Russ Allbery [Thu, 29 Dec 2011 21:36:57 +0000 (13:36 -0800)]
Update documentation for recent changes
Document that -k can now be any cache identifier. Suggest -L with
-b in krenew as was done with k5start. Update the krenew -i
documentation for the current implementation. Add -i to the krenew
usage output. Remove the notes in k5start that -o, -g, and -m will
result in windows where the ticket cache is not accessible.
Russ Allbery [Thu, 29 Dec 2011 19:47:36 +0000 (11:47 -0800)]
Fix error reporting from ticket expiration checks
Don't report an error immediately when checking for ticket
expiration, since k5start doesn't want to report an error if the
ticket cache has gone away. It will just recreate it. Instead,
defer error reporting to the auth hook, where krenew can report
an error.
Russ Allbery [Thu, 29 Dec 2011 19:10:35 +0000 (11:10 -0800)]
Clean up ticket cache naming and permission handling
Ticket caches passed to k5start or krenew with the -k option are now
used as-is without prepending "FILE:". This allows both programs to
be used with non-file caches (unles the -o, -g, or -m options were
given to k5start, of course). However, users who were relying on
k5start or krenew prepending "FILE:" may now need to add this
explicitly to the -k argument if they want the ticket cache to be set
in the environment with that prefix.
k5start, when run with the -o, -g, or -m options to change ticket
cache ownership or permissions, now writes a temporary ticket cache in
the same directory, sets its ownership and permissions, and then
replaces the existing cache with an atomic rename. It also sets
permissions properly if it has to reauthenticate after backgrounding
itself. This closes two windows where the cache may not be accessible
to the program using it if k5start were in the middle of refreshing
it. Thanks to Harry Coin for the report.
Russ Allbery [Thu, 29 Dec 2011 08:02:49 +0000 (00:02 -0800)]
Add proper verification of -H and -K options
Copy the convert_number function from util/perms.c into framework.c
and use it in k5start and krenew to check the argument to -H and
-K. Add a test for error handling that currently only tests the
command-line option validation.
Russ Allbery [Thu, 29 Dec 2011 06:53:25 +0000 (22:53 -0800)]
Convert k5start to the new framework, fix error handling behavior
Convert k5start to use a shared framework with krenew, removing lots
of duplicate code. Fix error handling behavior so that k5start as a
daemon continues running even if it fails to obtain credentials.
Russ Allbery [Wed, 28 Dec 2011 19:42:27 +0000 (11:42 -0800)]
Rewrite krenew to use a new generic framework
The new framework will be used for both k5start and krenew and
refactors the common code between them, including the infrastructure
for running commands and running as a daemon.
Clean up handling of when to exit on errors. krenew now defaults
to remaining running if there's an error in contacting the KDC or
storing the new credentials, only exiting by default if the renewable
lifetime has expired or if the ticket cache has disappeared. -i can
still be used to keep it running in those cases as well. However,
without -i, it will always exit if the initial authentication fails.
krenew now removes any PID files that it writes on exit, and is better
about removing a copied ticket cache on exit.
Russ Allbery [Tue, 27 Dec 2011 18:15:54 +0000 (10:15 -0800)]
Remove k4start
Remove k4start from the distribution. I no longer have a Kerberos v4
environment with which to test and therefore no way to refactor and
restructure the code for other changes to the package. Users who
still need k4start should use an older version of the package.
Russ Allbery [Tue, 27 Dec 2011 17:57:48 +0000 (09:57 -0800)]
Update to rra-c-util 4.0
Update the included kafs library to the version from rra-c-util 4.0,
adding support for Mac OS X and Solaris 11.
* Build on systems where krb5/krb5.h exists but krb5.h does not.
* Build with OpenBSD Heimdal where there is no separate roken library.
* Kerberos probes no longer assume transitive library dependencies.
* Fix removal of /usr/include from Kerberos CPPFLAGS.
* Add notices to all files copied from rra-c-util.
* Fix replacement of krb5_free_error_message.
* Support older Heimdal with no-context krb5_get_init_creds_opt_free.
* Improve probe for krb5_kt_free_entry.
* Fix use of long long, where available, in replacement mkstemp.
* Include strings.h where present for more POSIX string functions.
* Use typedef for a missing sig_atomic_t.
* Avoid passing a NULL context to krb5_get_error_message.
* Fix integer data types in the messages utility library.
* Use configure-detected aklog path in the test suite.
* Add replacement for a missing strndup (such as on Mac OS X).
* Add tests for messages-krb5 utility functions.
* Update compiler warning flags for make warnings to gcc 4.6.1.
Russ Allbery [Tue, 27 Dec 2011 17:18:09 +0000 (09:18 -0800)]
Update to C TAP Harness 1.9
* Add a usage message and -h option to runtests.
