[Heimdal-source-changes] [heimdal/heimdal] f6400f: Improve encoding of krb5_{, un}parse_principal().
Viktor Dukhovni
noreply at github.com
Sat Nov 23 10:57:17 CET 2019
Branch: refs/heads/pull/650/head
Home: https://github.com/heimdal/heimdal
Commit: f6400fdb74c3e24ca7564feb80b4cad6e021755f
https://github.com/heimdal/heimdal/commit/f6400fdb74c3e24ca7564feb80b4cad6e021755f
Author: Roland C. Dowdeswell <roland.dowdeswell at twosigma.com>
Date: 2019-11-21 (Thu, 21 Nov 2019)
Changed paths:
M lib/gssapi/krb5/export_name.c
M lib/krb5/krb5.h
M lib/krb5/principal.c
Log Message:
-----------
Improve encoding of krb5_{,un}parse_principal().
By default, we encode all unprintable characaters as well as the
set specified in RFC1964's section on export names. We use unvis(3)
when parsing but open-code the unparser. unvis(3) needed to be
slightly corrected with a macro and svis(3) would have required a
much less pleasant macro. The out text format is almost compatible
with unvis(3) but spaces are quoted as "\ " rather than "\s". This
is specified in RFC 1964.
We define a new constant KRB5_PRINCIPAL_UNPARSE_EXPORT_NAME which
if passed in as a flag will preserve the existing behaviour.
Commit: e7e696295c235bd42ec9350f4a36f1eec44580d3
https://github.com/heimdal/heimdal/commit/e7e696295c235bd42ec9350f4a36f1eec44580d3
Author: Roland C. Dowdeswell <roland.dowdeswell at twosigma.com>
Date: 2019-11-21 (Thu, 21 Nov 2019)
Changed paths:
M lib/krb5/log.c
Log Message:
-----------
We stop strnvisx(3)ing logs to FILE: by default.
Our logging framework used to strnvisx(3) each and every line
iff it is written to a FILE. This is often unhelpful because
the line usually contains a number of elements that have already
been quoted and it makes the logs much more difficult to read in
this case. An example if krb5_unparse_name() which will already
quote most characters that one cares about.
We change the behaviour to simply drop unprintable characters
rather than encoding them. We thus rely on the rest of the
code to properly encode data elements written into the logs.
Commit: b7ea4ce46ebd3ae9fbb50d34d05890589055fd17
https://github.com/heimdal/heimdal/commit/b7ea4ce46ebd3ae9fbb50d34d05890589055fd17
Author: Roland C. Dowdeswell <roland.dowdeswell at twosigma.com>
Date: 2019-11-21 (Thu, 21 Nov 2019)
Changed paths:
M kdc/digest-service.c
M kdc/fast.c
M kdc/kdc.h
M kdc/kdc_locl.h
M kdc/kerberos5.c
M kdc/krb5tgs.c
M kdc/pkinit.c
M kdc/process.c
M kdc/windc.c
Log Message:
-----------
Generate a single summary audit line for AS/TGS.
We refactor the code a bit to extend kdc_request_t which until now
was only used for the AS. We make the structure extensible and
start using it for the TGS as well. We leave digest and kx509
alone for the time being.
We also define the concept of kv-pairs in our audit trail which
allows us to define a rigorous but extensible format:
type error from-addr client server key1=val1 key2=val2 ...
Commit: 5d71f060baa4be26e21a0b1043e3a7284cc7287b
https://github.com/heimdal/heimdal/commit/5d71f060baa4be26e21a0b1043e3a7284cc7287b
Author: Roland C. Dowdeswell <roland.dowdeswell at twosigma.com>
Date: 2019-11-21 (Thu, 21 Nov 2019)
Changed paths:
M kdc/kerberos5.c
M kdc/krb5tgs.c
M kdc/windc.c
Log Message:
-----------
Reduce older log messages to level 4 and collect some errors.
We take all of the kdc_log() and _kdc_r_log() calls in AS and TGS
and move their log levels down to debugging on the assumption that
our new log line subsumes the "informational" requirements. We
collect some additional information in the kv-pair "pe-text" which
is like e-text except it is not returned to the client.
Commit: 0c7a7322da6b20a5f3a3c7aceac80225f23eaaaf
https://github.com/heimdal/heimdal/commit/0c7a7322da6b20a5f3a3c7aceac80225f23eaaaf
Author: Roland C. Dowdeswell <roland.dowdeswell at twosigma.com>
Date: 2019-11-21 (Thu, 21 Nov 2019)
Changed paths:
M lib/krb5/krb5_openlog.3
Log Message:
-----------
Document that log level 7 is for tracing.
Commit: 2e7b5eb5df6d0f277e6e803100f563ac11801a69
https://github.com/heimdal/heimdal/commit/2e7b5eb5df6d0f277e6e803100f563ac11801a69
Author: Roland C. Dowdeswell <roland.dowdeswell at twosigma.com>
Date: 2019-11-21 (Thu, 21 Nov 2019)
Changed paths:
M kdc/kdc.h
M kdc/process.c
Log Message:
-----------
kdc/process.c: add tracing messages.
Commit: d46dbf2f68cbe08cb58a2bf75712e4863c5c6fd0
https://github.com/heimdal/heimdal/commit/d46dbf2f68cbe08cb58a2bf75712e4863c5c6fd0
Author: Roland C. Dowdeswell <roland.dowdeswell at twosigma.com>
Date: 2019-11-21 (Thu, 21 Nov 2019)
Changed paths:
M kdc/fast.c
Log Message:
-----------
kdc/fast.c: fix leak in unusual error path.
Commit: 995b52584cc4b9e3d710855482d7458081f6c1aa
https://github.com/heimdal/heimdal/commit/995b52584cc4b9e3d710855482d7458081f6c1aa
Author: Roland C. Dowdeswell <roland.dowdeswell at twosigma.com>
Date: 2019-11-21 (Thu, 21 Nov 2019)
Changed paths:
M lib/krb5/cache.c
Log Message:
-----------
Make krb5_cc_close(ctx, NULL) stop SEGV'ing.
Commit: 00b832fb4657357a2440a7f277a0ab4283ae10b9
https://github.com/heimdal/heimdal/commit/00b832fb4657357a2440a7f277a0ab4283ae10b9
Author: Roland C. Dowdeswell <roland.dowdeswell at twosigma.com>
Date: 2019-11-22 (Fri, 22 Nov 2019)
Changed paths:
M kdc/kdc.h
M kdc/kdc_locl.h
M kdc/kx509.c
M kdc/process.c
Log Message:
-----------
Bring the KDC's KX509 service into the kdc_request_t fold.
Commit: d723b9c22d9a7418b73852c1aaef47e36334694a
https://github.com/heimdal/heimdal/commit/d723b9c22d9a7418b73852c1aaef47e36334694a
Author: Viktor Dukhovni <viktor at twosigma.com>
Date: 2019-11-23 (Sat, 23 Nov 2019)
Changed paths:
M lib/krb5/principal.c
Log Message:
-----------
fixup! Improve encoding of krb5_{,un}parse_principal().
Compare: https://github.com/heimdal/heimdal/compare/f6400fdb74c3%5E...d723b9c22d9a
More information about the Heimdal-source-changes
mailing list