summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* It is still not the 80s anymore -- remove all caddr_tsGravatar Karl Ramm2011-02-02
|
* make -DZ_DEBUG workGravatar Karl Ramm2011-02-02
|
* Explicitly define ZNotice_Kind constants + actually define the promised stringsGravatar Karl Ramm2011-02-02
| | | | | | | | | Since these are constants used in the protocol be explicit about what values the C compiler is assigning them, and that they can't be arbitrarily rearranged. Also, since we were promising strings for describing them in zephyr.h actually define the array.
* ZOpenPort stashes the port number, no need to getsockname againGravatar Karl Ramm2011-02-02
|
* use system MINGravatar Karl Ramm2011-02-02
|
* syslogging for evety tcp-ized packet slows things down too muchGravatar Karl Ramm2010-12-19
|
* Fix typoGravatar Karl Ramm2010-12-19
|
* Drop stale code for long-lost debugging malloc.Gravatar Karl Ramm2010-12-19
|
* remove a stupid cpp trickGravatar Karl Ramm2010-12-19
|
* In the expired tickets case, authent->length is probably gibberish;Gravatar Karl Ramm2010-12-11
| | | | notice->z_authent_authent_len will be zero.
* Apparently, on Linux at least, if you have an open UDP listening socketGravatar Karl Ramm2010-12-04
| | | | | | with SO_REUSADDR set on a given port, other people can also open listening sockets with SO_REUSEADDR set, so turn SO_REUSADDR back off after we've bound our port.
* Document the -n and -N flags to zhm.Gravatar Karl Ramm2010-12-04
|
* No more K&R!Gravatar Karl Ramm2010-12-04
|
* (Dumb preprocessor tricks)--Gravatar Karl Ramm2010-12-04
|
* No output, ever! We have com_err for a reasonGravatar Karl Ramm2010-12-04
|
* check the return code from krb5_get_default_realm _before_ dereferencingGravatar Karl Ramm2010-11-08
| | | | the pointer
* preserve tags (and use dh_prep instead of dh_clean as build-prep)Gravatar Karl Ramm2010-11-08
|
* This will be 3.0.1Gravatar Karl Ramm2010-11-06
|
* Restate error table dependencies such that make -j doesn't trip over itselfGravatar Karl Ramm2010-11-06
| | | | (thanks to wthrowe@mit.edu)
* Have the makefiles support explicit target directories properly, courtesy ↵Gravatar Karl Ramm2010-11-06
| | | | wthrowe@mit.edu
* Actually take a --with-ares flag, thanks to wthrowe@mit.edu.Gravatar Karl Ramm2010-11-06
| | | | | | Call it cares consistently, though. (regenerate configure, pulling in a new config.{guess,sub})
* utmp.h doesn't appear to be used for anything in Zinternal.cGravatar Karl Ramm2010-11-06
| | | | and it breaks the build when there isn't a utmp.h
* don't just ignore all .filesGravatar Karl Ramm2010-11-06
| | | | ignore TAGS
* clean up realm_sendit_authGravatar Karl Ramm2010-11-06
|
* Clean up xmitGravatar Karl Ramm2010-08-24
|
* A argument for not doing a "quick change" at 3am. (braino, fixes previous)Gravatar Karl Ramm2010-08-24
|
* Don't leak memory when refragmenting sketchy packets.Gravatar Karl Ramm2010-08-24
|
* stop using MAXHOSTNAMELEN in a variety of places. Also ↵Gravatar Karl Ramm2010-08-24
| | | | nuke-trailing-whitespace.
* Don't use MAXPATHLEN anymore.Gravatar Karl Ramm2010-08-24
| | | | | | | Some systems don't have it, having shaken off the shackles of fixed lengths. Unfortunately rewriting these things "right" in a fashion portable to unembraced-and-extended C libraries is aggravating. So do it wrong until we decide to bite the bullet and demand glib.
* Typo.Gravatar Karl Ramm2010-08-22
|
* cleanup a couple of decades old zwrite nitsGravatar Karl Ramm2010-08-22
| | | | | Don't free the incoming notice if we don't know for sure there's one. Drop the message on read error in the tty case.
