From noreply at github.com Sat Apr 1 01:58:00 2017 From: noreply at github.com (GitHub) Date: Fri, 31 Mar 2017 16:58:00 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] 707b23: Further improvements to issuid() Message-ID: <58deed08885d5_26983fbfdb6a5c2c9131a@hookshot-fe3-cp1-prd.iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: 707b2372d2e95f17cfa3d095b914d8a2d00b8131 https://github.com/heimdal/heimdal/commit/707b2372d2e95f17cfa3d095b914d8a2d00b8131 Author: Nicolas Williams Date: 2017-03-31 (Fri, 31 Mar 2017) Changed paths: M configure.ac M lib/roken/issuid.c M lib/roken/roken.h.in M lib/roken/version-script.map Log Message: ----------- Further improvements to issuid() Commit: f867a12aa9cecccadbe99933e50538e220bff29d https://github.com/heimdal/heimdal/commit/f867a12aa9cecccadbe99933e50538e220bff29d Author: Nicolas Williams Date: 2017-03-31 (Fri, 31 Mar 2017) Changed paths: M lib/roken/Makefile.am A lib/roken/test-auxval.c Log Message: ----------- Test rk_get*auxval() Compare: https://github.com/heimdal/heimdal/compare/26a0332e3c68...f867a12aa9ce From noreply at github.com Thu Apr 13 22:27:00 2017 From: noreply at github.com (GitHub) Date: Thu, 13 Apr 2017 13:27:00 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] d7bf24: Fix transit path validation CVE-2017-6594 Message-ID: <58efdf14926b4_54bb3fb04d777c38192679@hookshot-fe6-cp1-prd.iad.github.net.mail> Branch: refs/heads/heimdal-7-1-branch Home: https://github.com/heimdal/heimdal Commit: d7bf245e793a9f9ec565e07dae9372597c0ece69 https://github.com/heimdal/heimdal/commit/d7bf245e793a9f9ec565e07dae9372597c0ece69 Author: Viktor Dukhovni Date: 2017-04-11 (Tue, 11 Apr 2017) Changed paths: M NEWS M kdc/krb5tgs.c M tests/kdc/check-kdc.in M tests/kdc/krb5.conf.in Log Message: ----------- Fix transit path validation CVE-2017-6594 Commit f469fc6 (2010-10-02) inadvertently caused the previous hop realm to not be added to the transit path of issued tickets. This may, in some cases, enable bypass of capath policy in Heimdal versions 1.5 through 7.2. Note, this may break sites that rely on the bug. With the bug some incomplete [capaths] worked, that should not have. These may now break authentication in some cross-realm configurations. Commit: 40d4229585ec17a9c051605aad7dd5d9e8831256 https://github.com/heimdal/heimdal/commit/40d4229585ec17a9c051605aad7dd5d9e8831256 Author: Nicolas Williams Date: 2017-04-11 (Tue, 11 Apr 2017) Changed paths: M configure.ac M windows/NTMakefile.version Log Message: ----------- Bump versions for upcoming Heimdal 7.3.0 release Compare: https://github.com/heimdal/heimdal/compare/622ab5feac72...40d4229585ec From noreply at github.com Thu Apr 13 22:27:06 2017 From: noreply at github.com (GitHub) Date: Thu, 13 Apr 2017 13:27:06 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] Message-ID: <58efdf1a9549b_12e953fdfd07abc24106358@hookshot-fe-6dbb0c4.cp1-iad.github.net.mail> Branch: refs/tags/heimdal-7.3.0 Home: https://github.com/heimdal/heimdal From noreply at github.com Fri Apr 14 01:07:03 2017 From: noreply at github.com (GitHub) Date: Thu, 13 Apr 2017 16:07:03 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] d5dd5a: Update NEWS for Heimdal 7.2 Message-ID: <58f00497bbe_57033fa212f8bc381344fe@hookshot-fe6-cp1-prd.iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: d5dd5aab19f16218271adb616de6bb6118a529b3 https://github.com/heimdal/heimdal/commit/d5dd5aab19f16218271adb616de6bb6118a529b3 Author: Viktor Dukhovni Date: 