Update includedir processing to match upstream
This commit is contained in:
parent
6e3058a9c5
commit
6dd406494d
@ -1,4 +1,4 @@
|
||||
From dd66546bde0bc868a9af2ac702c7466e7494b33b Mon Sep 17 00:00:00 2001
|
||||
From dff5177801444307d19071fc4fac7de864fda92a Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Sat, 13 Jun 2015 16:04:53 -0400
|
||||
Subject: [PATCH] Add ASN.1 encoders and decoders for SPAKE types
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 9f69b78a93de5ae396eb96d2957f36f8b9dc7458 Mon Sep 17 00:00:00 2001
|
||||
From c93112a19f73b9a984cabd320129ee8f70cb4823 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Mon, 12 Mar 2018 11:31:46 -0400
|
||||
Subject: [PATCH] Add PKINIT KDC support for freshness token
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 0bc035db40c5badae3cc00f452560785a0cb0a44 Mon Sep 17 00:00:00 2001
|
||||
From 5edc6de93196b4f07da6695a4b271a067000c84d Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Tue, 31 Jan 2017 17:02:34 -0500
|
||||
Subject: [PATCH] Add PKINIT client support for freshness token
|
||||
|
@ -1,4 +1,4 @@
|
||||
From b054d1d29e676600abd6fdd7a67a283c3c011f95 Mon Sep 17 00:00:00 2001
|
||||
From f8f2cff0aba6ea7dd9b5fef89549aaff36ce4fee Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Fri, 25 Sep 2015 17:47:35 -0400
|
||||
Subject: [PATCH] Add SPAKE preauth support
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 0ff94a373749e83fb9c2c5c6fa6d5788b2b63460 Mon Sep 17 00:00:00 2001
|
||||
From c891e4bc54c8083a1af8d28aa9b12ab1177ebb9a Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Tue, 27 Mar 2018 00:49:43 -0400
|
||||
Subject: [PATCH] Add doc index entries for SPAKE constants
|
||||
|
@ -1,4 +1,4 @@
|
||||
From f2402ea18c8587dab261cd724ef62fd7f6bcc8ec Mon Sep 17 00:00:00 2001
|
||||
From 74e1079df0cc6e8932e487455177a69f782b863a Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Thu, 4 Jan 2018 14:35:12 -0500
|
||||
Subject: [PATCH] Add k5_buf_add_vfmt to k5buf interface
|
||||
|
222
Add-k5_dir_filenames-to-libkrb5support.patch
Normal file
222
Add-k5_dir_filenames-to-libkrb5support.patch
Normal file
@ -0,0 +1,222 @@
|
||||
From 9010a0dbf59771cb0a9c1e6fd5a18a92a1200ca7 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Tue, 5 Jun 2018 14:01:05 -0400
|
||||
Subject: [PATCH] Add k5_dir_filenames() to libkrb5support
|
||||
|
||||
Add a support function to get a list of filenames from a directory in
|
||||
sorted order.