* Honor -s and SOURCE in runtests even if BUILD is not set.
* Improve test summary at the end of a C test case.
* Flush stderr before printing TAP output.
* Improve portability of output functions in the shell libtap.sh.
* Add notices to all files copied from C TAP Harness.
Send an explicit SIGCHLD to the k5start job, and then run through
a SIGSTOP/SIGCONT cycle with some delays to ensure that the SIGCHLD
interruption was already seen. Enable the test by default.
Andy Cobaugh [Mon, 29 Mar 2010 22:35:30 +0000 (15:35 -0700)]
Update spec file for 3.16 and fix some problems
Update the RPM spec file to the 3.16 release. Use %{dist} in Release as
the old method of reading redhat-release doesn't work on distros like
centos and fedora. It also now correctly requires krb5-libs instead of
krb5-workstation.
Russ Allbery [Thu, 4 Feb 2010 00:55:41 +0000 (16:55 -0800)]
Reverse the direction of the krb5_free_unparsed_name probe
If krb5_xfree exists, use it, even if krb5_free_unparsed_name also exists.
This avoids a deprecation warning from Heimdal, which provides the latter
function but doesn't prefer it.
Russ Allbery [Thu, 4 Feb 2010 00:13:51 +0000 (16:13 -0800)]
Diagnose -U/-u/-i conflicts and use krb5_free_unparsed_name
Diagnose the nonsensical combination of -U and -u or -i options in
k5start and report an error rather than ignoring -u and appending the
instance from -i onto the principal obtained via -U.
Provide krb5_free_unparsed_name in terms of krb5_xfree for Heimdal.
Call krb5_free_unparsed_name to free the results of krb5_unparse_name
instead of just calling free. This probably will never matter on UNIX,
but it's correct coding style.
Russ Allbery [Thu, 4 Feb 2010 00:03:46 +0000 (16:03 -0800)]
Refactor Kerberos portability into a new portability layer
Move the #ifdefs out of the main code and instead provide a Kerberos
portability layer that exposes roughly the Heimdal API. Then call that
layer uniformly throughout the rest of the code.
Russ Allbery [Wed, 20 Jan 2010 01:34:31 +0000 (17:34 -0800)]
Skip the xmalloc tests unless RRA_MAINTAINER_TESTS is set
All of the failures in automated testing have been problems with the
assumptions around memory allocation or problems with the test suite, not
problems with the underlying xmalloc code.
Russ Allbery [Tue, 19 Jan 2010 04:33:43 +0000 (20:33 -0800)]
Update to rra-c-util 2.2
* Add GCC function attributes alloc_size, malloc, and nonnull.
* Use AC_TYPE_LONG_LONG_INT instead of AC_CHECK_TYPES([long long]).
Also split up util/util.h into separate header files for each set of
functions and add similar header files for the functions that are
unique to this package.
Add some missing krb5.h includes that were masked by includes in other
header files.
Russ Allbery [Tue, 19 Jan 2010 02:51:18 +0000 (18:51 -0800)]
Use a better test for how to get the realm
Now that I know about krb5_principal_get_realm, don't probe for the
krb5_realm type, just for that function. We assume that Heimdal has
that function; it looks like it's been there since around 0.4.
Russ Allbery [Tue, 19 Jan 2010 02:42:05 +0000 (18:42 -0800)]
Fix the test suite to pass with Heimdal user space
Heimdal's klist has a different output format. Update the horrible
regexes that parse the klist output to allow for either output format.
We should probably be building our own klist equivalent for testing.
Russ Allbery [Tue, 19 Jan 2010 02:19:50 +0000 (18:19 -0800)]
Avoid Heimdal functions marked as deprecated
Use krb5_principal_get_realm instead of krb5_princ_realm, which
also simplifies the logic. Add appropriate const markings.
Use krb5_get_init_creds_opt_alloc if available instead of using a
static structure and calling _opt_init. Always allocate new memory
for the krb5_get_init_creds_opt structure, even if _opt_alloc isn't
available, and store a pointer in the options struct instead of the
struct itself.
Russ Allbery [Tue, 19 Jan 2010 00:16:28 +0000 (16:16 -0800)]
Mention PAG support in -h output if compiled in
k5start and krenew now say, in -h output, if they will attempt to
create a new AFS PAG for commands run in combination with -t (enabled
by --enable-setpag), allowing one to determine whether that support
was compiled in.
Russ Allbery [Tue, 19 Jan 2010 00:12:03 +0000 (16:12 -0800)]
Define HAVE_KAFS if built with any sort of AFS support
AFS support may result in a wide variety of different #defines depending
on what's available, and kafs/kafs.h already untangles them. Export from
it a simple HAVE_KAFS define that's set only if some sort of AFS support
is available. This allows programs using it to, for instance, display
different help output based on whether AFS support is compiled in.