2017-04-13 (Thu, 13 Apr 2017) Changed paths: M NEWS Log Message: ----------- Update NEWS for Heimdal 7.2 Commit: b1e699103f08d6a0ca46a122193c9da65f6cf837 https://github.com/heimdal/heimdal/commit/b1e699103f08d6a0ca46a122193c9da65f6cf837 Author: Viktor Dukhovni Date: 2017-04-13 (Thu, 13 Apr 2017) Changed paths: M NEWS M kdc/krb5tgs.c M tests/kdc/check-kdc.in M tests/kdc/krb5.conf.in Log Message: ----------- Fix transit path validation CVE-2017-6594 Commit f469fc6 (2010-10-02) inadvertently caused the previous hop realm to not be added to the transit path of issued tickets. This may, in some cases, enable bypass of capath policy in Heimdal versions 1.5 through 7.2. Note, this may break sites that rely on the bug. With the bug some incomplete [capaths] worked, that should not have. These may now break authentication in some cross-realm configurations. Compare: https://github.com/heimdal/heimdal/compare/f867a12aa9ce...b1e699103f08 From noreply at github.com Fri Apr 14 01:11:54 2017 From: noreply at github.com (GitHub) Date: Thu, 13 Apr 2017 16:11:54 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] f468c2: Use actual Ticket to construct AP-REQ Message-ID: <58f005ba6719e_2a083fbde6f35c3023422b@hookshot-fe5-cp1-prd.iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: f468c2fed1006b1a779e0bffe7e3d7d8af535972 https://github.com/heimdal/heimdal/commit/f468c2fed1006b1a779e0bffe7e3d7d8af535972 Author: Viktor Dukhovni Date: 2017-04-13 (Thu, 13 Apr 2017) Changed paths: M lib/krb5/build_ap_req.c Log Message: ----------- Use actual Ticket to construct AP-REQ When the cred passed krb5_build_ap_req() has a different name for the actual ticket (e.g., because the entry came from a ccache with an alias name as the entry name) then we were putting a Ticket on the wire with the name from the cred rather than from the Ticket in the cred. We don't think this is intended or desirable. The server should see the Ticket _exactly_ as minted by the KDC. Perhaps AP-REQ should have used an OCTET STRING to contain the Ticket given that Ticket is a PDU, which would make a byte-for-byte copy trivial, but as it is it uses Ticket instead. Therefore this commit has it decode the Ticket from the cred and then C struct assign that value to the AP-REP's ticket field -- this then copies the Ticket as exactly as vended. Commit: 10f3ab0f2abd6509db7eb8972d870c2fb39aecca https://github.com/heimdal/heimdal/commit/10f3ab0f2abd6509db7eb8972d870c2fb39aecca Author: Viktor Dukhovni Date: 2017-04-13 (Thu, 13 Apr 2017) Changed paths: M lib/krb5/get_cred.c Log Message: ----------- Never store TGT "aliases" When obtaining a remote TGT krbtgt/REALM2 at REALM2, an intermediate cross-realm TGT obtained for krbtgt/REALM2 at REALM1 is not equivalent to the TGT we seek, and must not be stored under its name. Commit: a4fb8984dd496b70adee48e71df856eb9be7712b https://github.com/heimdal/heimdal/commit/a4fb8984dd496b70adee48e71df856eb9be7712b Author: Viktor Dukhovni Date: 2017-04-13 (Thu, 13 Apr 2017) Changed paths: M lib/krb5/get_cred.c Log Message: ----------- Do not ignore realm when checking for expected ticket or referral Commit: 1c6e1d5b1a32a34ba0881e615ca5df566fd64549 https://github.com/heimdal/heimdal/commit/1c6e1d5b1a32a34ba0881e615ca5df566fd64549 Author: Viktor Dukhovni Date: 2017-04-13 (Thu, 13 Apr 2017) Changed paths: M lib/krb5/get_cred.c Log Message: ----------- Improve referral processing for TGTs When using referrals to obtain krbtgt/A at B we're really