|
||||
|
||||
(cherry picked from commit 27534121eb39089ff4335d8b465027e9ba783682)
|
||||
---
|
||||
src/include/k5-platform.h | 7 +
|
||||
src/util/support/Makefile.in | 3 +
|
||||
src/util/support/dir_filenames.c | 135 ++++++++++++++++++
|
||||
src/util/support/libkrb5support-fixed.exports | 2 +
|
||||
4 files changed, 147 insertions(+)
|
||||
create mode 100644 src/util/support/dir_filenames.c
|
||||
|
||||
diff --git a/src/include/k5-platform.h b/src/include/k5-platform.h
|
||||
index 07ef6a4ca..763408a09 100644
|
||||
--- a/src/include/k5-platform.h
|
||||
+++ b/src/include/k5-platform.h
|
||||
@@ -44,6 +44,8 @@
|
||||
* + constant time memory comparison
|
||||
* + path manipulation
|
||||
* + _, N_, dgettext, bindtextdomain (for localization)
|
||||
+ * + getopt_long
|
||||
+ * + fetching filenames from a directory
|
||||
*/
|
||||
|
||||
#ifndef K5_PLATFORM_H
|
||||
@@ -1148,4 +1150,9 @@ extern int k5_getopt_long(int nargc, char **nargv, char *options,
|
||||
#define getopt_long k5_getopt_long
|
||||
#endif /* HAVE_GETOPT_LONG */
|
||||
|
||||
+/* Set *fnames_out to a null-terminated list of filenames within dirname,
|
||||
+ * sorted according to strcmp(). Return 0 on success, or ENOENT/ENOMEM. */
|
||||
+int k5_dir_filenames(const char *dirname, char ***fnames_out);
|
||||
+void k5_free_filenames(char **fnames);
|
||||
+
|
||||
#endif /* K5_PLATFORM_H */
|
||||
diff --git a/src/util/support/Makefile.in b/src/util/support/Makefile.in
|
||||
index caaf15822..4715e0391 100644
|
||||
--- a/src/util/support/Makefile.in
|
||||
+++ b/src/util/support/Makefile.in
|
||||
@@ -85,6 +85,7 @@ STLIBOBJS= \
|
||||
hex.o \
|
||||
bcmp.o \
|
||||
strerror_r.o \
|
||||
+ dir_filenames.o \
|
||||
$(GETTIMEOFDAY_ST_OBJ) \
|
||||
$(IPC_ST_OBJ) \
|
||||
$(STRLCPY_ST_OBJ) \
|
||||
@@ -111,6 +112,7 @@ LIBOBJS= \
|
||||
$(OUTPRE)hex.$(OBJEXT) \
|
||||
$(OUTPRE)bcmp.$(OBJEXT) \
|
||||
$(OUTPRE)strerror_r.$(OBJEXT) \
|
||||
+ $(OUTPRE)dir_filenames.$(OBJEXT) \
|
||||
$(GETTIMEOFDAY_OBJ) \
|
||||
$(IPC_OBJ) \
|
||||
$(STRLCPY_OBJ) \
|
||||
@@ -147,6 +149,7 @@ SRCS=\
|
||||
$(srcdir)/hex.c \
|
||||
$(srcdir)/bcmp.c \
|
||||
$(srcdir)/strerror_r.c \
|
||||
+ $(srcdir)/dir_filenames.c \
|
||||
$(srcdir)/t_utf8.c \
|
||||
$(srcdir)/t_utf16.c \
|
||||
$(srcdir)/getopt.c \
|
||||
diff --git a/src/util/support/dir_filenames.c b/src/util/support/dir_filenames.c
|
||||
new file mode 100644
|
||||
index 000000000..9312b0238
|
||||
--- /dev/null
|
||||
+++ b/src/util/support/dir_filenames.c
|
||||
@@ -0,0 +1,135 @@
|
||||
+/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
|
||||
+/* util/support/dir_filenames.c - fetch filenames in a directory */
|
||||
+/*
|
||||
+ * Copyright (C) 2018 by the Massachusetts Institute of Technology.
|
||||
+ * All rights reserved.
|
||||
+ *
|
||||
+ * Redistribution and use in source and binary forms, with or without
|
||||
+ * modification, are permitted provided that the following conditions
|
||||
+ * are met:
|
||||
+ *
|
||||
+ * * Redistributions of source code must retain the above copyright
|
||||
+ * notice, this list of conditions and the following disclaimer.
|
||||
+ *
|
||||
+ * * Redistributions in binary form must reproduce the above copyright
|
||||
+ * notice, this list of conditions and the following disclaimer in
|
||||
+ * the documentation and/or other materials provided with the
|
||||
+ * distribution.
