From noreply at github.com Sat Feb 6 00:24:32 2016 From: noreply at github.com (GitHub) Date: Fri, 05 Feb 2016 15:24:32 -0800 Subject: [Heimdal-source-changes] [heimdal/heimdal] 6b5933: Fix parallel build Message-ID: <56b52f306f964_e5d3ffaf53072a0204880@hookshot-fe2-cp1-prd.iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: 6b5933337bc9967968713276ef47cc1444b99eee https://github.com/heimdal/heimdal/commit/6b5933337bc9967968713276ef47cc1444b99eee Author: Brian May Date: 2016-02-05 (Fri, 05 Feb 2016) Changed paths: M kdc/Makefile.am Log Message: ----------- Fix parallel build Fix problem due to missing makefile dependency on a generated file. See http://bugs.debian.org/800728 for details Signed-off-by: Nicolas Williams From noreply at github.com Sat Feb 6 01:54:26 2016 From: noreply at github.com (GitHub) Date: Fri, 05 Feb 2016 16:54:26 -0800 Subject: [Heimdal-source-changes] [heimdal/heimdal] 33ce59: gss_wrap/gss_unwrap_aead implementation Message-ID: <56b544421263c_12793fbf592712a087797@hookshot-fe6-cp1-prd.iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: 33ce593b6df4fda9f17fb7e2f69eea36143a09c0 https://github.com/heimdal/heimdal/commit/33ce593b6df4fda9f17fb7e2f69eea36143a09c0 Author: Luke Howard Date: 2016-02-05 (Fri, 05 Feb 2016) Changed paths: M lib/gssapi/gssapi/gssapi.h M lib/gssapi/libgssapi-exports.def M lib/gssapi/mech/gss_aeap.c M lib/gssapi/test_context.c M lib/gssapi/version-script.map Log Message: ----------- gss_wrap/gss_unwrap_aead implementation Signed-off-by: Nicolas Williams From noreply at github.com Fri Feb 26 08:05:49 2016 From: noreply at github.com (GitHub) Date: Thu, 25 Feb 2016 23:05:49 -0800 Subject: [Heimdal-source-changes] [heimdal/heimdal] ec2204: Use volatile to keep ct_memcmp() ct Message-ID: <56cff94d52a0a_21503fc0746a72b844873@hookshot-fe1-cp1-prd.iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: ec2204f435c7a37b3a40430a3964d86120e1b385 https://github.com/heimdal/heimdal/commit/ec2204f435c7a37b3a40430a3964d86120e1b385 Author: Nicolas Williams Date: 2016-02-16 (Tue, 16 Feb 2016) Changed paths: M lib/roken/ct.c M lib/roken/roken-common.h Log Message: ----------- Use volatile to keep ct_memcmp() ct Commit: e4b61df46f860e99cb9c5b244999ec0afee00566 https://github.com/heimdal/heimdal/commit/e4b61df46f860e99cb9c5b244999ec0afee00566 Author: Nicolas Williams Date: 2016-02-16 (Tue, 16 Feb 2016) Changed paths: M lib/roken/parse_time-test.c Log Message: ----------- Test parse_time() with minutes Commit: b1af99aa818e0b717c4d3f5b84a52d3e0dbf5c4f https://github.com/heimdal/heimdal/commit/b1af99aa818e0b717c4d3f5b84a52d3e0dbf5c4f Author: Nicolas Williams Date: 2016-02-16 (Tue, 16 Feb 2016) Changed paths: M lib/kadm5/set_keys.c Log Message: ----------- Fix memleak in lib/kadm5/set_keys.c Commit: 76965a2a14e6c0bf8085a0cece8fd74b89618af3 https://github.com/heimdal/heimdal/commit/76965a2a14e6c0bf8085a0cece8fd74b89618af3 Author: Nicolas Williams Date: 2016-02-16 (Tue, 16 Feb 2016) Changed paths: M lib/hdb/ext.c M lib/hdb/keys.c M lib/kadm5/chpass_s.c M lib/kadm5/modify_s.c M lib/kadm5/randkey_s.c M lib/kadm5/set_keys.c Log Message: ----------- Add missing initialization of mandatory Commit: 0271b171e5331f0f562319b887f5f0b058ecc9b4 https://github.com/heimdal/heimdal/commit/0271b171e5331f0f562319b887f5f0b058ecc9b4 Author: Nicolas Williams Date: 2016-02-16 (Tue, 16 Feb 2016) Changed paths: M cf/roken-frag.m4 M lib/roken/bswap.c M lib/roken/roken.h.in M lib/roken/version-script.map Log Message: ----------- Add bswap64() Commit: 996d4c5db3c8aee10b7496591db13f52a575cef5 https://github.com/heimdal/heimdal/commit/996d4c5db3c8aee10b7496591db13f52a575cef5 Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M lib/krb5/libkrb5-exports.def.in M lib/krb5/store-int.c M lib/krb5/store.c M lib/krb5/version-script.map Log Message: ----------- Add