Russ Allbery [Mon, 30 Aug 2021 05:15:18 +0000 (22:15 -0700)]
Avoid warnings with Autoconf 2.71
Autoconf 2.71 enables warnings for obsolete constructs by default,
and there were a few in the configure machinery for the package.
Replace AC_HELP_STRING with AS_HELP_STRING and AC_CONFIG_HEADER
with AC_CONFIG_HEADERS.
Russ Allbery [Mon, 30 Aug 2021 05:05:44 +0000 (22:05 -0700)]
Add support for kafs
Add support for kafs to the -t options of k5start and krenew. If AFS
setpag support is not compiled in or AFS is not available, but the
Linux kafs kernel module is available, do not error out when -t is
specified and continue to run the external program. If libkeyutils is
found at compile time and a command was specified on the command line,
create a new session keyring before running the external command to
isolate its AFS credentials from the calling process. Thanks to Bill
MacAllister, David Howells, and Jeffrey Altman for proposed code and
implementation discussion.
Russ Allbery [Sun, 29 Aug 2021 20:41:02 +0000 (13:41 -0700)]
NEWS and some fixes for exit handling
Add a NEWS entry for the change in exit status handling, fix the
k5start/sigchld test, and add a krenew test. Fix a style issue
with a C++-style comment.
Russ Allbery [Sun, 29 Aug 2021 20:09:57 +0000 (13:09 -0700)]
Fix k5start/sigchld test for exit status
In preparation for adding a more accurate exit status to k5start,
fix the k5start/sigchld test to only expect the bottom byte of the
exit status to be 0.
Aasif Versi [Sat, 28 Aug 2021 15:04:43 +0000 (11:04 -0400)]
Set exit status if child stops via signal
The current implementation of command_finish always calls WEXITSTATUS,
despite the man page for waitpid stating that WEXITSTATUS should only
be used if WIFEXITED returned true.
This change will set the exit status of k5start accordingly by either
using WTERMSIG if WIFSIGNALED returns true, and using WEXITSTATUS if
WIFEXITETED returns true. This means that the user can check the exit
status of the command running under k5start and know if the command
failed. Looking at the following example, in the previous code, the
command would print 0, now it will print 143. This will match the
functionality of bash [0].
$ k5start -f ./user.keytab -- sh -c 'kill $$'; echo $?
143
$ sh -c 'kill $$'; echo $?
143
This also makes a minor change by only setting the status if it is a
non-null pointer.
Russ Allbery [Tue, 30 Mar 2021 18:35:38 +0000 (11:35 -0700)]
Use internal insead of private for config
The command framework used by k5start and krenew has a shared
configuration plus internal configuration structs for each program
that hold their own options. The latter were previously called
private, but this is a C++ reserved word that causes problems with
various tools (such as clang-format) that understand both C and
C++. Rename those structs to internal.
Russ Allbery [Tue, 30 Mar 2021 06:57:07 +0000 (23:57 -0700)]
Fix k5start/perms test on Heimdal
The Heimdal klist, even when it thinks it's running as root,
refuses to open a ticket cache owned by another user or with a
publicly-readable mode. Work around this by checking the mode
and ownership first, then resetting them to what was expected
and checking the contents of the cache.
Russ Allbery [Tue, 30 Mar 2021 06:48:07 +0000 (23:48 -0700)]
Fix ticket cache analysis in test suite with Heimdal
Heimdal's version of klist shows dates in a different format that
the regex parsing of klist output didn't understand. Adjust for
the current formatting while hopefully not breaking understanding
of previous versions.
Russ Allbery [Tue, 30 Mar 2021 03:13:14 +0000 (20:13 -0700)]
Fix races in k5start/daemon and krenew/daemon tests
Several of the tests for backgrounding were missing a delay to
wait for the daemon to start. Add those in, and clean up the
PID files from previous tests to avoid spurious failures.
k5start and krenew do not write their PID file atomically, so
there was a race condition in the tests where they would detect
the existence of the file and then try to read an empty file.
Avoid this by checking that the file contains a PID using -s.
Russ Allbery [Mon, 29 Mar 2021 16:54:00 +0000 (09:54 -0700)]
Add GitHub Actions CI configuration
Add a GitHub Actions workflow to test with MIT and Heimdal based
on the CI configuration for remctl. Install a dependabot
configuration to update the versions of GitHub Actions.
Russ Allbery [Mon, 29 Mar 2021 23:07:33 +0000 (16:07 -0700)]
Update to rra-c-util 9.1 and C TAP Harness 4.7
Update to rra-c-util 9.1:
* Fix getgroups error handling in k_haspag replacement.
* Check for a working Kerberos header file during configure.
* Use AS_ECHO in all Autoconf macros for better portability.
* Fix reallocarray portability on NetBSD.
* Stop providing a replacement for a broken snprintf.
* Don't check for krb5-config when using explicit paths.
* Fix new warnings with current versions of GCC and Clang.
* Probe for the warning flags supported by the compiler.
Update to C TAP Harness 4.7:
* Report test failures as left and right instead of wanted and seen.
* Fix string comparisons against NULL pointers.
* Honor C_TAP_SOURCE and C_TAP_BUILD along with SOURCE and BUILD.