|
||||
+ *
|
||||
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||||
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||||
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
|
||||
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
||||
+ * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
|
||||
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
||||
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
||||
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
||||
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
||||
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
||||
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||
+ */
|
||||
+
|
||||
+#include "k5-platform.h"
|
||||
+
|
||||
+void
|
||||
+k5_free_filenames(char **fnames)
|
||||
+{
|
||||
+ char **fn;
|
||||
+
|
||||
+ for (fn = fnames; fn != NULL && *fn != NULL; fn++)
|
||||
+ free(*fn);
|
||||
+ free(fnames);
|
||||
+}
|
||||
+
|
||||
+/* Resize the filename list and add a name. */
|
||||
+static int
|
||||
+add_filename(char ***fnames, int *n_fnames, const char *name)
|
||||
+{
|
||||
+ char **newlist;
|
||||
+
|
||||
+ newlist = realloc(*fnames, (*n_fnames + 2) * sizeof(*newlist));
|
||||
+ if (newlist == NULL)
|
||||
+ return ENOMEM;
|
||||
+ *fnames = newlist;
|
||||
+ newlist[*n_fnames] = strdup(name);
|
||||
+ if (newlist[*n_fnames] == NULL)
|
||||
+ return ENOMEM;
|
||||
+ (*n_fnames)++;
|
||||
+ newlist[*n_fnames] = NULL;
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+static int
|
||||
+compare_with_strcmp(const void *a, const void *b)
|
||||
+{
|
||||
+ return strcmp(*(char **)a, *(char **)b);
|
||||
+}
|
||||
+
|
||||
+#ifdef _WIN32
|
||||
+
|
||||
+int
|
||||
+k5_dir_filenames(const char *dirname, char ***fnames_out)
|
||||
+{
|
||||
+ char *wildcard;
|
||||
+ WIN32_FIND_DATA ffd;
|
||||
+ HANDLE handle;
|
||||
+ char **fnames = NULL;
|
||||
+ int n_fnames = 0;
|
||||
+
|
||||
+ *fnames_out = NULL;
|
||||
+
|
||||
+ if (asprintf(&wildcard, "%s\\*", dirname) < 0)
|
||||
+ return ENOMEM;
|
||||
+ handle = FindFirstFile(wildcard, &ffd);
|
||||
+ free(wildcard);
|
||||
+ if (handle == INVALID_HANDLE_VALUE)
|
||||
+ return ENOENT;
|
||||
+
|
||||
+ do {
|
||||
+ if (add_filename(&fnames, &n_fnames, &ffd.cFileName) != 0) {
|
||||
+ k5_free_filenames(fnames);
|
||||
+ FindClose(handle);
|
||||
+ return ENOMEM;
|
||||
+ }
|
||||
+ } while (FindNextFile(handle, &ffd) != 0);
|
||||
+
|
||||
+ FindClose(handle);
|
||||
+ qsort(fnames, n_fnames, sizeof(*fnames), compare_with_strcmp);
|
||||
+ *fnames_out = fnames;
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+#else /* _WIN32 */
|
||||
+
|
||||
+#include <dirent.h>
|
||||
+
|
||||
+int
|
||||
+k5_dir_filenames(const char *dirname, char ***fnames_out)
|
||||
+{
|
||||
+ DIR *dir;
|
||||
+ struct dirent *ent;
|
||||
+ char **fnames = NULL;
|
||||
+ int n_fnames = 0;
|
||||
+
|
||||
+ *fnames_out = NULL;
|
||||
+
|
||||
+ dir = opendir(dirname);
|
||||
+ if (dir == NULL)
|
||||
+ return ENOENT;
|
||||
+
|
||||
+ while ((ent = readdir(dir)) != NULL) {
|
||||
+ if (add_filename(&fnames, &n_fnames, ent->d_name) != 0) {
|
||||
+ k5_free_filenames(fnames);
|
||||
+ closedir(dir);
|
||||
+ return ENOMEM;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ closedir(dir);
|
||||