looking for a path to krbtgt/B first, and only then a ticket for krbtgt/A. Compare: https://github.com/heimdal/heimdal/compare/b1e699103f08...1c6e1d5b1a32 From noreply at github.com Fri Apr 14 21:26:55 2017 From: noreply at github.com (GitHub) Date: Fri, 14 Apr 2017 12:26:55 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] c7f54a: Fix error in last-minute tgt referral tweak Message-ID: <58f1227f7aeb9_704b3f9b31b9dc44150814@hookshot-fe1-cp1-prd.iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: c7f54ae85a6fdfa672af777763a3b6182e0d9d6f https://github.com/heimdal/heimdal/commit/c7f54ae85a6fdfa672af777763a3b6182e0d9d6f Author: Viktor Dukhovni Date: 2017-04-14 (Fri, 14 Apr 2017) Changed paths: M lib/krb5/get_cred.c Log Message: ----------- Fix error in last-minute tgt referral tweak From noreply at github.com Tue Apr 18 00:02:32 2017 From: noreply at github.com (GitHub) Date: Mon, 17 Apr 2017 15:02:32 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] 650ffd: Revamp lib/roken/getauxval.c Message-ID: <58f53b785c1c9_23ad3fd861035c2c2086f8@hookshot-fe5-cp1-prd.iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: 650ffdc9644ca82c0ae241276244be39c33dd67f https://github.com/heimdal/heimdal/commit/650ffdc9644ca82c0ae241276244be39c33dd67f Author: Nicolas Williams Date: 2017-04-17 (Mon, 17 Apr 2017) Changed paths: M cf/roken-frag.m4 M lib/roken/Makefile.am M lib/roken/NTMakefile A lib/roken/getauxval.c A lib/roken/getauxval.h M lib/roken/roken.h.in M lib/roken/test-auxval.c M lib/roken/version-script.map Log Message: ----------- Revamp lib/roken/getauxval.c Commit: 90110f5553753b06bb7870136c303e5d8580b1be https://github.com/heimdal/heimdal/commit/90110f5553753b06bb7870136c303e5d8580b1be Author: Nicolas Williams Date: 2017-04-17 (Mon, 17 Apr 2017) Changed paths: M lib/roken/issuid.c M lib/roken/test-auxval.c Log Message: ----------- Revamp issuid() Commit: cf4efe8de689927b1e4edaeeec3772cbe2d5a234 https://github.com/heimdal/heimdal/commit/cf4efe8de689927b1e4edaeeec3772cbe2d5a234 Author: Nicolas Williams Date: 2017-04-17 (Mon, 17 Apr 2017) Changed paths: M cf/roken-frag.m4 M lib/roken/Makefile.am M lib/roken/NTMakefile M lib/roken/roken.h.in A lib/roken/secure_getenv.c A lib/roken/secure_getenv.h M lib/roken/test-auxval.c M lib/roken/version-script.map Log Message: ----------- Add secure_getenv.c Commit: 7dfad1ab0b25cc99d58e1d2f5d41a9a5d392eaa9 https://github.com/heimdal/heimdal/commit/7dfad1ab0b25cc99d58e1d2f5d41a9a5d392eaa9 Author: Nicolas Williams Date: 2017-04-17 (Mon, 17 Apr 2017) Changed paths: M lib/gssapi/ntlm/init_sec_context.c M lib/gssapi/ntlm/kdc.c M lib/gssapi/spnego/accept_sec_context.c M lib/hcrypto/evp-pkcs11.c M lib/hcrypto/rand.c M lib/hx509/softp11.c M lib/kafs/afssys.c M lib/krb5/cache.c M lib/krb5/config_file.c M lib/krb5/context.c M lib/krb5/expand_path.c M lib/krb5/keytab.c M lib/roken/write_pid.c Log Message: ----------- Use secure_getenv() instead of issuid() Commit: 63a4c0d665be22c51e14ebc38454b269afce747e https://github.com/heimdal/heimdal/commit/63a4c0d665be22c51e14ebc38454b269afce747e Author: Nicolas Williams Date: 2017-04-17 (Mon, 17 Apr 2017) Changed paths: M appl/su/su.c Log Message: ----------- su also doesn't need issuid() Compare: https://github.com/heimdal/heimdal/compare/c7f54ae85a6f...63a4c0d665be From noreply at github.com Tue Apr 18 17:04:58 2017 From: noreply at github.com (GitHub) Date: Tue, 18 Apr 2017 08:04:58 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] 