krb5_ret/store_[u]int64() Commit: abafa0a0a0f95054e92b7f8602a8cae7ea8e3b6c https://github.com/heimdal/heimdal/commit/abafa0a0a0f95054e92b7f8602a8cae7ea8e3b6c Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M lib/krb5/store_fd.c M lib/krb5/store_sock.c Log Message: ----------- krb5_storage_free(): preserve errno Commit: 96859fe687aefc3cf0005fb57d565fd86c651606 https://github.com/heimdal/heimdal/commit/96859fe687aefc3cf0005fb57d565fd86c651606 Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M cf/maybe-valgrind.sh Log Message: ----------- maybe-valgrind.sh: don't --trace-children=yes Commit: d1fcf3dc67abe048e1bf8e92e0b7c40886fdc1bd https://github.com/heimdal/heimdal/commit/d1fcf3dc67abe048e1bf8e92e0b7c40886fdc1bd Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M lib/kadm5/ipropd_master.c Log Message: ----------- ipropd_master: fix dump bug Commit: 5ee7209f6e9541e17dc9040d4140a4246bfdd7ee https://github.com/heimdal/heimdal/commit/5ee7209f6e9541e17dc9040d4140a4246bfdd7ee Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M kadmin/init.c Log Message: ----------- kadmin init: init iprop log Commit: 7df165003a1764a3fa53cce49ac2b3cbc842ed08 https://github.com/heimdal/heimdal/commit/7df165003a1764a3fa53cce49ac2b3cbc842ed08 Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M lib/kadm5/iprop-log.c Log Message: ----------- Fix iprop-log dump leak Commit: fbc87e46fd73201676ea9f90f99a44e8dd6b0e6a https://github.com/heimdal/heimdal/commit/fbc87e46fd73201676ea9f90f99a44e8dd6b0e6a Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M lib/hdb/hdb-sqlite.c Log Message: ----------- Fix sqlite HDB backend init bug Commit: 76c26281a708f6de31725db239368fd99b075cf6 https://github.com/heimdal/heimdal/commit/76c26281a708f6de31725db239368fd99b075cf6 Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M lib/hdb/hdb-sqlite.c Log Message: ----------- Fix sqlite HDB backend SQLITE_BUSY bug Commit: c6f24e99f099f39710671b6eecc25478508b4014 https://github.com/heimdal/heimdal/commit/c6f24e99f099f39710671b6eecc25478508b4014 Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M appl/login/Makefile.am M cf/db.m4 M kadmin/Makefile.am M kdc/Makefile.am M kpasswd/Makefile.am M lib/hdb/Makefile.am M lib/hdb/db.c M lib/hdb/db3.c M lib/hdb/hdb-mdb.c M lib/hdb/hdb.c M lib/kadm5/Makefile.am M lib/otp/Makefile.am M tests/db/Makefile.am M tests/db/add-modify-delete.in M tests/db/check-aliases.in M tests/db/have-db.in M tests/db/loaddump-db.in M tests/kdc/check-iprop.in Log Message: ----------- Revamp cf/db.m4; test LMDB Commit: a94dc50114e7cb32974b14015a18d4a9fef673c4 https://github.com/heimdal/heimdal/commit/a94dc50114e7cb32974b14015a18d4a9fef673c4 Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M cf/db.m4 M lib/hdb/hdb.c M tests/db/Makefile.am M tests/db/check-aliases.in M tests/db/check-dbinfo.in M tests/db/have-db.in M tests/kdc/Makefile.am M tests/kdc/check-iprop.in M tests/kdc/krb5.conf.in Log Message: ----------- Add --with-db-type-preference config param Commit: 16275048b8e9286ce7d252f73c1bb9374e1d108e https://github.com/heimdal/heimdal/commit/16275048b8e9286ce7d252f73c1bb9374e1d108e Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M cf/db.m4 M lib/hdb/hdb.c Log Message: ----------- Prefer LMDB to Berkeley DB Commit: 7eb9b46f5b9b1c956b456376108bc5a41b19343f https://github.com/heimdal/heimdal/commit/7eb9b46f5b9b1c956b456376108bc5a41b19343f Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M doc/Makefile.am M doc/NTMakefile M doc/setup.texi M doc/vars.tin M lib/krb5/krb5.conf.5 Log Message: ----------- Document HDB backends Commit: ab42f2882fb0dec27ccb71f976579ba38babf179 https://github.com/heimdal/heimdal/commit/ab42f2882fb0dec27ccb71f976579ba38babf179 Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M cf/valgrind-suppressions Log Message: ----------- Update valgrind suppressions