Russ Allbery [Mon, 29 Mar 2021 22:57:26 +0000 (15:57 -0700)]
Skip keyring tests without keyring support
The current released version of Heimdal doesn't support keyring
ticket caches. Detect that and skip the relevant tests when built
without that support.
Russ Allbery [Sun, 26 Aug 2018 20:22:48 +0000 (13:22 -0700)]
Update to standards version 4.2.1
* Update standards version to 4.2.1.
- Enable verbose test output.
- Install the upstream release notes as NEWS.gz, not changelog.gz.
- Add Rules-Requires-Root: no.
- Use https for URLs in debian/control and debian/copyright.
Russ Allbery [Sat, 26 Dec 2015 00:45:40 +0000 (16:45 -0800)]
Clean up license notices and regenerate LICENSE
Use the Debian copyright-format 1.0 format for LICENSE. Fix up the
files that had unparseable license notices or ones with typos, and
add license notices to a few files that didn't have them.
Russ Allbery [Sat, 26 Dec 2015 00:18:14 +0000 (16:18 -0800)]
Remove strlcpy, strlcat, and strndup
These are no longer used by the utility library, so we don't have
to provide replacements for them. Also clean up a remaining build
rule for the concat test suite.
Russ Allbery [Sat, 26 Dec 2015 00:11:42 +0000 (16:11 -0800)]
Update to rra-c-util 5.9 and C TAP Harness 3.4
Update to rra-c-util 5.9:
* Add missing va_end to xasprintf implementation.
* Improve portability to Kerberos included in Solaris 10.
* Use appropriate warning flags with Clang (currently not warning clean).
* Use Lancaster Consensus environment variables to control tests.
* Use calloc or reallocarray for protection against integer overflows.
* Suppress warnings from Kerberos headers in non-system paths.
* Assume calloc initializes pointers to NULL.
* Assume free(NULL) is properly ignored.
* Improve error handling in xasprintf and xvasprintf.
* Check the return status of snprintf and vsnprintf properly.
* Preserve errno if snprintf fails in vasprintf replacement.
* Fix probing for Heimdal's libroken to work with older versions.
* Improve POD tests.
* Fix kafs compilation failure on Solaris 11 or later.
* Drop concat from the util library in favor of asprintf.
* Fail on any error in [bx]asprintf and [bx]vasprintf.
* Pass --deps to krb5-config in the non-reduced-dependencies case.
* Silence __attribute__ warnings on more compilers.
Update to C TAP Harness 3.4:
* Fix segfault in runtests with an empty test list.
* Display verbose test results with -v or C_TAP_VERBOSE.
* Support comments and blank lines in test lists.
* Check for integer overflow on memory allocations.
* Reopen standard input to /dev/null when running a test list.
* Don't leak extraneous file descriptors to tests.
* Suppress lazy plans and test summaries if the test failed with bail.
* runtests now treats the command line as a list of tests by default.
* The full test executable path can now be passed to runtests -o.
* Improved harness output for tests with lazy plans.
* Improved harness output to a terminal for some abort cases.
* Flush harness output after each test even when not on a terminal.
* Only use feature-test macros when requested or built with gcc -ansi.
* Drop is_double from the C TAP library to avoid requiring -lm.
* Avoid using local in the shell libtap.sh library.
* Silence __attribute__ warnings on more compilers.
* runtests now frees all allocated resources on exit.
Russ Allbery [Fri, 25 Dec 2015 22:46:00 +0000 (14:46 -0800)]
Retry initial authentication until it succeeds
For both k5start with a command or -K and no -x flag, and krenew with
the -i flag, repeatedly retry the initial authentication. The first
retry will be immediate, and then the commands will keep trying with
exponential backoff to one minute intervals, and then continuously at
one minute intervals until the command is killed or authentication
succeeds. k5start and krenew will no longer start any other command
until the initial authentication succeeds, fixing startup behavior
when running a command that must have valid Kerberos tickets
immediately on start. Based on a patch by Lars Hanke.
Add the -a option to k5start and krenew, which says to always try
to renew our tickets (and tokens, if -t) every time we wake up,
regardless of how much time is left on the tickets. This is useful if
you want to ensure that a certain amount of lifetime always exists
on the tickets, or if you want to ensure aklog gets run, even if
something else is keeping our tickets fresh.
Update standards version to 3.9.5 (copyright, Vcs-Git)
* Update standards version to 3.9.5.
- Convert debian/copyright to copyright-format 1.0.
- Specify the Debian packaging branch in the Vcs-Git control field.
Russ Allbery [Wed, 8 Jan 2014 00:23:44 +0000 (16:23 -0800)]
Make daemon test suite more robust
Extend delays, since authentication can take a while on a remote,
loaded network. Use better strategies for waiting for activity
than simple numeric delays. Fix the test count in k5start/daemon.
Russ Allbery [Wed, 8 Jan 2014 00:21:33 +0000 (16:21 -0800)]
Skip keyring tests if the resulting tickets disappear
MIT Kerberos doesn't cope well with UID session keyrings. It can
get tickets, but then the tickets disappear. Check for that and
skip the keyring tests if we're running into that problem.
k5start -K no longer exits if initial authentication fails
k5start, when run with the -K option to run as a daemon, no longer
exits if the initial authentication fails. Instead, it reports the
error to standard error and then continues to run, attempting
authentication every minute as if authentication had failed after it
had started. Patch from Rasmus Borup Hansen.