69bb29: Fix check-iprop race Message-ID: <58f62b1a94494_705b3fd894a91c381755a6@hookshot-fe1-cp1-prd.iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: 69bb29ea29ad512f27862f6d9e2255e5e8ed60e9 https://github.com/heimdal/heimdal/commit/69bb29ea29ad512f27862f6d9e2255e5e8ed60e9 Author: Viktor Dukhovni Date: 2017-04-18 (Tue, 18 Apr 2017) Changed paths: M tests/kdc/check-iprop.in Log Message: ----------- Fix check-iprop race Creation of a random key HDB entry takes 3 updates, not one. Instead of hard-coding this magic count, wait for the appearance of the expected entry with no "invalid" flag among its attributes. From noreply at github.com Tue Apr 18 22:23:03 2017 From: noreply at github.com (GitHub) Date: Tue, 18 Apr 2017 13:23:03 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] 3d3ac9: Fix check-iprop race Message-ID: <58f675a7e8391_303a3fefe8047c44131120@hookshot-fe5-cp1-prd.iad.github.net.mail> Branch: refs/heads/heimdal-7-1-branch Home: https://github.com/heimdal/heimdal Commit: 3d3ac96b9c7bfab0d9e2feaf13eed61a5a5baeb8 https://github.com/heimdal/heimdal/commit/3d3ac96b9c7bfab0d9e2feaf13eed61a5a5baeb8 Author: Viktor Dukhovni Date: 2017-04-18 (Tue, 18 Apr 2017) Changed paths: M tests/kdc/check-iprop.in Log Message: ----------- Fix check-iprop race Creation of a random key HDB entry takes 3 updates, not one. Instead of hard-coding this magic count, wait for the appearance of the expected entry with no "invalid" flag among its attributes. (cherry picked from commit 69bb29ea29ad512f27862f6d9e2255e5e8ed60e9) From noreply at github.com Tue Apr 18 23:54:50 2017 From: noreply at github.com (GitHub) Date: Tue, 18 Apr 2017 14:54:50 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] c02af7: Avoid another potential check-iprop race. Message-ID: <58f68b2a54da8_589b3f9eb2309c34193684@hookshot-fe6-cp1-prd.iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: c02af7b3bbf0e8ba0fe32d29812b71b15dfb6fb4 https://github.com/heimdal/heimdal/commit/c02af7b3bbf0e8ba0fe32d29812b71b15dfb6fb4 Author: Viktor Dukhovni Date: 2017-04-18 (Tue, 18 Apr 2017) Changed paths: M tests/kdc/check-iprop.in Log Message: ----------- Avoid another potential check-iprop race. Though a race was never observed, the re-sync, slave DB deletion, master changes and restart did not take into account late changes in the master before slave down. From noreply at github.com Tue Apr 18 23:56:51 2017 From: noreply at github.com (GitHub) Date: Tue, 18 Apr 2017 14:56:51 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] ce3e80: Avoid another potential check-iprop race. Message-ID: <58f68ba38ee6d_61763faa7ebd3c3420017d@hookshot-fe6-cp1-prd.iad.github.net.mail> Branch: refs/heads/heimdal-7-1-branch Home: https://github.com/heimdal/heimdal Commit: ce3e80c72a58aeae5298aea9c4e5ee4719e95b76 https://github.com/heimdal/heimdal/commit/ce3e80c72a58aeae5298aea9c4e5ee4719e95b76 Author: Viktor Dukhovni Date: 2017-04-18 (Tue, 18 Apr 2017) Changed paths: M tests/kdc/check-iprop.in Log Message: ----------- Avoid another potential check-iprop race. Though a race was never observed, the re-sync, slave DB deletion, master changes and restart did not take into account late changes in the master before slave down. (cherry picked from commit c02af7b3bbf0e8ba0fe32d29812b71b15dfb6fb4) From noreply at github.com Mon Apr 24 23:47:38 2017 From: noreply at github.com (GitHub) Date: Mon, 24 Apr 2017 14:47:38 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] dcd3e4: kinit: fix 13c8a2c2124ba1a9af53e64304d4ca9b1e809db... Message-ID: <58fe727a67238_2e4d53fe5292d9c3840819@hookshot-fe-6dbb0c4.cp1-iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: dcd3e45e026a26f5dd2bf35314c3ee29505d6e6b https://github.com/heimdal/heimdal/commit/dcd3e45e026a26f5dd2bf35314c3ee29505d6e6b Author: Jeffrey Altman Date: 2017-04-24 (Mon, 24 Apr 2017) Changed paths: M kuser/kinit.c Log Message: ----------- kinit: fix 13c8a2c2124ba1a9af53e64304d4ca9b1e809dbc In 13c8a2c2124ba1a9af53e64304d4ca9b1e809dbc permits fclose() to be issued on 'stdin' and forgets to use the N_() macro for text strings. Change-Id: I5e9ac1354da8dcff5277c39e4784a768ad76afdd From noreply at github.com Tue Apr 25 17:23:00 2017 From: noreply at github.com (GitHub) Date: Tue, 25 Apr 2017 08:23:00 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] 2e0193: krb5_kt_next_entry() needs to operate on a zero'd ... Message-ID: <58ff69d42429c_6e0f3ff54b5b1c3010187e@hookshot-fe5-cp1-prd.iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: 2e01930cf719d741e31823b61778128a3d982831 https://github.com/heimdal/heimdal/commit/2e01930cf719d741e31823b61778128a3d982831 Author: Roland C. Dowdeswell Date: 2017-04-25 (Tue, 25 Apr 2017) Changed paths: M lib/krb5/keytab.c Log Message: ----------- krb5_kt_next_entry() needs to operate on a zero'd krb5_keytab_entry. From noreply at github.com Sat Apr 29 07:15:18 2017 From: noreply at github.com (GitHub) Date: Fri, 28 Apr 2017 22:15:18 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] 18f311: roken: fix rk_getauxval missing stack variable Message-ID: <59042166ae835_72e33f928f5c7c34813be@hookshot-fe3-cp1-prd.iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: 18f3115f78c82ec9fa8a1688c7a1309332d74678 https://github.com/heimdal/heimdal/commit/18f3115f78c82ec9fa8a1688c7a1309332d74678 Author: Jeffrey Altman Date: 2017-04-29 (Sat, 29 Apr 2017) Changed paths: M lib/roken/getauxval.c Log Message: ----------- roken: fix rk_getauxval missing stack variable if defined(HAVE_GETAUXVAL) && !defined(GETAUXVAL_SETS_ERRNO) the stack variable declaration for 'a' is missing: const auxv_t *a Declare 'a' so that Heimdal can build again. Change-Id: If64dd497f240688b76f3dd6139ac68c2ff149a0e Commit: 85acd57c8a288ce92f42bcf62737eebe385bce90 https://github.com/heimdal/heimdal/commit/85acd57c8a288ce92f42bcf62737eebe385bce90 Author: Jeffrey Altman Date: 2017-04-29 (Sat, 29 Apr 2017) Changed paths: M lib/base/error.c Log Message: ----------- base: fix error_cmp Fix the numeric error value comparison performed by error_cmp(). Identified by AppChecker and previously fixed by Darwin. Change-Id: I0a72fd381bef0b34b7e7d155bfff03ab4196d38e Commit: 93518bfab4e495bf4130be354464965e48a786c0 https://github.com/heimdal/heimdal/commit/93518bfab4e495bf4130be354464965e48a786c0 Author: Jeffrey Altman Date: 2017-04-29 (Sat, 29 Apr 2017) Changed paths: M appl/su/su.c M kadmin/cpw.c M kadmin/random_password.c M kuser/kinit.c M lib/gssapi/krb5/arcfour.c M lib/gssapi/krb5/get_mic.c M lib/gssapi/krb5/verify_mic.c M lib/gssapi/ntlm/init_sec_context.c M lib/hcrypto/md2.c M lib/hcrypto/rand-fortuna.c M lib/hdb/mkey.c M lib/hx509/ks_file.c M lib/krb5/crypto-arcfour.c M lib/krb5/crypto-des-common.c M lib/krb5/crypto-pk.c M lib/krb5/deprecated.c M lib/krb5/init_creds_pw.c M lib/krb5/kcm.c M lib/krb5/salt-des.c M lib/krb5/salt-des3.c M lib/ntlm/ntlm.c Log Message: ----------- use memset_s lib roken includes support for memset_s() but it was not applied to