Commit: d774aeda38e24b678a5fd30f277358fd2b3f3c97 https://github.com/heimdal/heimdal/commit/d774aeda38e24b678a5fd30f277358fd2b3f3c97 Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M lib/kadm5/ipropd_master.c Log Message: ----------- ipropd-master: add missing ret = Commit: 20df2c870622137b751d6b68979d503c57155274 https://github.com/heimdal/heimdal/commit/20df2c870622137b751d6b68979d503c57155274 Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M kadmin/init.c M kadmin/load.c M lib/hdb/common.c M lib/hdb/db.c M lib/hdb/db3.c M lib/hdb/hdb-ldap.c M lib/hdb/hdb-mitdb.c M lib/hdb/hdb-sqlite.c M lib/hdb/hdb.h M lib/kadm5/admin.h M lib/kadm5/chpass_s.c M lib/kadm5/create_s.c M lib/kadm5/delete_s.c M lib/kadm5/get_s.c M lib/kadm5/iprop-commands.in M lib/kadm5/iprop-log.8 M lib/kadm5/iprop-log.c M lib/kadm5/iprop.8 M lib/kadm5/ipropd_master.c M lib/kadm5/ipropd_slave.c M lib/kadm5/kadm5_err.et M lib/kadm5/libkadm5srv-exports.def M lib/kadm5/log.c M lib/kadm5/modify_s.c M lib/kadm5/private.h M lib/kadm5/randkey_s.c M lib/kadm5/rename_s.c M lib/kadm5/version-script.map M lib/krb5/krb5.conf.5 M lib/krb5/libkrb5-exports.def.in M lib/krb5/version-script.map M tests/kdc/check-iprop.in M tests/kdc/krb5.conf.in Log Message: ----------- Two-phase HDB commit via iprop log, + GC for log We used to update the iprop log and HDB in different orders depending on the kadm5 operation, which then led to various race conditions. The iprop log now functions as a two-phase commit (with roll forward) log for HDB changes. The log is auto-truncated, keeping the latest entries that fit in a configurable maximum number of bytes (defaults to 50MB). See the log-max-size parameter description in krb5.conf(5). The iprop log format and the protocol remain backwards-compatible with earlier versions of Heimdal. This is NOT a flag-day; there is NO need to update all the slaves at once with the master, though it is advisable in general. Rolling upgrades and downgrades should work. The sequence of updates is now (with HDB and log open and locked): a) check that the HDB operation will succeed if attempted, b) append to iprop log and fsync() it, c) write to HDB (which should fsync()), d) mark last log record committed (no fsync in this case). Every kadm5 write operation recover transactions not yet confirmed as committed, thus there can be at most one unconfirmed commit on a master KDC. Reads via kadm5_get_principal() also attempt to lock the log, and if successful, recover unconfirmed transactions; readers must have write access and must win any race to lock the iprop log. The ipropd-master daemon also attempts to recover unconfirmed transactions when idle. The log now starts with a nop record whose payload records the offset of the logical end of the log: the end of the last confirmed committed transaction. This is kown as the "uber record". Its purpose is two-fold: act as the confirmation of committed transactions, and provide an O(1) method of finding the end of the log (i.e., without having to traverse the entire log front to back). Two-phase commit makes all kadm5 writes single-operation atomic transactions (though some kadm5 operations, such as renames of principals, and changes to principals' aliases, use multiple low-level HDB write operations, but still all in one transaction). One can still hold a lock on the HDB across many operations (e.g., by using the lock command in a kadmin -l or calling kadm5_lock()) in order to push multiple transactions in sequence, but this sequence will not be atomic if the process or host crashes in the middle. As before, HDB writes which do not go through the kadm5 API are excluded from all of this, but there should be no such writes. Lastly, the iprop-log(1) command is enhanced as follows: - The dump, last-version, truncate, and replay sub-commands now have an