+ qsort(fnames, n_fnames, sizeof(*fnames), compare_with_strcmp);
|
||||
+ *fnames_out = fnames;
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+#endif /* not _WIN32 */
|
||||
diff --git a/src/util/support/libkrb5support-fixed.exports b/src/util/support/libkrb5support-fixed.exports
|
||||
index a5e2ade04..16ed5a6c1 100644
|
||||
--- a/src/util/support/libkrb5support-fixed.exports
|
||||
+++ b/src/util/support/libkrb5support-fixed.exports
|
||||
@@ -58,6 +58,8 @@ k5_path_split
|
||||
k5_strerror_r
|
||||
k5_utf8_to_utf16le
|
||||
k5_utf16le_to_utf8
|
||||
+k5_dir_filenames
|
||||
+k5_free_filenames
|
||||
krb5int_key_register
|
||||
krb5int_key_delete
|
||||
krb5int_getspecific
|
@ -1,4 +1,4 @@
|
||||
From c8992ad9dc0c7fc4d8bec3b9ecb129fe587d615e Mon Sep 17 00:00:00 2001
|
||||
From 507b1aff60fdadc91ca7c56d39711049aeeb1e58 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Mon, 19 Feb 2018 00:51:44 -0500
|
||||
Subject: [PATCH] Add libkrb5support hex functions and tests
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 5ed0331bd6bfd39b9c5ca40ec38d536221118998 Mon Sep 17 00:00:00 2001
|
||||
From f8b14b92cc4c82578f8fc56dd1fddebe88120769 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Sat, 3 Feb 2018 20:53:42 -0500
|
||||
Subject: [PATCH] Add vector support to k5_sha256()
|
||||
|
@ -1,4 +1,4 @@
|
||||
From c98a6fc929b80dd8d221314e31903a9d5ee56295 Mon Sep 17 00:00:00 2001
|
||||
From 2b9e79d58b28196dba5f7d3ff2f32ca577444ddc Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Sat, 31 Mar 2018 10:43:49 -0400
|
||||
Subject: [PATCH] Be more careful asking for AS key in SPAKE client
|
||||
|
@ -1,4 +1,4 @@
|
||||
From cb8f31e6bbf72e207b428d52c2fd9ed719bbec4f Mon Sep 17 00:00:00 2001
|
||||
From 3bfe632c7011c335362d78356232507d9ee26f73 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Wed, 14 Mar 2018 14:31:22 -0400
|
||||
Subject: [PATCH] Exit with status 0 from kadmind
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 3ea258c813de4c55a8979f019b716422b998e231 Mon Sep 17 00:00:00 2001
|
||||
From 390c515e13dffc8c00b44623cba47e27c2f20cf7 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Tue, 27 Mar 2018 10:36:05 -0400
|
||||
Subject: [PATCH] Fix SPAKE memory leak
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 6b8f7371e49c3aa636871bb4e2ea2d2e86c743de Mon Sep 17 00:00:00 2001
|
||||
From 8b898badbe8051270c6da96f5c15f3bc8b6d974e Mon Sep 17 00:00:00 2001
|
||||
From: Sumit Bose <sbose@redhat.com>
|
||||
Date: Fri, 26 Jan 2018 11:47:50 -0500
|
||||
Subject: [PATCH] Fix hex conversion of PKINIT certid strings
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 20c25d4a2f78d8ab33d4879e1cf843e1fdb8a20b Mon Sep 17 00:00:00 2001
|
||||
From 59a28991e15496e6f9cf867c32dc18e7e1062f59 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Thu, 15 Mar 2018 20:27:30 -0400
|
||||
Subject: [PATCH] Fix read overflow in KDC sort_pa_data()
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 9c9ff189c16b16f848f2e85c1d262f12c6d5e922 Mon Sep 17 00:00:00 2001
|
||||
From e405f42b532e377e7e3d654313a07f8c11f48f9a Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Wed, 3 Jan 2018 12:06:08 -0500
|
||||
Subject: [PATCH] Fix securid_sam2 preauth for non-default salt
|
||||
|
@ -1,4 +1,4 @@
|
||||
From d134cd489a6841f510b3efdf4ddcb283493655f0 Mon Sep 17 00:00:00 2001
