it should clear the time
rather than making the freshly-changed password expire immediately
 2023-11-28 21:38:17 -05:00
Joseph Sutton
12ed86de90 wind: Fix incorrect coding lines 
Commit e172367898 converted all these
files to UTF-8, but didn’t change the coding lines.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:37:56 -05:00
Joseph Sutton
ff079377f2 wind: Do not use invalid escape sequences 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:37:56 -05:00
Joseph Sutton
a9f21ebdac roken: Const-qualify sys_errlist 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:37:56 -05:00
Joseph Sutton
744678eb03 krb5: Use NULL pointer constant 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:37:56 -05:00
Joseph Sutton
e8b42d9d42 hx509: Fix incorrect documentation comment 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:37:56 -05:00
Joseph Sutton
bbe9c83b19 hx509: Remove unused variable 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:37:56 -05:00
Joseph Sutton
59f89e4b15 hx509: Avoid misleading error message 
If ‘keyid’ is an empty string, then the numeric error code that gets
appended to this error message may be mistaken for the key ID. Address
this by not mentioning any ID in such cases.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:37:56 -05:00
Joseph Sutton
df6c33ff1e hx509: Use NULL pointer constant 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:37:56 -05:00
Joseph Sutton
e9bc20f5da hcrypto: Fix errors produced by compiling with FORTIFY_SOURCE=2 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:37:56 -05:00
Joseph Sutton
1f88e8c919 wind: Fix code spelling 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:34:35 -05:00
Joseph Sutton
a4b4e982f3 krb5: Fix code spelling 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:34:35 -05:00
Joseph Sutton
7369cbd11c krb5: Fix spelling of error messages 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:34:35 -05:00
Joseph Sutton
05602c2286 hx509: Fix code spelling 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:34:35 -05:00
Joseph Sutton
ef083a0e2c hx509: Fix code spelling 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:34:35 -05:00
Joseph Sutton
61bf5009a0 hx509: Fix spelling of error messages 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:34:35 -05:00
Joseph Sutton
d9d3dd448d hdb: Fix code spelling 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:34:35 -05:00
Joseph Sutton
7cb320b46a hdb: Fix error messages 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:34:35 -05:00
Joseph Sutton
551f0c32fa base: Fix code spelling 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:34:35 -05:00
Joseph Sutton
a3878d3e9d wind: Deny invalid UTF-8 encodings 
Codepoints above U+10FFFF and overlong encodings are considered invalid.
Unpaired surrogates are not, as these are known to be generated on
occasion — by Windows, for example.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-08 14:58:21 -06:00
Joseph Sutton
bf25b38c0a wind: Support UTF-8–encoding non-BMP codepoints 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-08 14:58:21 -06:00
Joseph Sutton
ba63461cd4 wind: Support UTF-16–encoding non-BMP codepoints 
View with ‘git show -b’.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-08 14:58:21 -06:00
Joseph Sutton
821fac3648 wind: Use portable integer types 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-08 14:58:21 -06:00
Joseph Sutton
db70a76074 wind: Do not perform arithmetic on a NULL pointer 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-08 14:58:21 -06:00
Joseph Sutton
ed798da1f2 wind: Fix documentation comment 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-08 14:58:21 -06:00
Nicolas Williams
2ad736a579 hx509: Fix EACCES / ENOMEM confusion 2023-11-08 14:22:02 -06:00
Nicolas Williams
be0d1e68e5 hx509: Add support for CSRs w/ BasicConstraints 2023-11-08 14:22:02 -06:00
Joseph Sutton
487ba95669 wind: Don’t use invalid escape sequences 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
a18436d709 roken: Remove excess zeros in literals 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
30e3921ad1 krb5: Fix error condition 
‘ret’ can only ever be equal to zero.

Found by Coverity (Samba CID 1518754).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
b1f7a63e41 krb5: Fix error code mapping 
Found by Coverity (Samba CID 1518726).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
b0f196880c krb5: Check result of calling decode_Ticket() 
Found by Coverity (Samba CID 241005).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
0334d9e55a krb5: Check function return values 
Found by Coverity (Samba CID 240644).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
e53d594d05 krb5: Check return value of RAND_bytes() 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
62e63b2da6 krb5: Fix unused variable 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
a840986dc0 hx509: Check return value of RAND_bytes() 
Found by Coverity (Samba CID 1544600).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
d1b9d2c2f9 hx509: Add missing format specifier 
Found by Coverity (Samba CID 1544604).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
7ee2ddd71a hx509: Use correct format specifier 
Found by Coverity (Samba CID 1544606).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
13f96a2c89 hx509: Don’t pass excess arguments to variadic functions 
Found by Coverity (Samba CID 1544609).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
d71035e2d1 hdb: Initialize ‘tm’ structure 
‘tm’ must be initialized prior to calling strptime().

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
806bf5f571 hdb: Initialize ‘tm’ structure 
‘tm’ must be initialized prior to calling strptime().

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
f7bcd8665c hdb: Remove redundant assignment 
Found by Coverity (Samba CID 1544603).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
c3e3d02b01 hcrypto: Don’t cast away const 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Nicolas Williams
c922303dd0 asn1: Do not emit the same ASN.1 C comments repeatedly 2023-09-21 23:08:34 -04:00