option to not lock the log. This is useful for inspecting a running system's log file, especially on slave KDCs. - The dump, last-version, truncate, and replay sub-commands now take an optional iprop log file positional argument, so that they may be used to inspect log files other than the running system's configured/default log file. Extensive code review and some re-writing for clarity by Viktor Dukhovni. Commit: ebc1ad34ba0c1d5e4e9764b3d0503480b4be8f97 https://github.com/heimdal/heimdal/commit/ebc1ad34ba0c1d5e4e9764b3d0503480b4be8f97 Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M lib/kadm5/iprop.h M lib/kadm5/ipropd_common.c M lib/kadm5/ipropd_master.c M lib/kadm5/ipropd_slave.c M lib/kadm5/log.c Log Message: ----------- ipropd-master/slave: enhancements and bug fixes - fix int/uint confusion and use unsigned integral types for time - improve messages - add --verbose option - attempt transaction recovery in ipropd-master during idle times - begin hardening daemons against dying at the slightest provocation - better recovery from various errors - daemons now restart automatically in most of the many error cases where the daemons still die Commit: dbf9750989597e4c1d539ececdb8c10ee89967de https://github.com/heimdal/heimdal/commit/dbf9750989597e4c1d539ececdb8c10ee89967de Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M tests/can/krb5.conf.in M tests/can/mit-pkinit-20070607.xf M tests/db/krb5-mit.conf.in M tests/db/krb5.conf.in M tests/gss/krb5.conf.in M tests/java/krb5.conf.in M tests/kdc/krb5-authz.conf.in M tests/kdc/krb5-authz2.conf.in M tests/kdc/krb5-canon.conf.in M tests/kdc/krb5-canon2.conf.in M tests/kdc/krb5-pkinit.conf.in M tests/kdc/krb5.conf.keys.in M tests/ldap/krb5.conf.in M tests/plugin/krb5.conf.in Log Message: ----------- Tests: set db-dir so tests don't use /var/heimdal Commit: b4cf4de80769464b558bcf4e846e488b6e2f4f4a https://github.com/heimdal/heimdal/commit/b4cf4de80769464b558bcf4e846e488b6e2f4f4a Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M kdc/digest.c M kdc/kerberos5.c M kdc/pkinit.c M kuser/kinit.c M lib/hcrypto/libtommath/bn_mp_rand.c M lib/hcrypto/libtommath/demo/demo.c M lib/hcrypto/libtommath/etc/pprime.c M lib/hcrypto/libtommath/mtest/mpi.c M lib/hcrypto/libtommath/mtest/mtest.c M lib/hcrypto/libtommath/tommath.src M lib/hcrypto/libtommath/tommath.tex M lib/krb5/init_creds_pw.c M lib/krb5/rd_cred.c M lib/krb5/rd_priv.c M lib/krb5/rd_req.c M lib/krb5/rd_safe.c M lib/krb5/test_time.c M lib/krb5/ticket.c M lib/libedit/src/readline.c M lib/ntlm/ntlm.c M lib/roken/getcap.c Log Message: ----------- Fix warnings (clang 3.6) Commit: 5867aa68735744eb6bfb8d3825281c0987ec276b https://github.com/heimdal/heimdal/commit/5867aa68735744eb6bfb8d3825281c0987ec276b Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M lib/hdb/hdb-sqlite.c Log Message: ----------- hdb-sqlite: fix error code confusion Commit: 50a45a946dc813ec4a54a01fe0ef2fc8d77dd37e https://github.com/heimdal/heimdal/commit/50a45a946dc813ec4a54a01fe0ef2fc8d77dd37e Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M lib/hdb/hdb-sqlite.c Log Message: ----------- Fix more HDB SQLite3 issues Fix some issues reported by Jeffrey Hutzelman. Commit: 83437335625d5d3514df6b641ffd068b0758cbc8 https://github.com/heimdal/heimdal/commit/83437335625d5d3514df6b641ffd068b0758cbc8 Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M kadmin/server.c M tests/kdc/check-kadmin.in M tests/kdc/heimdal.acl Log Message: ----------- kadmind: check ACLs for aliases CVE-2016-2400 CVE-2016-2400 kadmind(8) was not checking for 'add' permission to aliases added via kadm5_modify_principal(). This is a security vulnerability. The impact of this vulnerability is mostly minor because most sites that use kadmind(8) generally grant roughly the same level of permissions to all administrators. However, the