|
||||
From 617d153bb32d0bd7db33ccec21043d1113651f3a Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Wed, 18 Apr 2018 14:13:28 -0400
|
||||
Subject: [PATCH] Fix segfault in finish_dispatch()
|
||||
|
@ -1,4 +1,4 @@
|
||||
From e6945eee571b0ff776270dea52fb051b62aedabd Mon Sep 17 00:00:00 2001
|
||||
From 3d651a6e234bed4c4d4865a56c5fa47dab89a5a6 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Mon, 26 Mar 2018 11:12:39 -0400
|
||||
Subject: [PATCH] Implement k5_buf_init_dynamic_zap
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 6f883193ddb63da0f29977e3b95a663321404546 Mon Sep 17 00:00:00 2001
|
||||
From bbc68d1657306a61a7646dd7b9690f67705e24be Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Wed, 3 Jan 2018 11:59:14 -0500
|
||||
Subject: [PATCH] Include etype-info in for hardware preauth hints
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 265d00ef6bb5469b2464d7813af8c37581338385 Mon Sep 17 00:00:00 2001
|
||||
From b623881ec039bffc758f53906f7e4f9b884f1cf4 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Thu, 15 Mar 2018 14:37:28 -0400
|
||||
Subject: [PATCH] Include preauth name in trace output if possible
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 6b85df6c6f4bb0e61ba0913722317f4e2c3c23fc Mon Sep 17 00:00:00 2001
|
||||
From 9dd3a84f324979c29e8ab4b472e98dfa73e6b290 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Mon, 7 May 2018 16:42:59 -0400
|
||||
Subject: [PATCH] Log when non-root ksu authorization fails
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 56521276ff20bc05a61c6f070cb4dcab730ff6d6 Mon Sep 17 00:00:00 2001
|
||||
From ee941a490268bb045ec7e153bdf229adcd6d2f73 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Mon, 26 Mar 2018 10:54:29 -0400
|
||||
Subject: [PATCH] Move zap() definition to k5-platform.h
|
||||
|
@ -1,78 +0,0 @@
|
||||
From 88abb837d8a9ff12b71a848efbeaa9b9a009cc1f Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Mon, 29 Jan 2018 12:10:53 +0100
|
||||
Subject: [PATCH] Process included directories in alphabetical order
|
||||
|
||||
readdir() and FindFirstFile()/FindNextFile() do not define any
|
||||
ordering on the entries they return. Use sorted scandir() instead on
|
||||
Unix-likes.
|
||||
|
||||
(cherry picked from commit 4e8518baeedf376ae3e4ce302c9a138263d648df)
|
||||
---
|
||||
src/util/profile/prof_parse.c | 30 ++++++++++++++++++++----------
|
||||
1 file changed, 20 insertions(+), 10 deletions(-)
|
||||
|
||||
diff --git a/src/util/profile/prof_parse.c b/src/util/profile/prof_parse.c
|
||||
index 1baceea9e..309c27d07 100644
|
||||
--- a/src/util/profile/prof_parse.c
|
||||
+++ b/src/util/profile/prof_parse.c
|
||||
@@ -241,12 +241,18 @@ static int valid_name(const char *filename)
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
+#ifndef _WIN32
|
||||
+static int valid_name_scandir(const struct dirent *d)
|
||||
+{
|
||||
+ return valid_name(d->d_name);
|
||||
+}
|
||||
+#endif
|
||||
|
||||
/*
|
||||
* Include files within dirname. Only files with names ending in ".conf", or
|
||||
* consisting entirely of alphanumeric characters, dashes, and underscores are
|
||||
* included. This restriction avoids including editor backup files, .rpmsave
|
||||
- * files, and the like.
|
||||
+ * files, and the like. Files are processed in alphanumeric order.
