From rt-comment at krbdev.mit.edu Tue Jul 7 10:06:02 2009 From: rt-comment at krbdev.mit.edu (The RT System itself via RT) Date: Tue, 7 Jul 2009 14:06:02 +0000 (UTC) Subject: [krbdev.mit.edu #6525] man pages can have incorrect path names in them In-Reply-To: Message-ID: >From krb5-bugs-incoming-bounces at PCH.mit.edu Tue Jul 7 14:06:01 2009 Return-Path: X-Original-To: krb5-send-pr-nospam1 at krbdev.mit.edu Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (Postfix) with ESMTP id A914CCC83D; Tue, 7 Jul 2009 14:06:01 +0000 (UTC) Received: from pch.mit.edu (pch.mit.edu [127.0.0.1]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id n67E61Hx004518; Tue, 7 Jul 2009 10:06:01 -0400 Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.7.7.76]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id n66K7s7A023068 for ; Mon, 6 Jul 2009 16:08:00 -0400 Received: from mit.edu (W92-130-BARRACUDA-2.MIT.EDU [18.7.21.223]) by fort-point-station.mit.edu (8.13.6/8.9.2) with ESMTP id n66K7ls0021941 for ; Mon, 6 Jul 2009 16:07:47 -0400 (EDT) Received: from mx1.redhat.com (localhost [127.0.0.1]) by mit.edu (Spam Firewall) with ESMTP id E1997232B7A4 for ; Mon, 6 Jul 2009 16:07:45 -0400 (EDT) Received: from mx1.redhat.com (mx1.redhat.com [66.187.233.31]) by mit.edu with ESMTP id cAAEbed1dCxdW75Q for ; Mon, 06 Jul 2009 16:07:45 -0400 (EDT) Received: from int-mx1.corp.redhat.com (int-mx1.corp.redhat.com [172.16.52.254]) by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id n66K7jSQ020367 for ; Mon, 6 Jul 2009 16:07:45 -0400 Received: from blade.bos.redhat.com (blade.bos.redhat.com [10.16.0.23]) by int-mx1.corp.redhat.com (8.13.1/8.13.1) with ESMTP id n66K7iPP013334 for ; Mon, 6 Jul 2009 16:07:44 -0400 Received: from blade.bos.redhat.com (localhost.localdomain [127.0.0.1]) by blade.bos.redhat.com (8.14.3/8.14.2) with ESMTP id n66K7ic1003110 for ; Mon, 6 Jul 2009 16:07:44 -0400 Received: (from nalin at localhost) by blade.bos.redhat.com (8.14.3/8.14.3/Submit) id n66K7ioG003108; Mon, 6 Jul 2009 16:07:44 -0400 Date: Mon, 6 Jul 2009 16:07:44 -0400 Message-Id: <200907062007.n66K7ioG003108 at blade.bos.redhat.com> To: krb5-bugs at mit.edu Subject: preprocessing manual pages to get correct file paths From: nalin at redhat.com X-send-pr-version: 3.99 X-Scanned-By: MIMEDefang 2.42 X-Scanned-By: MIMEDefang 2.58 on 172.16.52.254 X-Spam-Score: 0.00 X-Spam-Flag: NO X-Mailman-Approved-At: Tue, 07 Jul 2009 10:05:59 -0400 X-BeenThere: krb5-bugs-incoming at mailman.mit.edu X-Mailman-Version: 2.1.6 Precedence: list Reply-To: nalin at redhat.com Sender: krb5-bugs-incoming-bounces at PCH.mit.edu Errors-To: krb5-bugs-incoming-bounces at PCH.mit.edu >Submitter-Id: net >Originator: >Organization: >Confidential: no >Synopsis: man pages can have incorrect path names in them >Severity: non-critical >Priority: low >Category: krb5-misc >Class: doc-bug >Release: 1.7 >Environment: System: Linux blade.bos.redhat.com 2.6.29.4-167.fc11.x86_64 #1 SMP Wed May 27 17:27:08 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux Architecture: x86_64 >Description: Several of the man pages include the paths to daemon binaries and other files which are read or used by various applications in the distribution. The paths listed in them aren't updated to reflect the settings passed to configure at build-time, so they can be incorrect on an installed system. >How-To-Repeat: From the source tree, configure with a prefix of /tmp/krb5, build, and compare the path listed for kdc.conf in kdc.conf(5) against the value of DEFAULT_KDC_PROFILE (from include/osconf.h) that's been compiled into krb5kdc. >Fix: This patch adds logic to the various configure.in files to resolve the names of configured directories to paths, and to turn the man pages in the tree into templates which can then be preprocessed to yield the files that 'make install' will install. After applying this patch, each of the affected files needs to be renamed by putting a ".in" on the end of its name: appl/bsd/klogind.M appl/bsd/kshd.M appl/sample/sserver/sserver.M appl/telnet/telnetd/telnetd.8 config-files/kdc.conf.M config-files/krb5.conf.M kadmin/cli/kadmin.M slave/kpropd.M slave/kprop.M Other man pages could be renamed and preprocessed, but for the moment they don't appear to need to be. Index: src/configure.in =================================================================== --- src/configure.in (revision 22425) +++ src/configure.in (working copy) @@ -1043,6 +1043,16 @@ AC_CONFIG_SUBDIRS(appl/libpty appl/bsd appl/gssftp appl/telnet) AC_CONFIG_FILES(krb5-config, [chmod +x krb5-config]) + +V5_AC_OUTPUT_MANPAGE([ + appl/sample/sserver/sserver.M + config-files/kdc.conf.M + config-files/krb5.conf.M + kadmin/cli/kadmin.M + slave/kpropd.M + slave/kprop.M +]) + V5_AC_OUTPUT_MAKEFILE(. util util/support util/profile util/send-pr Index: src/appl/sample/sserver/sserver.M =================================================================== --- src/appl/sample/sserver/sserver.M (revision 22425) +++ src/appl/sample/sserver/sserver.M (working copy) @@ -59,7 +59,7 @@ using a line in /etc/inetd.conf that looks like this: .PP -sample stream tcp nowait root /usr/local/sbin/sserver sserver +sample stream tcp nowait root @mansbindir@/sserver sserver .PP Since \fBsample\fP is normally not a port defined in /etc/services, you will usually have to add a line to /etc/services which looks like this: Index: src/appl/gssftp/configure.in =================================================================== --- src/appl/gssftp/configure.in (revision 22425) +++ src/appl/gssftp/configure.in (working copy) @@ -65,4 +65,9 @@ dnl dnl KRB5_BUILD_PROGRAM + +V5_AC_OUTPUT_MANPAGE([ + ftpd/ftpd.M +]) + V5_AC_OUTPUT_MAKEFILE(. ftp ftpd) Index: src/appl/gssftp/ftpd/ftpd.M =================================================================== --- src/appl/gssftp/ftpd/ftpd.M (revision 22425) +++ src/appl/gssftp/ftpd/ftpd.M (working copy) @@ -35,7 +35,7 @@ .SH NAME ftpd \- DARPA Internet File Transfer Protocol server .SH SYNOPSIS -.B ftpd +.B @mansbindir@/ftpd [\fB\-A \fP|\fB -a\fP] [\fB\-C\fP] [\fB\-c\fP] [\fB\-d\fP] [\fB-E\fP] [\fB\-l\fP] [\fB\-v\fP] [\fB\-T\fP \fImaxtimeout\fP] [\fB\-t\fP \fItimeout\fP] [\fB\-p\fP \fIport\fP] [\fB\-U\fP \fIftpusers-file\fP] [\fB\-u\fP \fIumask\fP] Index: src/appl/bsd/klogind.M =================================================================== --- src/appl/bsd/klogind.M (revision 22425) +++ src/appl/bsd/klogind.M (working copy) @@ -27,7 +27,7 @@ the port indicated in /etc/inetd.conf. A typical /etc/inetd.conf configuration line for \fIklogind\fP might be: -klogin stream tcp nowait root /usr/cygnus/sbin/klogind klogind -e5c +klogin stream tcp nowait root @mansbindir@/klogind klogind -e5c When a service request is received, the following protocol is initiated: Index: src/appl/bsd/kshd.M =================================================================== --- src/appl/bsd/kshd.M (revision 22425) +++ src/appl/bsd/kshd.M (working copy) @@ -8,7 +8,7 @@ .SH NAME kshd \- kerberized remote shell server .SH SYNOPSIS -.B /usr/local/sbin/kshd +.B @mansbindir@/kshd [ .B \-kr45ec ] @@ -30,7 +30,7 @@ on the port indicated in /etc/inetd.conf. A typical /etc/inetd.conf configuration line for \fIkrshd\fP might be: -kshell stream tcp nowait root /usr/local/sbin/kshd kshd -5c +kshell stream tcp nowait root @mansbindir@/kshd kshd -5c When a service request is received, the following protocol is initiated: Index: src/appl/bsd/configure.in =================================================================== --- src/appl/bsd/configure.in (revision 22425) +++ src/appl/bsd/configure.in (working copy) @@ -156,4 +156,10 @@ KRB5_AC_LIBUTIL KRB5_BUILD_PROGRAM + +V5_AC_OUTPUT_MANPAGE([ + klogind.M + kshd.M +]) + V5_AC_OUTPUT_MAKEFILE Index: src/appl/telnet/telnetd/telnetd.8 =================================================================== --- src/appl/telnet/telnetd/telnetd.8 (revision 22425) +++ src/appl/telnet/telnetd/telnetd.8 (working copy) @@ -37,7 +37,7 @@ .SM DARPA TELNET protocol server .SH SYNOPSIS -.B /usr/libexec/telnetd +.B @mansbindir@/telnetd [\fB\-a\fP \fIauthmode\fP] [\fB\-B\fP] [\fB\-D\fP] [\fIdebugmode\fP] [\fB\-e\fP] [\fB\-h\fP] [\fB\-I\fP\fIinitid\fP] [\fB\-l\fP] [\fB\-k\fP] [\fB\-n\fP] [\fB\-r\fP\fIlowpty-highpty\fP] [\fB\-s\fP] Index: src/appl/telnet/configure.in =================================================================== --- src/appl/telnet/configure.in (revision 22425) +++ src/appl/telnet/configure.in (working copy) @@ -161,4 +161,9 @@ LIBS="$old_LIBS" dnl KRB5_AC_LIBUTIL + +V5_AC_OUTPUT_MANPAGE([ + telnetd/telnetd.8 +]) + V5_AC_OUTPUT_MAKEFILE(. libtelnet telnet telnetd) Index: src/kadmin/cli/kadmin.M =================================================================== --- src/kadmin/cli/kadmin.M (revision 22425) +++ src/kadmin/cli/kadmin.M (working copy) @@ -850,9 +850,9 @@ .RS .TP EXAMPLE: -kadmin: ktremove -k /usr/local/var/krb5kdc/kadmind.keytab kadmin/admin +kadmin: ktremove -k @manlocalstatedir@/krb5kdc/kadmind.keytab kadmin/admin Entry for principal kadmin/admin with kvno 3 removed - from keytab WRFILE:/usr/local/var/krb5kdc/kadmind.keytab. + from keytab WRFILE:@manlocalstatedir@/krb5kdc/kadmind.keytab. kadmin: .RE .fi @@ -894,7 +894,7 @@ .SH HISTORY The .B kadmin -prorgam was originally written by Tom Yu at MIT, as an interface to the +program was originally written by Tom Yu at MIT, as an interface to the OpenVision Kerberos administration program. .SH SEE ALSO .IR kerberos (1), Index: src/config-files/kdc.conf.M =================================================================== --- src/config-files/kdc.conf.M (revision 22425) +++ src/config-files/kdc.conf.M (working copy) @@ -82,14 +82,14 @@ .B string specifies the location of the access control list (acl) file that kadmin uses to determine which principals are allowed which permissions -on the database. The default value is /usr/local/var/krb5kdc/kadm5.acl. +on the database. The default value is @manlocalstatedir@/krb5kdc/kadm5.acl. .IP admin_keytab This .B string Specifies the location of the keytab file that kadmin uses to authenticate to the database. The default value is -/usr/local/var/krb5kdc/kadm5.keytab. + at manlocalstatedir@/krb5kdc/kadm5.keytab. .IP database_name This @@ -257,7 +257,7 @@ realm names and the [capaths] section of its krb5.conf file .SH FILES -/usr/local/var/krb5kdc/kdc.conf + at manlocalstatedir@/krb5kdc/kdc.conf .SH SEE ALSO krb5.conf(5), krb5kdc(8) Index: src/config-files/krb5.conf.M =================================================================== --- src/config-files/krb5.conf.M (revision 22425) +++ src/config-files/krb5.conf.M (working copy) @@ -643,6 +643,6 @@ This LDAP specific tag indicates the number of connections to be maintained per LDAP server. .SH FILES -/etc/krb5.conf + at mansysconfdir@/krb5.conf .SH SEE ALSO syslog(3) Index: src/slave/kprop.M =================================================================== --- src/slave/kprop.M (revision 22425) +++ src/slave/kprop.M (working copy) @@ -39,7 +39,7 @@ This is done by transmitting the dumped database file to the slave server over an encrypted, secure channel. The dump file must be created by kdb5_util, and is normally KPROP_DEFAULT_FILE -(/usr/local/var/krb5kdc/slave_datatrans). +(@manlocalstatedir@/krb5kdc/slave_datatrans). .SH OPTIONS .TP \fB\-r\fP \fIrealm\fP @@ -51,7 +51,7 @@ \fB\-f\fP \fIfile\fP specifies the filename where the dumped principal database file is to be found; by default the dumped database file is KPROP_DEFAULT_FILE -(normally /usr/local/var/krb5kdc/slave_datatrans). +(normally @manlocalstatedir@/krb5kdc/slave_datatrans). .TP \fB\-P\fP \fIport\fP specifies the port to use to contact the Index: src/slave/kpropd.M =================================================================== --- src/slave/kpropd.M (revision 22425) +++ src/slave/kpropd.M (working copy) @@ -74,7 +74,7 @@ This is done by adding a line to the inetd.conf file which looks like this: -kprop stream tcp nowait root /usr/local/sbin/kpropd kpropd +kprop stream tcp nowait root @mansbindir@/kpropd kpropd However, kpropd can also run as a standalone deamon, if the .B \-S @@ -111,13 +111,13 @@ \fB\-f\fP \fIfile\fP specifies the filename where the dumped principal database file is to be stored; by default the dumped database file is KPROPD_DEFAULT_FILE -(normally /usr/local/var/krb5kdc/from_master). +(normally @manlocalstatedir@/krb5kdc/from_master). .TP .B \-p allows the user to specify the pathname to the .IR kdb5_util (8) program; by default the pathname used is KPROPD_DEFAULT_KDB5_UTIL -(normally /usr/local/sbin/kdb5_util). +(normally @mansbindir@/kdb5_util). .TP .B \-S turn on standalone mode. Normally, kpropd is invoked out of @@ -148,14 +148,14 @@ allows the user to specify the path to the kpropd.acl file; by default the path used is KPROPD_ACL_FILE -(normally /usr/local/var/krb5kdc/kpropd.acl). +(normally @manlocalstatedir@/krb5kdc/kpropd.acl). .SH FILES .TP "\w'kpropd.acl\ \ 'u" kpropd.acl Access file for .BR kpropd ; the default location is KPROPD_ACL_FILE (normally -/usr/local/var/krb5kdc/kpropd.acl). + at manlocalstatedir@/krb5kdc/kpropd.acl). Each entry is a line containing the principal of a host from which the local machine will allow Kerberos database propagation via kprop. .SH SEE ALSO Index: src/aclocal.m4 =================================================================== --- src/aclocal.m4 (revision 22425) +++ src/aclocal.m4 (working copy) @@ -1784,3 +1784,28 @@ ])) ])dnl dnl +dnl Preprocess the file in question, and define some substitution variables +dnl which represent "interesting" directory paths which those pages might +dnl need to refer to. +AC_DEFUN(V5_AC_OUTPUT_MANPAGE,[ +mansysconfdir=$sysconfdir +mansysconfdir=`eval echo $mansysconfdir | sed -e "s,NONE,$prefix,g"` +mansysconfdir=`eval echo $mansysconfdir | sed -e "s,NONE,$ac_default_prefix,g"` +mansbindir=$sbindir +mansbindir=`eval echo $mansbindir | sed -e "s,NONE,$exec_prefix,g"` +mansbindir=`eval echo $mansbindir | sed -e "s,NONE,$prefix,g"` +mansbindir=`eval echo $mansbindir | sed -e "s,NONE,$ac_default_prefix,g"` +manlocalstatedir=$localstatedir +manlocalstatedir=`eval echo $manlocalstatedir | sed -e "s,NONE,$prefix,g"` +manlocalstatedir=`eval echo $manlocalstatedir | sed -e "s,NONE,$ac_default_prefix,g"` +manlibexecdir=$libexecdir +manlibexecdir=`eval echo $manlibexecdir | sed -e "s,NONE,$exec_prefix,g"` +manlibexecdir=`eval echo $manlibexecdir | sed -e "s,NONE,$prefix,g"` +manlibexecdir=`eval echo $manlibexecdir | sed -e "s,NONE,$ac_default_prefix,g"` +AC_SUBST(mansysconfdir) +AC_SUBST(mansbindir) +AC_SUBST(manlocalstatedir) +AC_SUBST(manlibexecdir) +AC_CONFIG_FILES($1) +])dnl +dnl From rt-comment at krbdev.mit.edu Tue Jul 7 10:06:02 2009 From: rt-comment at krbdev.mit.edu (The RT System itself via RT) Date: Tue, 7 Jul 2009 14:06:02 +0000 (UTC) Subject: [krbdev.mit.edu #6524] ftp and rcp behave oddly with large files on 32-bit systems In-Reply-To: Message-ID: >From krb5-bugs-incoming-bounces at PCH.mit.edu Tue Jul 7 14:06:01 2009 Return-Path: X-Original-To: krb5-send-pr-nospam1 at krbdev.mit.edu Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (Postfix) with ESMTP id 73A80CC838; Tue, 7 Jul 2009 14:06:01 +0000 (UTC) Received: from pch.mit.edu (pch.mit.edu [127.0.0.1]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id n67E612a004515; Tue, 7 Jul 2009 10:06:01 -0400 Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id n66Mmagu004961 for ; Mon, 6 Jul 2009 18:48:36 -0400 Received: from mit.edu (W92-130-BARRACUDA-3.MIT.EDU [18.7.21.224]) by pacific-carrier-annex.mit.edu (8.13.6/8.9.2) with ESMTP id n66MmSKE021123 for ; Mon, 6 Jul 2009 18:48:29 -0400 (EDT) Received: from mx1.redhat.com (localhost [127.0.0.1]) by mit.edu (Spam Firewall) with ESMTP id 1A8892263314 for ; Mon, 6 Jul 2009 18:48:27 -0400 (EDT) Received: from mx1.redhat.com (mx1.redhat.com [66.187.233.31]) by mit.edu with ESMTP id RaQx1JmAOZfjSK0W for ; Mon, 06 Jul 2009 18:48:27 -0400 (EDT) Received: from int-mx1.corp.redhat.com (int-mx1.corp.redhat.com [172.16.52.254]) by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id n66MmRgI011249 for ; Mon, 6 Jul 2009 18:48:27 -0400 Received: from blade.bos.redhat.com (blade.bos.redhat.com [10.16.0.23]) by int-mx1.corp.redhat.com (8.13.1/8.13.1) with ESMTP id n66MmQjS005981 for ; Mon, 6 Jul 2009 18:48:27 -0400 Received: from blade.bos.redhat.com (localhost.localdomain [127.0.0.1]) by blade.bos.redhat.com (8.14.3/8.14.2) with ESMTP id n66MmQVI020964 for ; Mon, 6 Jul 2009 18:48:26 -0400 Received: (from nalin at localhost) by blade.bos.redhat.com (8.14.3/8.14.3/Submit) id n66MmQeM020962; Mon, 6 Jul 2009 18:48:26 -0400 Date: Mon, 6 Jul 2009 18:48:26 -0400 Message-Id: <200907062248.n66MmQeM020962 at blade.bos.redhat.com> To: krb5-bugs at mit.edu Subject: ftp and rcp behave oddly with large files on 32-bit systems From: nalin at redhat.com X-send-pr-version: 3.99 X-Scanned-By: MIMEDefang 2.42 X-Scanned-By: MIMEDefang 2.58 on 172.16.52.254 X-Spam-Score: 3.507 X-Spam-Level: *** (3.507) X-Spam-Flag: NO X-Mailman-Approved-At: Tue, 07 Jul 2009 10:05:59 -0400 X-BeenThere: krb5-bugs-incoming at mailman.mit.edu X-Mailman-Version: 2.1.6 Precedence: list Reply-To: nalin at redhat.com Sender: krb5-bugs-incoming-bounces at PCH.mit.edu Errors-To: krb5-bugs-incoming-bounces at PCH.mit.edu >Submitter-Id: net >Originator: >Organization: >Confidential: no >Synopsis: ftp and rcp behave oddly with large files on 32-bit systems >Severity: non-critical >Priority: low >Category: krb5-appl >Class: sw-bug >Release: 1.7 >Environment: System: Linux blade.bos.redhat.com 2.6.29.4-167.fc11.x86_64 #1 SMP Wed May 27 17:27:08 EDT 2009 x86_64 x86_64 x86_64 GNU/Linux Architecture: x86_64 >Description: When I transfer a large (>4GB in size) file using gssftp, ftpd prints a negative file size when it initiates the transfer. When I attempt to transfer the file using rcp, it fails. >How-To-Repeat: Use dd to create a potentially-sparse file on a 32-bit server: dd if=/dev/urandom bs=1M seek=6143 of=largefile count=1 Use ftp to connect to ftpd and attempt to download the file, and ftpd will display a negative file size. Attempt to copy it using rcp, and you'll get a "protocol screwup: size not delimited" error when the sender sends a negative file size to the receiver. >Fix: This patch adds calls to AC_SYS_LARGEFILE to the configure scripts for gssftp and the bsd applications. Because off_t might now be larger than a long, it also checks for fseeko() and uses that if it's found. Whenever an off_t needs to be displayed, if the system has a "long long" type, the off_t value is displayed as a "long long" rather than just as a "long". This takes care of the problem on my i386 system, though it hasn't gotten any testing on other OSs. Index: src/appl/gssftp/configure.in =================================================================== --- src/appl/gssftp/configure.in (revision 22425) +++ src/appl/gssftp/configure.in (working copy) @@ -12,6 +12,9 @@ AC_HEADER_STDARG AC_CHECK_HEADER(termios.h,[AC_CHECK_FUNC(cfsetispeed,AC_DEFINE(POSIX_TERMIOS,1,[Define if POSIX termios interface found]))]) AC_CHECK_HEADERS(unistd.h stdlib.h string.h sys/select.h sys/sockio.h paths.h) +AC_SYS_LARGEFILE +AC_FUNC_FSEEKO +AC_CHECK_TYPES([long long]) CHECK_UTMP DECLARE_SYS_ERRLIST AC_REPLACE_FUNCS(getdtablesize) Index: src/appl/gssftp/ftp/ftp_var.h =================================================================== --- src/appl/gssftp/ftp/ftp_var.h (revision 22425) +++ src/appl/gssftp/ftp/ftp_var.h (working copy) @@ -46,12 +46,18 @@ #define FDOPEN_SOCKET(s, mode) fdopen_socket(s, mode) #define SOCKETNO(fd) _get_osfhandle(fd) #define PERROR_SOCKET(str) do { errno = SOCKET_ERRNO; perror(str); } while(0) +#define FSEEK(fd, offset, whence) fseek(fd, (long) offset, whence) #else #define FCLOSE_SOCKET(f) fclose(f) #define FDOPEN_SOCKET(s, mode) fdopen(s, mode) #define SOCKETNO(fd) (fd) #define PERROR_SOCKET(str) perror(str) +#ifdef HAVE_FSEEKO +#define FSEEK(fd, offset, whence) fseeko(fd, (off_t) offset, whence) +#else +#define FSEEK(fd, offset, whence) fseek(fd, (long) offset, whence) #endif +#endif #ifdef _WIN32 typedef void (*sig_t)(int); Index: src/appl/gssftp/ftp/ftp.c =================================================================== --- src/appl/gssftp/ftp/ftp.c (revision 22425) +++ src/appl/gssftp/ftp/ftp.c (working copy) @@ -150,7 +150,11 @@ static void proxtrans (char *, char *, char *); static int initconn (void); +#ifdef HAVE_LONG_LONG +static void ptransfer (char *, long long, struct timeval *, struct timeval *); +#else static void ptransfer (char *, long, struct timeval *, struct timeval *); +#endif static void abort_remote (FILE *); static void tvsub (struct timeval *, struct timeval *, struct timeval *); static char *gunique (char *); @@ -775,7 +779,11 @@ FILE *volatile fin, *volatile dout = 0; int (*volatile closefunc)(); volatile sig_t oldintr, oldintp; +#ifdef HAVE_LONG_LONG + volatile long long bytes = 0, hashbytes = HASHBYTES; +#else volatile long bytes = 0, hashbytes = HASHBYTES; +#endif char *volatile lmode; unsigned char buf[FTP_BUFSIZ], *bufp; @@ -872,7 +880,7 @@ if (restart_point && (strcmp(cmd, "STOR") == 0 || strcmp(cmd, "APPE") == 0)) { - if (fseek(fin, (long) restart_point, 0) < 0) { + if (FSEEK(fin, restart_point, 0) < 0) { fprintf(stderr, "local: %s: %s\n", local, strerror(errno)); restart_point = 0; @@ -1266,7 +1274,7 @@ if (restart_point) { register int i, n, ch; - if (fseek(fout, 0L, L_SET) < 0) + if (FSEEK(fout, 0L, L_SET) < 0) goto done; n = restart_point; for (i = 0; i++ < n;) { @@ -1275,7 +1283,7 @@ if (ch == '\n') i++; } - if (fseek(fout, 0L, L_INCR) < 0) { + if (FSEEK(fout, 0L, L_INCR) < 0) { done: fprintf(stderr, "local: %s: %s\n", local, strerror(errno)); @@ -1538,8 +1546,13 @@ return (FDOPEN_SOCKET(data, lmode)); } +#ifdef HAVE_LONG_LONG +static void ptransfer(char *direction, long long bytes, + struct timeval *t0, struct timeval *t1) +#else static void ptransfer(char *direction, long bytes, struct timeval *t0, struct timeval *t1) +#endif { struct timeval td; float s, kbs; @@ -1549,8 +1562,13 @@ s = td.tv_sec + (td.tv_usec / 1000000.); #define nz(x) ((x) == 0 ? 1 : (x)) kbs = (bytes / nz(s))/1024.0; +#ifdef HAVE_LONG_LONG + printf("%lld bytes %s in %.2g seconds (%.2g Kbytes/s)\n", + bytes, direction, s, kbs); +#else printf("%ld bytes %s in %.2g seconds (%.2g Kbytes/s)\n", bytes, direction, s, kbs); +#endif } } Index: src/appl/gssftp/ftpd/ftpcmd.y =================================================================== --- src/appl/gssftp/ftpd/ftpcmd.y (revision 22425) +++ src/appl/gssftp/ftpd/ftpcmd.y (working copy) @@ -1497,12 +1497,20 @@ (stbuf.st_mode&S_IFMT) != S_IFREG) reply(550, "%s: not a plain file.", filename); else +#ifdef HAVE_LONG_LONG + reply(213, "%llu", (long long) stbuf.st_size); +#else reply(213, "%lu", (long) stbuf.st_size); +#endif break;} case TYPE_A: { FILE *fin; register int c; +#ifdef HAVE_LONG_LONG + register long long count; +#else register long count; +#endif struct stat stbuf; fin = fopen(filename, "r"); if (fin == NULL) { @@ -1524,7 +1532,11 @@ } (void) fclose(fin); +#ifdef HAVE_LONG_LONG + reply(213, "%lld", count); +#else reply(213, "%ld", count); +#endif break;} default: reply(504, "SIZE not implemented for Type %c.", "?AEIL"[type]); Index: src/appl/gssftp/ftpd/ftpd_var.h =================================================================== --- src/appl/gssftp/ftpd/ftpd_var.h (revision 22425) +++ src/appl/gssftp/ftpd/ftpd_var.h (working copy) @@ -41,6 +41,12 @@ char *radix_error (int); int radix_encode (unsigned char *, unsigned char *, int *, int); +#ifdef HAVE_FSEEKO +#define FSEEK(fd, offset, whence) fseeko(fd, (off_t) offset, whence) +#else +#define FSEEK(fd, offset, whence) fseek(fd, (long) offset, whence) +#endif + /* ftpd.c */ void ack(char *); int auth_data(char *); Index: src/appl/gssftp/ftpd/ftpd.c =================================================================== --- src/appl/gssftp/ftpd/ftpd.c (revision 22425) +++ src/appl/gssftp/ftpd/ftpd.c (working copy) @@ -1146,7 +1146,11 @@ done: (*closefunc)(fin); if (logging > 2 && !cmd) - syslog(LOG_NOTICE, "get: %i bytes transferred", byte_count); +#ifdef HAVE_LONG_LONG + syslog(LOG_NOTICE, "get: %lld bytes transferred", (long long) byte_count); +#else + syslog(LOG_NOTICE, "get: %ld bytes transferred", (long) byte_count); +#endif } void @@ -1191,7 +1195,7 @@ * because we are changing from reading to * writing. */ - if (fseek(fout, 0L, L_INCR) < 0) { + if (FSEEK(fout, 0L, L_INCR) < 0) { perror_reply(550, name); goto done; } @@ -1216,7 +1220,11 @@ done: (*closefunc)(fout); if (logging > 2) - syslog(LOG_NOTICE, "put: %i bytes transferred", byte_count); +#ifdef HAVE_LONG_LONG + syslog(LOG_NOTICE, "get: %lld bytes transferred", byte_count); +#else + syslog(LOG_NOTICE, "get: %ld bytes transferred", (long) byte_count); +#endif } FILE * @@ -1278,8 +1286,13 @@ byte_count = 0; if (size != (off_t) -1) /* cast size to long in case sizeof(off_t) > sizeof(long) */ +#ifdef HAVE_LONG_LONG + (void) snprintf (sizebuf, sizeof(sizebuf), " (%lld bytes)", + (long long)size); +#else (void) snprintf (sizebuf, sizeof(sizebuf), " (%ld bytes)", (long)size); +#endif else sizebuf[0] = '\0'; if (pdata >= 0) { @@ -1991,13 +2004,23 @@ siglongjmp(urgcatch, 1); } if (strcmp(cp, "STAT") == 0) { +#ifdef HAVE_LONG_LONG if (file_size != (off_t) -1) + reply(213, "Status: %llu of %llu bytes transferred", + (unsigned long long) byte_count, + (unsigned long long) file_size); + else + reply(213, "Status: %llu bytes transferred", + (unsigned long long) byte_count); +#else + if (file_size != (off_t) -1) reply(213, "Status: %lu of %lu bytes transferred", (unsigned long) byte_count, (unsigned long) file_size); else reply(213, "Status: %lu bytes transferred", (unsigned long) byte_count); +#endif } } Index: src/appl/bsd/configure.in =================================================================== --- src/appl/bsd/configure.in (revision 22425) +++ src/appl/bsd/configure.in (working copy) @@ -51,6 +51,9 @@ AC_TYPE_MODE_T AC_CHECK_FUNCS(isatty inet_aton getenv gettosbyname killpg initgroups setpriority setreuid setresuid waitpid setsid ptsname setlogin tcgetpgrp tcsetpgrp setpgid strsave utimes rmufile rresvport_af) AC_CHECK_HEADERS(unistd.h stdlib.h string.h sys/filio.h sys/sockio.h sys/label.h sys/tty.h ttyent.h lastlog.h sys/select.h sys/ptyvar.h utmp.h sys/time.h sys/ioctl_compat.h paths.h arpa/nameser.h) +AC_SYS_LARGEFILE +AC_FUNC_FSEEKO +AC_CHECK_TYPES([long long]) AC_HEADER_STDARG AC_REPLACE_FUNCS(getdtablesize) dnl Index: src/appl/bsd/krcp.c =================================================================== --- src/appl/bsd/krcp.c (revision 22425) +++ src/appl/bsd/krcp.c (working copy) @@ -764,8 +764,13 @@ continue; } } +#ifdef HAVE_LONG_LONG + (void) snprintf(buf, sizeof(buf), "C%04o %lld %s\n", + (int) stb.st_mode&07777, (long long) stb.st_size, last); +#else (void) snprintf(buf, sizeof(buf), "C%04o %ld %s\n", (int) stb.st_mode&07777, (long ) stb.st_size, last); +#endif (void) rcmd_stream_write(rem, buf, strlen(buf), 0); if (response() < 0) { (void) close(f); From rt-comment at krbdev.mit.edu Wed Jul 8 14:28:03 2009 From: rt-comment at krbdev.mit.edu (" Kimmo R.M.Hovi " via RT) Date: Wed, 8 Jul 2009 18:28:03 +0000 (UTC) Subject: [krbdev.mit.edu #6526] Build problems of krb5-1.7 on AIX 5.3 In-Reply-To: Message-ID: diff -c -r orig/krb5-1.7/src/config/shlib.conf modified/krb5-1.7/src/config/shlib.conf *** orig/krb5-1.7/src/config/shlib.conf 2008-12-09 00:33:07.000000000 +0200 --- modified/krb5-1.7/src/config/shlib.conf 2009-07-07 16:51:37.659010000 +0300 *************** *** 464,470 **** PROFFLAGS=-pg if test "$ac_cv_c_compiler_gnu" = "yes" ; then wl_prefix=-Wl, ! RPATH_FLAG='-Wl,-blibpath:' LDCOMBINE='$(CC) -shared -v -o $@ $$objlist -nostartfiles -Xlinker -bgcbypass:1 -Xlinker -bfilelist -Xlinker -bM:SRE -Xlinker -bE:$(SHLIB_EXPORT_FILE) -Xlinker -bernotok -Xlinker -brtl $(SHLIB_EXPFLAGS) -lc $$initfini' else wl_prefix= --- 464,470 ---- PROFFLAGS=-pg if test "$ac_cv_c_compiler_gnu" = "yes" ; then wl_prefix=-Wl, ! RPATH_FLAG='-Wl,-brtl,-blibpath:' LDCOMBINE='$(CC) -shared -v -o $@ $$objlist -nostartfiles -Xlinker -bgcbypass:1 -Xlinker -bfilelist -Xlinker -bM:SRE -Xlinker -bE:$(SHLIB_EXPORT_FILE) -Xlinker -bernotok -Xlinker -brtl $(SHLIB_EXPFLAGS) -lc $$initfini' else wl_prefix= From rt-comment at krbdev.mit.edu Wed Jul 8 21:54:53 2009 From: rt-comment at krbdev.mit.edu (Tom Yu via RT) Date: Thu, 9 Jul 2009 01:54:53 +0000 (UTC) Subject: [krbdev.mit.edu #5997] SVN Commit In-Reply-To: Message-ID: pull up r20482, r20481 from trunk ------------------------------------------------------------------------ r20482 | raeburn | 2008-06-26 22:51:09 -0400 (Thu, 26 Jun 2008) | 5 lines ticket: 5997 Memory leak, and possible freed-memory dereference, in an error (small allocation failure) path. ------------------------------------------------------------------------ r20481 | raeburn | 2008-06-26 22:47:06 -0400 (Thu, 26 Jun 2008) | 9 lines ticket: new target_version: 1.6.4 subject: misc memory leaks tags: pullup Fix various memory leaks that show up mostly in error cases (e.g., failure to allocate one small object, and then we forget to free another one). http://src.mit.edu/fisheye/changelog/krb5/?cs=22426 Commit By: tlyu Revision: 22426 Changed Files: U branches/krb5-1-6/src/kdc/do_tgs_req.c U branches/krb5-1-6/src/kdc/kdc_util.c U branches/krb5-1-6/src/lib/gssapi/krb5/k5seal.c U branches/krb5-1-6/src/lib/krb5/krb/bld_pr_ext.c U branches/krb5-1-6/src/lib/krb5/krb/get_creds.c U branches/krb5-1-6/src/lib/krb5/krb/get_in_tkt.c U branches/krb5-1-6/src/lib/krb5/krb/gic_opt.c U branches/krb5-1-6/src/lib/krb5/krb/init_ctx.c U branches/krb5-1-6/src/lib/krb5/os/an_to_ln.c U branches/krb5-1-6/src/lib/rpc/auth_gss.c U branches/krb5-1-6/src/plugins/kdb/db2/adb_policy.c From rt-comment at krbdev.mit.edu Wed Jul 8 21:59:04 2009 From: rt-comment at krbdev.mit.edu (Tom Yu via RT) Date: Thu, 9 Jul 2009 01:59:04 +0000 (UTC) Subject: [krbdev.mit.edu #5998] SVN Commit In-Reply-To: Message-ID: pull up r20485 from trunk ------------------------------------------------------------------------ r20485 | raeburn | 2008-06-26 23:33:14 -0400 (Thu, 26 Jun 2008) | 8 lines ticket: new target_version: 1.6.4 tags: pullup subject: use-after-free bugs Fix some bugs with storage being used immediately after being freed. None look like anything an attacker can really manipulate AFAICT. http://src.mit.edu/fisheye/changelog/krb5/?cs=22427 Commit By: tlyu Revision: 22427 Changed Files: U branches/krb5-1-6/src/kadmin/server/server_stubs.c U branches/krb5-1-6/src/kdc/network.c U branches/krb5-1-6/src/lib/krb5/krb/mk_cred.c U branches/krb5-1-6/src/slave/kprop.c From rt-comment at krbdev.mit.edu Wed Jul 8 21:59:10 2009 From: rt-comment at krbdev.mit.edu (Tom Yu via RT) Date: Thu, 9 Jul 2009 01:59:10 +0000 (UTC) Subject: [krbdev.mit.edu #6053] SVN Commit In-Reply-To: Message-ID: pull up r20580 from trunk ------------------------------------------------------------------------ r20580 | raeburn | 2008-07-25 15:19:06 -0400 (Fri, 25 Jul 2008) | 8 lines ticket: new target_version: 1.6.4 tags: pullup subject: fix possible uninit variable use in error path Clear gss_client and gss_target before any possible branch to 'error', where they can be used. http://src.mit.edu/fisheye/changelog/krb5/?cs=22428 Commit By: tlyu Revision: 22428 Changed Files: U branches/krb5-1-6/src/lib/kadm5/clnt/client_init.c From rt-comment at krbdev.mit.edu Thu Jul 9 14:12:33 2009 From: rt-comment at krbdev.mit.edu (Tom Yu via RT) Date: Thu, 9 Jul 2009 18:12:33 +0000 (UTC) Subject: [krbdev.mit.edu #6064] SVN Commit In-Reply-To: Message-ID: pull up r20608 from trunk ------------------------------------------------------------------------ r20608 | raeburn | 2008-08-05 20:05:47 -0400 (Tue, 05 Aug 2008) | 9 lines ticket: new subject: fix cleanup code in allocating preauth info target_version: 1.6.4 tags: pullup After an allocation failure, free up the previously allocated array elements by counting back down to zero, not continuing to count up until we hit zero. http://src.mit.edu/fisheye/changelog/krb5/?cs=22429 Commit By: tlyu Revision: 22429 Changed Files: U branches/krb5-1-6/src/lib/krb5/krb/get_in_tkt.c From rt-comment at krbdev.mit.edu Thu Jul 9 17:49:36 2009 From: rt-comment at krbdev.mit.edu (Tom Yu via RT) Date: Thu, 9 Jul 2009 21:49:36 +0000 (UTC) Subject: [krbdev.mit.edu #6527] test mail feed In-Reply-To: Message-ID: testing the mail feed again From rt-comment at krbdev.mit.edu Thu Jul 9 18:01:31 2009 From: rt-comment at krbdev.mit.edu (Tom Yu via RT) Date: Thu, 9 Jul 2009 22:01:31 +0000 (UTC) Subject: [krbdev.mit.edu #6528] testing mail feed again In-Reply-To: Message-ID: testing mail feed again - please ignore From rt-comment at krbdev.mit.edu Fri Jul 10 15:20:27 2009 From: rt-comment at krbdev.mit.edu (Tom Yu via RT) Date: Fri, 10 Jul 2009 19:20:27 +0000 (UTC) Subject: [krbdev.mit.edu #1233] SVN Commit In-Reply-To: Message-ID: Add a new '-W' option to kadmind and kdb5_util create to allow reading weak random numbers on startup, to avoid long delays in testing situations. Use only for testing. Update testing scripts accordingly. http://src.mit.edu/fisheye/changelog/krb5/?cs=22434 Commit By: tlyu Revision: 22434 Changed Files: U trunk/src/kadmin/dbutil/kdb5_create.c U trunk/src/kadmin/server/ovsec_kadmd.c U trunk/src/kadmin/testing/scripts/start_servers_local U trunk/src/tests/dejagnu/config/default.exp From rt-comment at krbdev.mit.edu Fri Jul 10 15:46:21 2009 From: rt-comment at krbdev.mit.edu (Tom Yu via RT) Date: Fri, 10 Jul 2009 19:46:21 +0000 (UTC) Subject: [krbdev.mit.edu #6530] SVN Commit In-Reply-To: Message-ID: Add a check for a slogin message that indicates an unknown public key fingerprint, as rlogin looks like it points to slogin by default on Debian Lenny. http://src.mit.edu/fisheye/changelog/krb5/?cs=22435 Commit By: tlyu Revision: 22435 Changed Files: U trunk/src/tests/dejagnu/config/default.exp From rt-comment at krbdev.mit.edu Thu Jul 16 17:28:12 2009 From: rt-comment at krbdev.mit.edu (Tom Yu via RT) Date: Thu, 16 Jul 2009 21:28:12 +0000 (UTC) Subject: [krbdev.mit.edu #6433] Ticket 5995 (r20586) broke ticket acquistion on Microsoft Windows In-Reply-To: Message-ID: This should be a pullup of r20479 (ticket #5925). References updated accordingly. From rt-comment at krbdev.mit.edu Thu Jul 16 17:52:32 2009 From: rt-comment at krbdev.mit.edu (Tom Yu via RT) Date: Thu, 16 Jul 2009 21:52:32 +0000 (UTC) Subject: [krbdev.mit.edu #6433] SVN Commit In-Reply-To: Message-ID: pull up r20479 from trunk. The ticket numbers don't match because reported on the 1.6 branch. ------------------------------------------------------------------------ r20479 | raeburn | 2008-06-26 20:31:59 -0400 (Thu, 26 Jun 2008) | 8 lines ticket: 5925 status: open Don't do FD_SETSIZE check on Windows. Also, for form's sake, use closesocket instead of close inside the check. Kevin or Jeff, could you please verify that the code works again? http://src.mit.edu/fisheye/changelog/krb5/?cs=22442 Commit By: tlyu Revision: 22442 Changed Files: U branches/krb5-1-6/src/lib/krb5/os/sendto_kdc.c From rt-comment at krbdev.mit.edu Thu Jul 16 21:36:00 2009 From: rt-comment at krbdev.mit.edu (Tom Yu via RT) Date: Fri, 17 Jul 2009 01:36:00 +0000 (UTC) Subject: [krbdev.mit.edu #6531] SVN Commit In-Reply-To: Message-ID: gssftp/ftp/cmds.c had a preprocessor conditional on HAVE_STDLIB_H that will not evaluate correctly on WIN32 unless win-mac.h is included first. http://src.mit.edu/fisheye/changelog/krb5/?cs=22443 Commit By: tlyu Revision: 22443 Changed Files: U trunk/src/appl/gssftp/ftp/cmds.c From rt-comment at krbdev.mit.edu Thu Jul 16 21:38:00 2009 From: rt-comment at krbdev.mit.edu (Tom Yu via RT) Date: Fri, 17 Jul 2009 01:38:00 +0000 (UTC) Subject: [krbdev.mit.edu #6532] (1.7.x) include win-mac.h in gssftp/ftp/cmds.c for HAVE_STDLIB_H In-Reply-To: Message-ID: Pull up r22443 (ticket #6531) for the krb5-1-7 branch. From rt-comment at krbdev.mit.edu Thu Jul 16 21:49:24 2009 From: rt-comment at krbdev.mit.edu (Tom Yu via RT) Date: Fri, 17 Jul 2009 01:49:24 +0000 (UTC) Subject: [krbdev.mit.edu #6531] SVN commit In-Reply-To: Message-ID: http://src.mit.edu/fisheye/changelog/krb5/?cs=22444 Commit By: tlyu Log Message: ticket; 6531 version_fixed: 1.6.4 pull up r22443 from trunk ------------------------------------------------------------------------ r22443 | tlyu | 2009-07-16 21:35:58 -0400 (Thu, 16 Jul 2009) | 8 lines ticket: 6531 target_version: 1.6.4 tags: pullup subject: include win-mac.h in gssftp/ftp/cmds.c for HAVE_STDLIB_H gssftp/ftp/cmds.c had a preprocessor conditional on HAVE_STDLIB_H that will not evaluate correctly on WIN32 unless win-mac.h is included first. Changed Files: U branches/krb5-1-6/src/appl/gssftp/ftp/cmds.c From rt-comment at krbdev.mit.edu Tue Jul 21 15:53:29 2009 From: rt-comment at krbdev.mit.edu (The RT System itself via RT) Date: Tue, 21 Jul 2009 19:53:29 +0000 (UTC) Subject: [krbdev.mit.edu #6533] krb5-1.7 cannot be compiled on Debian stable (5.0.2) In-Reply-To: Message-ID: >From krb5-bugs-incoming-bounces at PCH.mit.edu Tue Jul 21 19:53:28 2009 Return-Path: Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (Postfix) with ESMTP id 4CE7CCCA01; Tue, 21 Jul 2009 19:53:28 +0000 (UTC) Received: from pch.mit.edu (pch.mit.edu [127.0.0.1]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id n6LJrSDD011097; Tue, 21 Jul 2009 15:53:28 -0400 Received: from pacific-carrier-annex.mit.edu (PACIFIC-CARRIER-ANNEX.MIT.EDU [18.7.21.83]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id n6LHvixM015471 for ; Tue, 21 Jul 2009 13:57:44 -0400 Received: from mit.edu (M24-004-BARRACUDA-2.MIT.EDU [18.7.7.112]) by pacific-carrier-annex.mit.edu (8.13.6/8.9.2) with ESMTP id n6LHvZ5X004546 for ; Tue, 21 Jul 2009 13:57:35 -0400 (EDT) Received: from mss-uk.mssgmbh.com (localhost [127.0.0.1]) by mit.edu (Spam Firewall) with ESMTP id C85A22450A32 for ; Tue, 21 Jul 2009 13:57:34 -0400 (EDT) Received: from mss-uk.mssgmbh.com (mss-uk.mssgmbh.com [217.174.251.109]) by mit.edu with ESMTP id elMEnLSbLOOC3qUW (version=TLSv1 cipher=AES256-SHA bits=256 verify=NO) for ; Tue, 21 Jul 2009 13:57:34 -0400 (EDT) Received: from fever.mssgmbh.com ([217.111.56.3]) (authenticated bits=0) by mss-uk.mssgmbh.com (8.13.5.20060308/8.13.5/Debian-3ubuntu1) with ESMTP id n6LHvVK6017447 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 21 Jul 2009 19:57:33 +0200 Received: from fever.mssgmbh.com (localhost [127.0.0.1]) by fever.mssgmbh.com (8.14.3/8.13.8/Debian-3) with ESMTP id n6LHvQd2023040 for ; Tue, 21 Jul 2009 19:57:26 +0200 Received: (from rw at localhost) by fever.mssgmbh.com (8.14.3/8.13.4/Submit) id n6LHvQI7023037; Tue, 21 Jul 2009 19:57:26 +0200 Date: Tue, 21 Jul 2009 19:57:26 +0200 Message-Id: <200907211757.n6LHvQI7023037 at fever.mssgmbh.com> To: krb5-bugs at mit.edu Subject: From: rweikusat at mssgmbh.com X-send-pr-version: 3.99 X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (mss-uk.mssgmbh.com [217.174.251.109]); Tue, 21 Jul 2009 19:57:33 +0200 (CEST) X-Spam-Score: 2.278 X-Spam-Level: ** (2.278) X-Spam-Flag: NO X-Scanned-By: MIMEDefang 2.42 X-Mailman-Approved-At: Tue, 21 Jul 2009 15:53:26 -0400 X-BeenThere: krb5-bugs-incoming at mailman.mit.edu X-Mailman-Version: 2.1.6 Precedence: list Reply-To: rweikusat at mssgmbh.com Sender: krb5-bugs-incoming-bounces at PCH.mit.edu Errors-To: krb5-bugs-incoming-bounces at PCH.mit.edu >Submitter-Id: net >Originator: Rainer Weikusat >Organization: MadPartners LTD. >Confidential: no >Synopsis: krb5-1.7 cannot be compiled on Debian stable (5.0.2) >Severity: non-critical >Priority: medium >Category: krb5-libs >Class: sw-bug >Release: 1.7 >Environment: System: Linux fever 2.6.30 #2 SMP Thu Jun 18 19:35:55 CEST 2009 i686 GNU/Linux >Description: The Kerberos 5 1.7 release cannot be compiled on either Ubuntu 6.06 or Debian 5.0.2 because the assert-macros is used in various files without its definition having been included, eg + gcc -shared -fPIC -Wl,-h,libkrb5support.so.0,--no-undefined -o libkrb5support.so.0.1 threads.so init-addrinfo.so plugins.so errors.so k5buf.so gmt_mktime.so fake-addrinfo.so utf8.so utf8_conv.so strlcpy.so -Wl,-R/usr/local/pmg-krb5/stow/krb5-1.7/lib -lresolv -ldl -Wl,--version-script binutils.versions utf8_conv.so: In function `k5_utf8s_to_ucs2s':/home/rw/build/krb/build/src/util/support/utf8_conv.c:120: undefined reference to `assert' collect2: ld returned 1 exit status make[2]: *** [libkrb5support.so.0.1] Error 1 >How-To-Repeat: >Fix: A possible fix: diff -pru krb5-1.7/src/include/k5-platform.h krb5-1.7.patched/src/include/k5-platform.h --- krb5-1.7/src/include/k5-platform.h 2009-02-18 19:18:21.000000000 +0100 +++ krb5-1.7.patched/src/include/k5-platform.h 2009-07-21 19:42:47.000000000 +0200 @@ -42,6 +42,7 @@ #define K5_PLATFORM_H #include "autoconf.h" +#include #include #include #include From rt-comment at krbdev.mit.edu Tue Jul 21 15:53:29 2009 From: rt-comment at krbdev.mit.edu (The RT System itself via RT) Date: Tue, 21 Jul 2009 19:53:29 +0000 (UTC) Subject: [krbdev.mit.edu #6534] getaddrinfo in src/util/support/fake-addrinfo.c causes leak In-Reply-To: Message-ID: >From krb5-bugs-incoming-bounces at PCH.mit.edu Tue Jul 21 19:53:29 2009 Return-Path: Received: from pch.mit.edu (PCH.MIT.EDU [18.7.21.90]) by krbdev.mit.edu (Postfix) with ESMTP id 1888ACCA05; Tue, 21 Jul 2009 19:53:29 +0000 (UTC) Received: from pch.mit.edu (pch.mit.edu [127.0.0.1]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id n6LJrSw2011109; Tue, 21 Jul 2009 15:53:29 -0400 Received: from fort-point-station.mit.edu (FORT-POINT-STATION.MIT.EDU [18.7.7.76]) by pch.mit.edu (8.13.6/8.12.8) with ESMTP id n6LHcPVk006251 for ; Tue, 21 Jul 2009 13:38:25 -0400 Received: from mit.edu (W92-130-BARRACUDA-2.MIT.EDU [18.7.21.223]) by fort-point-station.mit.edu (8.13.6/8.9.2) with ESMTP id n6LHcGVf008229 for ; Tue, 21 Jul 2009 13:38:16 -0400 (EDT) Received: from mss-uk.mssgmbh.com (localhost [127.0.0.1]) by mit.edu (Spam Firewall) with ESMTP id A6BDE5F24B9 for ; Tue, 21 Jul 2009 13:38:11 -0400 (EDT) Received: from mss-uk.mssgmbh.com (mss-uk.mssgmbh.com [217.174.251.109]) by mit.edu with ESMTP id lQnq33eOzhW3cCby (version=TLSv1 cipher=AES256-SHA bits=256 verify=NO) for ; Tue, 21 Jul 2009 13:38:11 -0400 (EDT) Received: from fever.mssgmbh.com ([217.111.56.3]) (authenticated bits=0) by mss-uk.mssgmbh.com (8.13.5.20060308/8.13.5/Debian-3ubuntu1) with ESMTP id n6LHc8Cp016018 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 21 Jul 2009 19:38:09 +0200 Received: from fever.mssgmbh.com (localhost [127.0.0.1]) by fever.mssgmbh.com (8.14.3/8.13.8/Debian-3) with ESMTP id n6LHc3BS022956 for ; Tue, 21 Jul 2009 19:38:03 +0200 Received: (from rw at localhost) by fever.mssgmbh.com (8.14.3/8.13.4/Submit) id n6LHc2df022953; Tue, 21 Jul 2009 19:38:02 +0200 Date: Tue, 21 Jul 2009 19:38:02 +0200 Message-Id: <200907211738.n6LHc2df022953 at fever.mssgmbh.com> To: krb5-bugs at mit.edu Subject: From: rweikusat at mssgmbh.com X-send-pr-version: 3.99 X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (mss-uk.mssgmbh.com [217.174.251.109]); Tue, 21 Jul 2009 19:38:10 +0200 (CEST) X-Spam-Score: 4.137 X-Spam-Level: **** (4.137) X-Spam-Flag: NO X-Scanned-By: MIMEDefang 2.42 X-Mailman-Approved-At: Tue, 21 Jul 2009 15:53:26 -0400 X-BeenThere: krb5-bugs-incoming at mailman.mit.edu X-Mailman-Version: 2.1.6 Precedence: list Reply-To: rweikusat at mssgmbh.com Sender: krb5-bugs-incoming-bounces at PCH.mit.edu Errors-To: krb5-bugs-incoming-bounces at PCH.mit.edu >Submitter-Id: net >Originator: Rainer Weikusat >Organization: MadPartners LTD >Confidential: no >Synopsis: getaddrinfo in src/util/support/fake-addrinfo.c causes leak >Severity: non-critical >Priority: medium >Category: krb5-libs >Class: sw-bug >Release: 1.7 >Environment: System: Linux fever 2.6.30 #2 SMP Thu Jun 18 19:35:55 CEST 2009 i686 GNU/Linux >Description: The function whose name was given in the synopsis contains a workaround for a history problem with the glibc getaddrinfo: Linux libc version 6 (libc-2.2.4.so on Debian) is broken. [...] The glibc 2.2.5 sources indicate that the canonical name is *not* allocated separately, it's just some extra storage tacked on the end of the addrinfo structure. So, let's try this approach: If getaddrinfo sets ai_canonname, we'll replace the *first* one with allocated storage, This issue was fixed by Ulrich Drepper on 2004/08/17, cf http://sourceware.org/git/?p=glibc.git;a=commit;f=ChangeLog;h=b93437642453ab93f7da79a15ca29cc66048e828 which implies that the ai_canonname-member has been allocated via strdup at least since glibc release 2.3.4. The workaround mentionedc above overwrites this allocated name with a newly allocated one, causing a memory leak. >How-To-Repeat: use krb5_sname_to_princiapal >Fix: A somewhat crude way to fix this issues is provided by the patch below (the warning is there because I didn't find the patchlevel anywhere in the glibc includes, but need this for 2.3.6) diff -pru krb5-1.7.orig/src/util/support/fake-addrinfo.c krb5-1.7/src/util/support/fake-addrinfo.c --- krb5-1.7.orig/src/util/support/fake-addrinfo.c 2008-12-01 18:09:59.000000000 +0100 +++ krb5-1.7/src/util/support/fake-addrinfo.c 2009-07-21 19:19:16.000000000 +0200 @@ -140,7 +140,13 @@ extern /*@dependent@*/ char *gai_strerro #endif #if defined (__linux__) && defined(HAVE_GETADDRINFO) +#ifdef __GLIBC_MINOR__ +#if __GLIBC_MINOR__ < 3 # define COPY_FIRST_CANONNAME +#elif __GLIBC_MINOR__ == 3 +#warning GLIBC 2.3 < 2.3.4 needs COPY_FIRST_CANONNAME +#endif +#endif #endif #ifdef _AIX From rt-comment at krbdev.mit.edu Wed Jul 22 14:55:21 2009 From: rt-comment at krbdev.mit.edu (Tom Yu via RT) Date: Wed, 22 Jul 2009 18:55:21 +0000 (UTC) Subject: [krbdev.mit.edu #6535] SVN Commit In-Reply-To: Message-ID: This is a jumbo pullup of multiple KfW-related changes. The are primarily build system fixes, including changes to enable building on amd64. Included are some changes from branches/kpkoch-ccapi that have not yet been merged to the trunk. Relevant RT ticket numbers include: 5817 5819 6007 http://src.mit.edu/fisheye/changelog/krb5/?cs=22445 Commit By: tlyu Revision: 22445 Changed Files: U branches/krb5-1-6/src/config/win-pre.in U branches/krb5-1-6/src/patchlevel.h U branches/krb5-1-6/src/windows/Makefile.in U branches/krb5-1-6/src/windows/build/BKWconfig.xml U branches/krb5-1-6/src/windows/build/bkw-automation.html U branches/krb5-1-6/src/windows/build/bkw.pl U branches/krb5-1-6/src/windows/build/copyfiles.pl U branches/krb5-1-6/src/windows/build/copyfiles.xml U branches/krb5-1-6/src/windows/build/corebinaryfiles.xml U branches/krb5-1-6/src/windows/build/sdkfiles.xml U branches/krb5-1-6/src/windows/identity/Makefile U branches/krb5-1-6/src/windows/identity/nidmgrdll/Makefile U branches/krb5-1-6/src/windows/identity/nidmgrdll/Makefile.w2k U branches/krb5-1-6/src/windows/identity/plugins/krb5/Makefile U branches/krb5-1-6/src/windows/identity/ui/Makefile U branches/krb5-1-6/src/windows/identity/ui/Makefile.w2k U branches/krb5-1-6/src/windows/installer/nsis/kfw-fixed.nsi U branches/krb5-1-6/src/windows/installer/nsis/nsi-includes-tagged.nsi U branches/krb5-1-6/src/windows/installer/nsis/site-local-tagged.nsi U branches/krb5-1-6/src/windows/installer/wix/custom/custom.cpp U branches/krb5-1-6/src/windows/installer/wix/features.wxi U branches/krb5-1-6/src/windows/installer/wix/files.wxi U branches/krb5-1-6/src/windows/installer/wix/platform.wxi U branches/krb5-1-6/src/windows/installer/wix/site-local-tagged.wxi