impact will be higher for sites that grant modify privileges to large numbers of less-privileged users. >From what we know of existing deployments of Heimdal, it seems very likely that the impact of this vulnerability will be minor for most sites. Compare: https://github.com/heimdal/heimdal/compare/33ce593b6df4...83437335625d From noreply at github.com Fri Feb 26 19:20:31 2016 From: noreply at github.com (GitHub) Date: Fri, 26 Feb 2016 10:20:31 -0800 Subject: [Heimdal-source-changes] [heimdal/heimdal] f261ed: Fix ipropd_slave: no EDQUOT on WIN32 Message-ID: <56d0976f5842f_1b6d3f804cfa529c3090@hookshot-fe1-cp1-prd.iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: f261ed4f58fbe19ba97d17ace6c8445d348eb5a2 https://github.com/heimdal/heimdal/commit/f261ed4f58fbe19ba97d17ace6c8445d348eb5a2 Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M lib/kadm5/ipropd_slave.c Log Message: ----------- Fix ipropd_slave: no EDQUOT on WIN32 Commit: a3885147128d4bdaf98c39f055136a1f5ff2019d https://github.com/heimdal/heimdal/commit/a3885147128d4bdaf98c39f055136a1f5ff2019d Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M doc/NTMakefile Log Message: ----------- Windows: fix two-phase commit docs Commit: 047daa077ac2a93d0d32b0be9acd216db4d3453d https://github.com/heimdal/heimdal/commit/047daa077ac2a93d0d32b0be9acd216db4d3453d Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M lib/hdb/NTMakefile Log Message: ----------- Windows: build lib/hdb/hdb-mdb.c (LMDB) Compare: https://github.com/heimdal/heimdal/compare/83437335625d...047daa077ac2 From noreply at github.com Fri Feb 26 21:47:31 2016 From: noreply at github.com (GitHub) Date: Fri, 26 Feb 2016 12:47:31 -0800 Subject: [Heimdal-source-changes] [heimdal/heimdal] 579393: Optionally prune old keys when setting new keys. Message-ID: <56d0b9e32a324_2f653fec7c8dd29c11875c@hookshot-fe6-cp1-prd.iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: 579393c8b9951611757f52edc9b519bf153aeec2 https://github.com/heimdal/heimdal/commit/579393c8b9951611757f52edc9b519bf153aeec2 Author: Viktor Dukhovni Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M lib/hdb/keys.c M lib/hdb/libhdb-exports.def M lib/hdb/version-script.map M lib/kadm5/Makefile.am M lib/kadm5/ad.c M lib/kadm5/common_glue.c M lib/kadm5/context_s.c M lib/kadm5/get_s.c M lib/kadm5/init_c.c M lib/kadm5/private.h A lib/kadm5/setkey3_s.c M lib/krb5/krb5.conf.5 Log Message: ----------- Optionally prune old keys when setting new keys. When new keys are added (typically via kadm5_setkey_principal_3), truncate the key history to remove old keys, that is keys older than the newest key which was in effect prior longer ago than the principal's maximum ticket lifetime. This feature is controlled via the "[kadmin]" section's "prune-key-history" boolean parameter, which defaults to false. Currently this happens only when kadm5_setkey_principal_3() is called directly on the server, the client API simulates kadm5_setkey_principal_3() via a get, update, modify sequence that does not prune the key history. The plan is to add a new kadm5 protocol RPC and convert clients to call that instead. In setkey_principal_3 seal keys after entry key update Also, for now, don't check the return value of kadm5_log_modify() in the new kadm5_s_setkey_principal_3(). This has to be addressed more globally. Censor stale keys in kadm5_s_get_principal Commit: c3eb3341c2bc853ace83b56925fe667c72c47c19 https://github.com/heimdal/heimdal/commit/c3eb3341c2bc853ace83b56925fe667c72c47c19 Author: Viktor Dukhovni Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M lib/krb5/get_host_realm.c M tests/kdc/check-referral.in Log Message: ----------- Implement and test referrals for host:port Commit: 54d37fdba6a79956fb73c9b4d24f831fd527b36a https://github.com/heimdal/heimdal/commit/54d37fdba6a79956fb73c9b4d24f831fd527b36a