|
||||
*/
|
||||
static errcode_t parse_include_dir(const char *dirname,
|
||||
struct profile_node *root_section)
|
||||
@@ -287,18 +293,19 @@ cleanup:
|
||||
|
||||
#else /* not _WIN32 */
|
||||
|
||||
- DIR *dir;
|
||||
char *pathname;
|
||||
errcode_t retval = 0;
|
||||
- struct dirent *ent;
|
||||
+ struct dirent **namelist;
|
||||
+ int num_ents, i;
|
||||
|
||||
- dir = opendir(dirname);
|
||||
- if (dir == NULL)
|
||||
+ num_ents = scandir(dirname, &namelist, &valid_name_scandir, &alphasort);
|
||||
+ if (num_ents == -1)
|
||||
return PROF_FAIL_INCLUDE_DIR;
|
||||
- while ((ent = readdir(dir)) != NULL) {
|
||||
- if (!valid_name(ent->d_name))
|
||||
- continue;
|
||||
- if (asprintf(&pathname, "%s/%s", dirname, ent->d_name) < 0) {
|
||||
+
|
||||
+ for (i = 0; i < num_ents; i++) {
|
||||
+ retval = asprintf(&pathname, "%s/%s", dirname, namelist[i]->d_name);
|
||||
+ free(namelist[i]);
|
||||
+ if (retval < 0) {
|
||||
retval = ENOMEM;
|
||||
break;
|
||||
}
|
||||
@@ -307,7 +314,10 @@ cleanup:
|
||||
if (retval)
|
||||
break;
|
||||
}
|
||||
- closedir(dir);
|
||||
+ for (i++; i < num_ents; i++)
|
||||
+ free(namelist[i]);
|
||||
+
|
||||
+ free(namelist);
|
||||
return retval;
|
||||
#endif /* not _WIN32 */
|
||||
}
|
114
Process-profile-includedir-in-sorted-order.patch
Normal file
114
Process-profile-includedir-in-sorted-order.patch
Normal file
@ -0,0 +1,114 @@
|
||||
From 5d868264bca1771aa16abbc8cc0aefb0e1750a73 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Wed, 6 Jun 2018 17:58:41 -0400
|
||||
Subject: [PATCH] Process profile includedir in sorted order
|
||||
|
||||
In the profile library, use k5_dir_filenames() so that files within an
|
||||
included directory are read in a predictable order (alphanumeric
|
||||
within the C locale).
|
||||
|
||||
ticket: 8686
|
||||
(cherry picked from commit f574eda48740ad192f51e9a382a205e2ea0e60ad)
|
||||
---
|
||||
doc/admin/conf_files/krb5_conf.rst | 4 ++-
|
||||
src/util/profile/prof_parse.c | 56 +++++-------------------------
|
||||
2 files changed, 12 insertions(+), 48 deletions(-)
|
||||
|
||||
diff --git a/doc/admin/conf_files/krb5_conf.rst b/doc/admin/conf_files/krb5_conf.rst
|
||||
index 2574e5c26..ce545492d 100644
|
||||
--- a/doc/admin/conf_files/krb5_conf.rst
|
||||
+++ b/doc/admin/conf_files/krb5_conf.rst
|
||||
@@ -60,7 +60,9 @@ alphanumeric characters, dashes, or underscores. Starting in release
|
||||
1.15, files with names ending in ".conf" are also included, unless the
|
||||
name begins with ".". Included profile files are syntactically
|
||||
independent of their parents, so each included file must begin with a
|
||||
-section header.
|
||||
+section header. Starting in release 1.17, files are read in
|
||||
+alphanumeric order; in previous releases, they may be read in any
|
||||
+order.
|
||||
|
||||
The krb5.conf file can specify that configuration should be obtained
|
||||
from a loadable module, rather than the file itself, using the
|
||||
diff --git a/src/util/profile/prof_parse.c b/src/util/profile/prof_parse.c
|
||||
index 1baceea9e..531e4a099 100644
|
||||
--- a/src/util/profile/prof_parse.c
|
||||
+++ b/src/util/profile/prof_parse.c
|
||||
@@ -246,59 +246,22 @@ static int valid_name(const char *filename)
|
||||
* Include files within dirname. Only files with names ending in ".conf", or
|
||||
* consisting entirely of alphanumeric characters, dashes, and underscores are
|
||||
* included. This restriction avoids including editor backup files, .rpmsave
|
||||
- * files, and the like.
|
||||
+ * files, and the like. Files are processed in alphanumeric order.