the Heimdal source tree. Change-Id: I8362ec97a9be50205bb2d398e65b629b88ce1acd Commit: 12afd9c4b76ba11952b63e8bf7059a1f30b2a964 https://github.com/heimdal/heimdal/commit/12afd9c4b76ba11952b63e8bf7059a1f30b2a964 Author: Jeffrey Altman Date: 2017-04-29 (Sat, 29 Apr 2017) Changed paths: M kdc/hpropd.c M lib/hx509/hxtool.c Log Message: ----------- include field separators in comparison When comparing the first component of a multi-component string that uses a field separator (e.g., '/' or ':'), be sure to include the separator in the comparison to ensure that the comparison does not succeed due to a prefix match. Change-Id: Ieec3e73cb015a83bb652ec11cd7d83e57755c3d2 Commit: 02ea07f93d34bbdff79c5e3968b3d51d3bec54d9 https://github.com/heimdal/heimdal/commit/02ea07f93d34bbdff79c5e3968b3d51d3bec54d9 Author: Jeffrey Altman Date: 2017-04-29 (Sat, 29 Apr 2017) Changed paths: M lib/gssapi/test_context.c Log Message: ----------- gssapi: remove dead code Remove assignment of a variable to itself. Identified by AppChecker. Change-Id: I94012849d8200dc91394a8548e72c61404d7e5b6 Compare: https://github.com/heimdal/heimdal/compare/2e01930cf719...02ea07f93d34 From noreply at github.com Sat Apr 29 19:55:40 2017 From: noreply at github.com (GitHub) Date: Sat, 29 Apr 2017 10:55:40 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] 029d32: fix calls to memset_s Message-ID: <5904d39c6045e_66603fa49c919c3842780@hookshot-fe2-cp1-prd.iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: 029d32580a3b04550ff736d8878d331dcfca864f https://github.com/heimdal/heimdal/commit/029d32580a3b04550ff736d8878d331dcfca864f Author: Jeffrey Altman Date: 2017-04-29 (Sat, 29 Apr 2017) Changed paths: M kadmin/random_password.c M lib/krb5/salt-des3.c Log Message: ----------- fix calls to memset_s In random_password() and DES3_string_to_key(), do not call memset_s() with the sizeof a pointer. Change-Id: I7dd49b9f717e1cb5c262f2d375d2b85be82cd2db Commit: cb1ab5b5fc8237705e82a56350e4ef25349576ae https://github.com/heimdal/heimdal/commit/cb1ab5b5fc8237705e82a56350e4ef25349576ae Author: Jeffrey Altman Date: 2017-04-29 (Sat, 29 Apr 2017) Changed paths: M lib/roken/getauxval.c Log Message: ----------- roken: refactor rk_getauxval Refactor rk_getauxval() to remove duplicate code and to ensure that a value is always returned. Change-Id: I3b452dbc11802169e2c96e7ad16e714e7a880450 Compare: https://github.com/heimdal/heimdal/compare/02ea07f93d34...cb1ab5b5fc82 From noreply at github.com Sat Apr 29 21:30:41 2017 From: noreply at github.com (GitHub) Date: Sat, 29 Apr 2017 12:30:41 -0700 Subject: [Heimdal-source-changes] [heimdal/heimdal] 6f3ab0: check return copy_Realm, copy_PrincipalName, copy_... Message-ID: <5904e9e1add7d_aea83f84ee253c2888916@hookshot-fe-6dbb0c4.cp1-iad.github.net.mail> Branch: refs/heads/master Home: https://github.com/heimdal/heimdal Commit: 6f3ab01c757a2ec66e6550a133f424955ad8a398 https://github.com/heimdal/heimdal/commit/6f3ab01c757a2ec66e6550a133f424955ad8a398 Author: Jeffrey Altman Date: 2017-04-29 (Sat, 29 Apr 2017) Changed paths: M kdc/kerberos5.c M kdc/krb5tgs.c M kuser/kimpersonate.c M lib/krb5/build_auth.c M lib/krb5/get_for_creds.c M lib/krb5/rd_cred.c Log Message: ----------- check return copy_Realm, copy_PrincipalName, copy_EncryptionKey The ASN.1 functions copy_Realm(), copy_PrincipalName() and copy_EncryptionKey() can fail. Check the return and perform error handling as appropriate. Change-Id: I2b3629d19db96eb41d1cd554cef1dca99745e753