U branches/krb5-1-6/src/windows/winlevel.h From rt-comment at krbdev.mit.edu Thu Jul 23 13:34:36 2009 From: rt-comment at krbdev.mit.edu (Tom Yu via RT) Date: Thu, 23 Jul 2009 17:34:36 +0000 (UTC) Subject: [krbdev.mit.edu #6535] SVN Commit In-Reply-To: Message-ID: Add files omitted from previous commit. (r22445) Revert accidental commit of default option values in BKWconfig.xml. http://src.mit.edu/fisheye/changelog/krb5/?cs=22449 Commit By: tlyu Revision: 22449 Changed Files: U branches/krb5-1-6/src/windows/build/BKWconfig.xml U branches/krb5-1-6/src/windows/build/bkw.pl A branches/krb5-1-6/src/windows/installer/nsis/kfw-fixed-tagged.nsi A branches/krb5-1-6/src/windows/ntsecapitest.c A branches/krb5-1-6/src/windows/ntsecapitest.pl From rt-comment at krbdev.mit.edu Thu Jul 23 13:55:05 2009 From: rt-comment at krbdev.mit.edu (Tom Yu via RT) Date: Thu, 23 Jul 2009 17:55:05 +0000 (UTC) Subject: [krbdev.mit.edu #6535] SVN Commit In-Reply-To: Message-ID: set eol-style properties http://src.mit.edu/fisheye/changelog/krb5/?cs=22450 Commit By: tlyu Revision: 22450 Changed Files: UU branches/krb5-1-6/src/windows/installer/nsis/kfw-fixed-tagged.nsi _U branches/krb5-1-6/src/windows/ntsecapitest.c _U branches/krb5-1-6/src/windows/ntsecapitest.pl From rt-comment at krbdev.mit.edu Fri Jul 24 14:22:00 2009 From: rt-comment at krbdev.mit.edu (Tom Yu via RT) Date: Fri, 24 Jul 2009 18:22:00 +0000 (UTC) Subject: [krbdev.mit.edu #6536] SVN Commit In-Reply-To: Message-ID: pull up r21902, r21917, r21918, r21919 to improve C++ compatibility and to enable Windows compilation. ------------------------------------------------------------------------ r21919 | raeburn | 2009-02-09 11:36:09 -0500 (Mon, 09 Feb 2009) | 3 lines Check C++ compatibility for some internal headers that may (now or in the future) be used in C++ code on Windows. ------------------------------------------------------------------------ r21918 | raeburn | 2009-02-09 11:35:01 -0500 (Mon, 09 Feb 2009) | 3 lines More C++ compatibility: Don't use "typedef struct tag *tag"; rename the tag and keep the same typedefname. ------------------------------------------------------------------------ r21917 | raeburn | 2009-02-09 11:28:29 -0500 (Mon, 09 Feb 2009) | 3 lines C++ compatibility fix -- g++ says "types may not be defined in casts", so do the gcc unaligned-struct trick only for C, not C++. ------------------------------------------------------------------------ r21902 | raeburn | 2009-02-05 16:56:21 -0500 (Thu, 05 Feb 2009) | 2 lines use casts, for c++ compilation on windows http://src.mit.edu/fisheye/changelog/krb5/?cs=22455 Commit By: tlyu Revision: 22455 Changed Files: U branches/krb5-1-7/src/include/k5-int.h U branches/krb5-1-7/src/include/k5-ipc_stream.h U branches/krb5-1-7/src/include/k5-platform.h U branches/krb5-1-7/src/tests/misc/Makefile.in A branches/krb5-1-7/src/tests/misc/test_cxx_k5int.cpp U branches/krb5-1-7/src/util/support/ipc_stream.c From rt-comment at krbdev.mit.edu Sat Jul 25 12:05:18 2009 From: rt-comment at krbdev.mit.edu (Sam Hartman via RT) Date: Sat, 25 Jul 2009 16:05:18 +0000 (UTC) Subject: [krbdev.mit.edu #6537] Please provide a way for administrators to determine the KDC of a realm In-Reply-To: Message-ID: I am trying to resolve an instance where Samba 3 uses an internal MIT symbol. They want to provide a way for administrators to find out what the KDCs of a given realm are. This ends up being useful in debugging. Jelmer agrees that Samba should not provide that functionality: it is a Kerberos matter. However, we both believe that you want a way to get that info. It would be nice if MIT and Heimdal had a similar or identical command line interface to get this information. From rt-comment at krbdev.mit.edu Sun Jul 26 03:32:12 2009 From: rt-comment at krbdev.mit.edu (Ken Raeburn via RT) Date: Sun, 26 Jul 2009 07:32:12 +0000 (UTC) Subject: [krbdev.mit.edu #1620] should have option to randomize salt at pw change In-Reply-To: Message-ID: See also http://k5wiki.kerberos.org/wiki/Projects/Random_Salt_Generation for a more detailed proposal and some analysis. From rt-comment at krbdev.mit.edu Wed Jul 29 12:10:36 2009 From: rt-comment at krbdev.mit.edu (Greg Hudson via RT) Date: Wed, 29 Jul 2009 16:10:36 +0000 (UTC) Subject: [krbdev.mit.edu #6539] SVN Commit In-Reply-To: Message-ID: In the processing code for enctype lists, add support for "DEFAULT" to indicate the default list, for families (des/des3/aes/rc4), and for removing entries from the current list (-foo). Also add unit tests and document. http://src.mit.edu/fisheye/changelog/krb5/?cs=22469 Commit By: ghudson Revision: 22469 Changed Files: U trunk/doc/admin.texinfo U trunk/doc/support-enc.texinfo U trunk/src/include/k5-int.h U trunk/src/lib/krb5/krb/Makefile.in U trunk/src/lib/krb5/krb/init_ctx.c A trunk/src/lib/krb5/krb/t_etypes.c From rt-comment at krbdev.mit.edu Wed Jul 29 21:07:04 2009 From: rt-comment at krbdev.mit.edu (Ezra Peisach via RT) Date: Thu, 30 Jul 2009 01:07:04 +0000 (UTC) Subject: [krbdev.mit.edu #6539] SVN Commit In-Reply-To: Message-ID: Fix memory leak by release context at end of test code. http://src.mit.edu/fisheye/changelog/krb5/?cs=22470 Commit By: epeisach Revision: 22470 Changed Files: U trunk/src/lib/krb5/krb/t_etypes.c From rt-comment at krbdev.mit.edu Thu Jul 30 13:12:21 2009 From: rt-comment at krbdev.mit.edu (Ezra Peisach via RT) Date: Thu, 30 Jul 2009 17:12:21 +0000 (UTC) Subject: [krbdev.mit.edu #6540] SVN Commit In-Reply-To: Message-ID: Free the krb5_context at the end to release memory. http://src.mit.edu/fisheye/changelog/krb5/?cs=22473 Commit By: epeisach Revision: 22473 Changed Files: U trunk/src/lib/krb5/krb/t_authdata.c From rt-comment at krbdev.mit.edu Thu Jul 30 13:22:30 2009 From: rt-comment at krbdev.mit.edu (Ezra Peisach via RT) Date: Thu, 30 Jul 2009 17:22:30 +0000 (UTC) Subject: [krbdev.mit.edu #6541] SVN Commit In-Reply-To: Message-ID: k5_pac_verify_server_checksum was leaking memory when the checksum was valid. t_pac.c: Fix memory leak by forgetting to release memory. http://src.mit.edu/fisheye/changelog/krb5/?cs=22474 Commit By: epeisach Revision: 22474 Changed Files: U trunk/src/lib/krb5/krb/pac.c U trunk/src/lib/krb5/krb/t_pac.c From rt-comment at krbdev.mit.edu Thu Jul 30 15:06:38 2009 From: rt-comment at krbdev.mit.edu (Greg Hudson via RT) Date: Thu, 30 Jul 2009 19:06:38 +0000 (UTC) Subject: [krbdev.mit.edu #6533] SVN Commit In-Reply-To: Message-ID: Include in k5-platform.h, since we use assertions in some of the macros defined there, as well as in many source files which do not themselves include . Report and fix by Rainer Weikusat. http://src.mit.edu/fisheye/changelog/krb5/?cs=22475 Commit By: ghudson Revision: 22475 Changed Files: U trunk/src/include/k5-platform.h