|
||||
*/
|
||||
static errcode_t parse_include_dir(const char *dirname,
|
||||
struct profile_node *root_section)
|
||||
{
|
||||
-#ifdef _WIN32
|
||||
- char *wildcard = NULL, *pathname;
|
||||
- WIN32_FIND_DATA ffd;
|
||||
- HANDLE handle;
|
||||
errcode_t retval = 0;
|
||||
+ char **fnames, *pathname;
|
||||
+ int i;
|
||||
|
||||
- if (asprintf(&wildcard, "%s\\*", dirname) < 0)
|
||||
- return ENOMEM;
|
||||
-
|
||||
- handle = FindFirstFile(wildcard, &ffd);
|
||||
- if (handle == INVALID_HANDLE_VALUE) {
|
||||
- retval = PROF_FAIL_INCLUDE_DIR;
|
||||
- goto cleanup;
|
||||
- }
|
||||
-
|
||||
- do {
|
||||
- if (!valid_name(ffd.cFileName))
|
||||
- continue;
|
||||
- if (asprintf(&pathname, "%s\\%s", dirname, ffd.cFileName) < 0) {
|
||||
- retval = ENOMEM;
|
||||
- break;
|
||||
- }
|
||||
- retval = parse_include_file(pathname, root_section);
|
||||
- free(pathname);
|
||||
- if (retval)
|
||||
- break;
|
||||
- } while (FindNextFile(handle, &ffd) != 0);
|
||||
-
|
||||
- FindClose(handle);
|
||||
-
|
||||
-cleanup:
|
||||
- free(wildcard);
|
||||
- return retval;
|
||||
-
|
||||
-#else /* not _WIN32 */
|
||||
-
|
||||
- DIR *dir;
|
||||
- char *pathname;
|
||||
- errcode_t retval = 0;
|
||||
- struct dirent *ent;
|
||||
-
|
||||
- dir = opendir(dirname);
|
||||
- if (dir == NULL)
|
||||
+ if (k5_dir_filenames(dirname, &fnames) != 0)
|
||||
return PROF_FAIL_INCLUDE_DIR;
|
||||
- while ((ent = readdir(dir)) != NULL) {
|
||||
- if (!valid_name(ent->d_name))
|
||||
+
|
||||
+ for (i = 0; fnames != NULL && fnames[i] != NULL; i++) {
|
||||
+ if (!valid_name(fnames[i]))
|
||||
continue;
|
||||
- if (asprintf(&pathname, "%s/%s", dirname, ent->d_name) < 0) {
|
||||
+ if (asprintf(&pathname, "%s/%s", dirname, fnames[i]) < 0) {
|
||||
retval = ENOMEM;
|
||||
break;
|
||||
}
|
||||
@@ -307,9 +270,8 @@ cleanup:
|
||||
if (retval)
|
||||
break;
|
||||
}
|
||||
- closedir(dir);
|
||||
+ k5_free_filenames(fnames);
|
||||
return retval;
|
||||
-#endif /* not _WIN32 */
|
||||
}
|
||||
|
||||
static errcode_t parse_line(char *line, struct parse_state *state,
|
@ -1,4 +1,4 @@
|
||||
From 276ecd7ba513ce0bfe5e51d6368e00476041a5b4 Mon Sep 17 00:00:00 2001
|
||||
From 7c59b7ee063489a4259c34b725728fee7e411c46 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Thu, 21 Dec 2017 11:28:52 -0500
|
||||
Subject: [PATCH] Refactor KDC krb5_pa_data utility functions
|
||||
|
@ -1,4 +1,4 @@
|
||||
From bf6ffd35be7325db3447fec9bf95b626f43b6734 Mon Sep 17 00:00:00 2001
|
||||
From 83da5675551dba13fee837adc26ce885a061dbc1 Mon Sep 17 00:00:00 2001
|
||||
From: Robbie Harwood <rharwood@redhat.com>
|
||||
Date: Thu, 3 May 2018 14:40:45 -0400
|
||||
Subject: [PATCH] Remove "-nodes" option from make-certs scripts
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 177cb167cfc151a1f58fb3e771cd29d0598f462f Mon Sep 17 00:00:00 2001
|
||||
From 3b3e31316ae247e18ea22293dffbc8f604338fa7 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Sat, 17 Mar 2018 22:47:34 -0400
|
||||
Subject: [PATCH] Report extended errors in kinit -k -t KDB:
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 1e423ec03dbd65845a4aeb8999d130d3d6a0cdd7 Mon Sep 17 00:00:00 2001
|
||||
