| Commit message (Collapse) | Author | Age |
|
|
|
|
| |
Move global variables and one function out of main.c so that the rest of
the server can be linked with a test harness.
|
|
|
|
| |
This fixes #94
|
|
|
|
|
|
|
|
|
|
| |
When a braindump fails, leave the other server's status at SERV_STARTING
instead of downgrading to SERV_DEAD, and schedule the next hello to that
server at the regular timeout instead of immediately. Otherwise, failed
bdumps are retried repeatedly with no delay, keeping the server busy, the
logs full, and the network congested.
This fixes #89
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Eliminate compiler warnings due to various issues (listed below). This
allows Zephyr to build cleanly under GCC versions ranging from 4.1.0 to
4.7.2 with all of the options shown below:
-g -O2 -Wall -Werror
-Wno-deprecated-declarations
-Wmissing-declarations
-Wpointer-arith
-Wstrict-prototypes
-Wshadow
-Wextra
-Wno-missing-field-initializers
-Wno-unused-parameter
and, on recent versions, -Wunreachable-code
Test builds were done
- On Ubuntu 12.10 (Quantal Quetzal) using both MIT Kerberos 1.10.1 and
Heimdal 1.6, without krb4 and both with and without C-Ares and Hesiod
- On Fedora 14 using Heimdal 0.6, without C-Ares or Hesiod and both
with and without krb4 (KTH Kerberos 1.3rc2)
- On Fedora Core 3, Fedora Core 5, Fedora 7, and Fedora 10, using
Heimdal 0.6 and without C-Ares, Hesiod, or krb4
It also allows clean builds on Solaris 10 under the Sun Studio 12 (9/07)
C compiler with the following options:
-g -fd -v -errfmt -errhdr=%user -errtags=yes -errwarn=%all
-erroff=E_OLD_STYLE_FUNC_DECL,E_ENUM_TYPE_MISMATCH_ARG,E_ARG_INCOMPATIBLE_WITH_ARG
... and under Solaris 9 with the Sun Forte 7 (3/02) C compiler with the above
options and -erroff=E_FUNC_HAS_NO_RETURN_STMT. Solaris builds were done
with Heimdal 0.6 and without C-Ares, Hesiod, or krb4.
The following types of issues are addressed in this change:
- Parameters and local variables with the same names as library functions
- Parameters and local variables with the same names as globals
- Declarations for exported global variables missing from headers
- Prototypes for exported functions missing from headers
- Missing 'static' on functions that shouldn't be exported
- Old-style function declarations
- Duplicate declarations
- Type mismatches
- Unused variables and functions
- Uninitialized variables
- Forward references to enums
- Necessary header files not included
- Violations of the aliasing rules, where GCC was able to detect them
- Missing braces on if blocks that might be empty
- Attempts to do pointer arithmetic on pointers of type void *, which
is not permitted in standard C.
- An attempt to pass a function pointer via a void * parameter, which is
not permitted in standard C. Instead, we now pass a pointer to a
structure, which then contains the required function pointer.
- Unnecessary inclusion of <krb5_err.h>, which is already included by
<krb5.h> when the former exists, and might not be protected against
double inclusion, depending on which com_err was used.
- Missing include of <com_err.h>, which was masked by the fact that it is
included by headers generated by e2fsprogs compile_et
- Use of com_err() with a non-constant value in place of the format string,
which in every case was a fixed-size buffer in which a message was built
using sprintf(!). Both the calls to sprintf and the fixed-size buffers
have been removed, in favor of just letting com_err() do the formatting.
- Various cases where X library functions expecting a parameter of type
wchar_t * were instead passed a parameter of type XChar2b *. The two
types look similar, but are not the same and are _not_ interchangeable.
- An overly-simplistic configure test which failed to detect existence of
<term.h> on Solaris, due to not including <curses.h>.
- Using the wrong type for the flags output of krb5_auth_con_getflags()
when building against Heimdal. A configure test is added to detect
the correct type.
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
only send one sub per packet in braindump
refactor bdump_send_list_tcp and send_normal_tcp
brain dump can now cleanly receive overlarge encrypted packets
refactor subscr_send_subs and subscr_send_realm_subs
nuke trailing whitespace
|
|
|
|
|
| |
(which coincidentally keeps us from reporting the wrong function with an
error code)
|
|
|
|
| |
Also clean up some indentation and add error logging.
|
| |
|
|
|
|
| |
don't use din anyway
|
| |
|
|
|
|
| |
figure out where it is
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
was being sent in an extra header field. This worked about as well as you
might expect. Fortunately we happened to be putting an address in header
field 18 anyway, so backwards compatibility should be relatively painless.
I don't know which approach is a more egregious hack, but this change
at least nets us four less lines of code, which is obviously good, right?
Oh, and while we're at it, if the sa_family isn't set on the sender address,
just cringe and set it to AF_INET.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
krb_get_err_text -> error_message
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
getsid problem
|
| |
|
| |
|
|
|
|
| |
and have a command line switch to choose between the sort you use when getting them
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
* Better interrealm support, including setting realm correctly so we can
override it with a command line switch, dealing correctly when we
don't know a realm, and calling subscr_subscribe with server info.
* Some memset 0 cleanliness.
|
| |
|
| |
|
|
|
|
|
|
|
| |
(I'm not sure why, but it still took ten hours for erato to recover
from having an invalid tgt), and we now understand what the problem is
(the KDC is handing out identical answers for requests from two
different clients; obviously, one of them gets an incorrect address).
|
|
|
|
|
| |
have a bad TGT, so discard our tickets. This should never happen, but
it does. If we ever figure out why, then this change can go away.
|
| |
|
|
|
|
| |
detailed change information.
|
|
|
|
|
| |
in critical code, and let the main loop deal with the flag being set.
This saves on context switches into the kernel for this rare condition.
|
|
|
|
|
|
|
| |
Changed bzero/bcopy to memset/memcpy [ANSI]
Encrypt/decrypt user session keys during server-server updates (bdump 1.1)
Check realm of server trying to update us (security)
Use symbolic names: SERVER_SERVICE and SERVER_INSTANCE, not "zephyr"
|