Author: Viktor Dukhovni Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M kdc/krb5tgs.c Log Message: ----------- Fix memory leak Commit: 8fe294d0d7feb35615d182ff84f49a24b178a468 https://github.com/heimdal/heimdal/commit/8fe294d0d7feb35615d182ff84f49a24b178a468 Author: Viktor Dukhovni Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M lib/kadm5/ipropd_slave.c Log Message: ----------- Add SO_KEEPALIVE to iprop clients (slaves) Compare: https://github.com/heimdal/heimdal/compare/047daa077ac2...8fe294d0d7fe From noreply at github.com Fri Feb 26 22:07:04 2016 From: noreply at github.com (GitHub) Date: Fri, 26 Feb 2016 13:07:04 -0800 Subject: [Heimdal-source-changes] [heimdal/heimdal] eabb28: setkey_principal_3(): use the new HDB/log protocol Message-ID: <56d0be7899e22_1bc13fe7530e129c15946@hookshot-fe1-cp1-prd.iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: eabb2821c639fc28f5b31bd20c12abcb7fd888df https://github.com/heimdal/heimdal/commit/eabb2821c639fc28f5b31bd20c12abcb7fd888df Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M lib/kadm5/setkey3_s.c Log Message: ----------- setkey_principal_3(): use the new HDB/log protocol The addition of kadm5_setkey_principal_3(), and the associated kadm5_s_setkey_principal_3() missed the revamp for two-phase commit. From noreply at github.com Sat Feb 27 02:10:40 2016 From: noreply at github.com (GitHub) Date: Fri, 26 Feb 2016 17:10:40 -0800 Subject: [Heimdal-source-changes] [heimdal/heimdal] 1976e0: Automatically upgrade iprop logs to add uber rec Message-ID: <56d0f79047478_3f823faf4873b2c0448c@hookshot-fe6-cp1-prd.iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: 1976e012b848133cbb3f5349881a535f8af2cd57 https://github.com/heimdal/heimdal/commit/1976e012b848133cbb3f5349881a535f8af2cd57 Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M lib/kadm5/admin.h M lib/kadm5/kadm5_err.et M lib/kadm5/log.c Log Message: ----------- Automatically upgrade iprop logs to add uber rec We need the uber record all the time now, actually, except when merely inspecting a log file. This is important as we depend on replaying entries written to the log in order to complete the HDB writes, and if we don't have an uber record we can't do this step. Also, log_init() should cleanup on error. From noreply at github.com Sat Feb 27 05:26:06 2016 From: noreply at github.com (GitHub) Date: Fri, 26 Feb 2016 20:26:06 -0800 Subject: [Heimdal-source-changes] [heimdal/heimdal] 744278: Fix leak in check_aliases() Message-ID: <56d1255eae2e0_41fd3fd9825792c01362a7@hookshot-fe4-cp1-prd.iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: 7442787f03db4dacda8fbf5acde111d3a416056e https://github.com/heimdal/heimdal/commit/7442787f03db4dacda8fbf5acde111d3a416056e Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M kadmin/server.c Log Message: ----------- Fix leak in check_aliases() Commit: 2d9f7257b99895df4fe97f62f845782f2a9deccf https://github.com/heimdal/heimdal/commit/2d9f7257b99895df4fe97f62f845782f2a9deccf Author: Nicolas Williams Date: 2016-02-26 (Fri, 26 Feb 2016) Changed paths: M lib/kadm5/NTMakefile Log Message: ----------- Also build setkey3_s on Windows Compare: https://github.com/heimdal/heimdal/compare/1976e012b848...2d9f7257b998 From noreply at github.com Mon Feb 29 02:34:58 2016 From: noreply at github.com (GitHub) Date: Sun, 28 Feb 2016 17:34:58 -0800 Subject: [Heimdal-source-changes] [heimdal/heimdal] 9f0e64: Revert inadvertent change Message-ID: <56d3a04254eb3_34103ffa5c6b72b896790@hookshot-fe4-cp1-prd.iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: 9f0e64d5b809f9df71fc167e804de13059c913fd https://github.com/heimdal/heimdal/commit/9f0e64d5b809f9df71fc167e804de13059c913fd Author: Viktor Dukhovni Date: 2016-02-28 (Sun, 28 Feb 2016) Changed paths: M lib/roken/getcap.c Log Message: ----------- Revert inadvertent change