From 70f41a8dafaadfb43aba4918564c22460f812dca Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Thu, 5 Apr 2018 16:23:34 -0400
|
||||
Subject: [PATCH] Restrict pre-authentication fallback cases
|
||||
|
@ -1,4 +1,4 @@
|
||||
From bd2f01d99b623be070c8bc8d660ca92c337147ae Mon Sep 17 00:00:00 2001
|
||||
From 65f078dfc68f5680e87e686a59970291b64ebd95 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Sun, 11 Feb 2018 15:23:35 -0500
|
||||
Subject: [PATCH] Simplify kdc_preauth.c systems table
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 0c2324e3f88f5ba3dbe7c9053017549f13e1f995 Mon Sep 17 00:00:00 2001
|
||||
From c5df16a88027d7f9b6eb53b1c3fa949d6538616b Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Mon, 26 Mar 2018 11:24:49 -0400
|
||||
Subject: [PATCH] Use k5_buf_init_dynamic_zap where appropriate
|
||||
|
@ -1,4 +1,4 @@
|
||||
From c7677e91fb406c7ec55cb115155ed0d4c5943b72 Mon Sep 17 00:00:00 2001
|
||||
From 19109505ad04efdfd70df3ee922e22bcf5a294f3 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Mon, 19 Feb 2018 00:52:35 -0500
|
||||
Subject: [PATCH] Use libkrb5support hex functions where appropriate
|
||||
|
@ -1,4 +1,4 @@
|
||||
From 6f02200464dd484641639f2cb38b775d34af4bcd Mon Sep 17 00:00:00 2001
|
||||
From 5d970e16e768a134e65ee7cf367b8f34a80e0980 Mon Sep 17 00:00:00 2001
|
||||
From: Greg Hudson <ghudson@mit.edu>
|
||||
Date: Tue, 27 Mar 2018 15:42:28 -0400
|
||||
Subject: [PATCH] Zap data when freeing krb5_spake_factor
|
||||
|
@ -18,7 +18,7 @@ Summary: The Kerberos network authentication system
|
||||
Name: krb5
|
||||
Version: 1.16.1
|
||||
# for prerelease, should be e.g., 0.% {prerelease}.1% { ?dist } (without spaces)
|
||||
Release: 3%{?dist}
|
||||
Release: 4%{?dist}
|
||||
|
||||
# lookaside-cached sources; two downloads and a build artifact
|
||||
Source0: https://web.mit.edu/kerberos/dist/krb5/1.16/krb5-%{version}%{prerelease}.tar.gz
|
||||
@ -60,7 +60,6 @@ Patch33: krb5-1.13-dirsrv-accountlock.patch
|
||||
Patch34: krb5-1.9-debuginfo.patch
|
||||
Patch35: krb5-1.11-run_user_0.patch
|
||||
Patch36: krb5-1.11-kpasswdtest.patch
|
||||
Patch37: Process-included-directories-in-alphabetical-order.patch
|
||||
Patch40: Fix-hex-conversion-of-PKINIT-certid-strings.patch
|
||||
Patch41: Exit-with-status-0-from-kadmind.patch
|
||||
Patch42: Include-etype-info-in-for-hardware-preauth-hints.patch
|
||||
@ -89,6 +88,8 @@ Patch68: Restrict-pre-authentication-fallback-cases.patch
|
||||
Patch69: Remove-nodes-option-from-make-certs-scripts.patch
|
||||
Patch70: Fix-segfault-in-finish_dispatch.patch
|
||||
Patch71: Log-when-non-root-ksu-authorization-fails.patch
|
||||
Patch72: Add-k5_dir_filenames-to-libkrb5support.patch
|
||||
Patch73: Process-profile-includedir-in-sorted-order.patch
|
||||
|
||||
License: MIT
|
||||
URL: http://web.mit.edu/kerberos/www/
|
||||
@ -740,6 +741,9 @@ exit 0
|
||||
%{_libdir}/libkadm5srv_mit.so.*
|
||||
|
||||
%changelog
|
||||
* Thu Jun 07 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-4
|
||||
- Update includedir processing to match upstream
|
||||
|
||||
* Fri Jun 01 2018 Robbie Harwood <rharwood@redhat.com> - 1.16.1-3
|
||||
- Log when non-root ksu authorization fails
|
||||
- Resolves: #1575771
|
||||
|
Loading…
Reference in New Issue
Block a user