* further increase rabidity of .gitignoreGravatar Karl Ramm2010-08-22
|
* increase rabidity of .gitignoreGravatar Karl Ramm2010-08-22
|
* rewrite ZMakeZcodeRealmAuthentication to be less ugly and shorterGravatar Karl Ramm2010-08-22
| | | | | | | | | | | I am becoming increasingly enamored with the fall-through on error clean-up-everything-at-the-end style of C error handling and resource management. Also remove some misleading/useless/wrong comments. (also fix a problem in the tickets expired case where it was using the wrong (possibly undefined) authenticator lengh)
* tweak find_or_replace_uid storage algorithmGravatar Karl Ramm2010-08-22
| | | | | | | | | | | | | | | | | | | | | Per Nelson Elhage: find_or_insert_uid sorts 'buffer' by the uid, which is a remotely-provided field. However, in order to expire uids, it does: while (num && (now - buffer[start % size].t) > CLOCK_SKEW) start++, num--; start %= size; i.e. starts from the start of the queue and goes until it finds something sufficiently new. Since the queue ordering is attacker-controlled, we can send an arbitrarily-long sequence of decreasing uids, consuming memory and forcing the client into an ever-growing quadratic loop to insert them at the beginning. -- Solve this by not keeping the buffer sorted; just tack the incoming uids on the end. This way an attacker can make us keep five minutes worth of UIDs, but only five minutes, and also anecdotally a client under attack spends all of its CPU sort uids.
* fixes for krb5 being more careful about ticket expirationGravatar Karl Ramm2010-08-22
| | | | | | | | | | | | krb5 actually checks in mk_req and fails if the ticks are expired, rather than giving you an authenticator that would fail and, handing you the session key that you'd already negotiated. This causes (meh) sending auth to fail as opposed to just ending up unauthentic and (poor) verifiable messages to look unauthentic or forged. So get the session key from the ccache without checking the expiration time, and have the cert routine skip making an authenticator if krb5_mk_req_extended says the ticket is expired.
* Note for posterity that this is an external-facing functionGravatar Karl Ramm2010-08-22
|
* variables are unused in the HAVE_ARES case, make gcc shut upGravatar Karl Ramm2010-08-22
|
* Make sure broken packets get timed out from the queue.Gravatar Karl Ramm2010-08-22
| | | | | | | (The time used to be set before the bounds check, so one could potentially get an accumulation of packets in the queue without timestamps that could never be assembled into a full notice; thanks to nelhage@mit.edu for noticing.)
* properly set the hostmanager address back if sending an ACK failsGravatar Karl Ramm2010-08-22
| | | | (thanks to nelhage@mit.edu for noticing this)
* multinotice values should just never be negativeGravatar Karl Ramm2010-08-22
|
* fix an allocation-size braino and rearrange for readabilityGravatar Karl Ramm2010-08-22
|
* Fix a leak if ZNewFormatSmallRawNotice fails. (thanks to nelhage@mit.edu for ↵Gravatar Karl Ramm2010-08-22
| | | | noticing)
* Don't crash if the header mysteriously gets too big. (Thanks to ↵Gravatar Karl Ramm2010-08-22
| | | | nelhage@mit.edu for noticing)
* Fix some formatting, and add some paranoia about oversized headers.Gravatar Karl Ramm2010-08-22
| | | | (Thanks to nelhage@mit.edu for noticing the formatting problem)
* fix subscriptions-too-wide-breaks-braindump problemGravatar Karl Ramm2010-07-28
| | | | | | | | only send one sub per packet in braindump refactor bdump_send_list_tcp and send_normal_tcp brain dump can now cleanly receive overlarge encrypted packets refactor subscr_send_subs and subscr_send_realm_subs nuke trailing whitespace
* Fix getting data out of gethostbyname; should fix #69Gravatar Karl Ramm2010-07-28
|
* we are preparing 3.0.1Gravatar Karl Ramm2010-07-28
|
* autoconf test for etext, cleanup #ifdefs for ancient stuff we don't build onGravatar Karl Ramm2010-03-17
|
* It is the twenty-first century, we don't need #ifdef ladders anymore.Gravatar Karl Ramm2010-03-17
|
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-29 10:18:04 +0000