Russ Allbery [Tue, 5 Jan 2010 21:41:28 +0000 (13:41 -0800)]
Allow the argument to -k to start with FILE:
Allow the argument to -k to start with FILE: and strip off that prefix
to form the ticket cache name. -k still forces its argument to be a
file-based cache, however; FILE: is the only cache type designator
supported. Use the KRB5CCNAME environment variable for other ticket
cache types.
Russ Allbery [Tue, 5 Jan 2010 21:39:48 +0000 (13:39 -0800)]
Fix segfault when -o is used without -k in k5start
Correctly set the ticket cache path in k5start when the -k option was
not given, fixing a NULL pointer dereference when the -o, -g, or -m
options were given without -k.
Russ Allbery [Sat, 15 Aug 2009 21:05:46 +0000 (14:05 -0700)]
Clean up in the kafs test suite even if skipping everything
When AFS support isn't available or built, we were still creating
basic-output and basic-errors but not removing them. Fix that and
add -f to the rm commands so that they don't fail if the files
don't exist for some reason.
Russ Allbery [Sat, 15 Aug 2009 02:33:46 +0000 (19:33 -0700)]
Fix the help string for --with-krb4
When Kerberos v4 support is optional, --with-krb4's help string didn't
show the brackets around =DIR properly because the Autoconf quadragraphs
were written incorrectly.
Russ Allbery [Sat, 15 Aug 2009 02:32:19 +0000 (19:32 -0700)]
Remove use of RETSIGTYPE
All systems that use a return type of other than void for signal handlers
are long since dead, so use void unconditionally. Fixes compilation
errors that began when I removed the Autoconf test from configure.ac.
Russ Allbery [Sat, 15 Aug 2009 02:29:02 +0000 (19:29 -0700)]
Update kafs replacement code and Autoconf probes from rra-c-util
The kafs code is now in a kafs directory instead of in portable and uses
an Automake conditional instead of AC_LIBOBJ to add it to the compilation.
The Autoconf code now follows my normal Autoconf coding style, including
separate --with-*-include and --with-*-lib configure options for libkafs
and the AFS libraries (if needed). The kafs replacement also now has a
test suite.
Russ Allbery [Thu, 6 Aug 2009 22:59:41 +0000 (15:59 -0700)]
Choose whether to build k4start based on the presence of libraries
k4start is now built optionally based on whether Kerberos v4 libraries
are available, removing the need for --disable-k4start if no Kerberos
v4 libraries are present. The option is still supported to explicitly
disable building k4start even if Kerberos v4 libraries are found.
Russ Allbery [Thu, 6 Aug 2009 22:57:10 +0000 (15:57 -0700)]
Rewrite Kerberos v4 configure probes
Rewrite the configure probes for Kerberos v4 to use the same style as
the Kerberos v5 configure probes. Among the improvements are falling
back on direct library probing if the results of krb5-config fail, the
addition of --with-krb4-include and --with-krb4-lib flags, and support
for probing for optional Kerberos v4 libraries.
Use plan skip_all instead of skipping every test individually when
configuration required for running any tests is missing. With the
current version of runtests, this produces more informative output.
Use BAIL_OUT instead of die in Test::More Perl scripts, which will
include the error message in the summary output from runtests.
Check whether k4start was even built before attempting any k4start
tests.
Make the test suite more robust against timing issues
Fix some timing issues with the test suite that caused spurious
failures on fast systems and try to make it more robust in the face of
different process scheduling. This probably still isn't perfect.
Also fix some lingering test suite problems from the new runtests and
builddir != srcdir support.
Simplify test suite code for new C TAP Harness features
Use the BUILD and SOURCE environment variables from C TAP Harness
and avoid doing Autoconf substitutions in any of the test suite
programs. Remove the Automake code for copying the test suite into
the build directory.
Support aspell for spelling tests and skip them by default
Update the test case for POD spelling to the current version from
C TAP Harness and skip tests unless RRA_MAINTAINER_TESTS is enabled.
Support and prefer using aspell for spell checking. Reword wakeup to
a better phrase in the POD documentation, caught by aspell.
Move generation of the man pages via pod2man to autogen from the makefile.
Distribute man pages by using dist_man_MANS, which reduces the number of
files we have to list in EXTRA_DIST. Use set -e in autogen.
Remove the configure.ac probe for the return type of signal. All
platforms still likely to be in use return void and the Autoconf
manual now recommends returning void unconditionally.
Remove portable/time.h and AC_HEADER_TIME from configure.ac. This macro
is considered obsolete, since all systems requiring protection from
including sys/time.h and time.h at the same time are long-dead. Instead
include time.h unconditionally and sys/time.h conditionally in each C
file that was previously including portable/time.h.