| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Signed-off-by: Günther Deschner <gdeschner@redhat.com>
|
|
|
|
| |
Signed-off-by: Günther Deschner <gdeschner@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add tests for non-anonymous PKINIT:
* FILE: with no password
* FILE: with a password
* DIR: with no password
* DIR: with a password
* PKCS12: with no password
* PKCS12: with a password
* PKCS11: with a password, if soft-pkcs11.so is found via ctypes
[ghudson@mit.edu: reformatted to 79 columns; removed intermediate
success() calls]
|
|
|
|
| |
[ghudson@mit.edu: reformatted to limit lines to 79 columns]
|
|
|
|
|
|
|
|
| |
If the context's default ccache name is a subsidiary file of a
directory collection, include that single cache in the cursor walk
over the DIR type.
ticket: 7172
|
|
|
|
|
|
| |
The addition of the KRB5_PADATA_AS_CHECKSUM macro in d7d74867952f caused
the doxygen bridge to emit a new RST file. This file was not included in
the API reference toctree, causing a build failure in maintainer-mode.
|
|
|
|
|
| |
Mostly, based on
http://www.iana.org/assignments/kerberos-parameters/kerberos-parameters.xml
|
|
|
|
|
| |
Replace numeric value '132' by the macro KRB5_PADATA_AS_CHECKSUM
in preauth plugin.
|
|
|
|
|
|
|
|
|
|
|
|
| |
An RFC 6113 KrbFastReq contains a padata sequence and a KDC-REQ-BODY,
neither of which contain the msg-type field found in a KDC-REQ. So
when we decode the FAST request, the resulting krb5_kdc_req structure
has a msg_type of 0. Copy msg_type from the outer body, since we make
use of it in further KDC processing.
ticket: 7605 (new)
target_version: 1.11.3
tags: pullup
|
|
|
|
|
|
|
|
|
|
| |
Allow configuration to override the default dh_min_bits of 2048 to
1024. Disallow configuration of dh_min_bits < 1024, but continue to
default to 2048.
ticket: 7602
target_version: 1.11.3
tags: pullup
|
|
|
|
|
|
|
|
|
|
| |
Change pkinit_check_dh_params() to take two DH* parameters, and only
compare p and g, because q is fully determined by them and might be
missing.
Also refactor some parameter checks into check_dh_wellknown() that
were previously done separately in the pkinit_process_td_dh_params()
and server_check_dh().
|
|
|
|
|
|
|
|
|
| |
Some implementations don't send the required Q value in dh_params, so
allow it to be absent.
ticket: 7596
target_version: 1.11.3
tags: pullup
|
| |
|
|
|
|
|
| |
It's a lot of code, and trace logging should cover most of the cases
where it's useful.
|
|
|
|
|
|
|
|
|
|
|
| |
Wait ten seconds for a TCP connection to succeed or fail before moving
on. During this wait time, other TCP connections will be serviced if
we already initiated them, but no new TCP connections will be created
and no UDP packets will be retransmitted.
[ghudson@mit.edu: minor adjustments; commit message]
ticket: 7604 (new)
|
|
|
|
|
|
|
|
|
|
| |
Replace the end_time field of struct select_state with an endtime
argument to cm_select_or_poll, expressed in milliseconds since the
epoch. Add a helper function to get the current time in that format.
Use a millisecond interval argument to service_fds for consistency.
[ghudson@mit.edu: fix overflow issue in get_curtime_ms; service_fds
interval argument change; log message]
|
|
|
|
|
|
|
|
|
|
|
| |
Since net-server.c now uses libverto, only sendto_kdc.c consumes cm.c.
Move stuff out of cm.c and cm.h into sendto_kdc.c and get rid of them.
Change the sendto_kdc callback (used by chpw.c) to receive the socket
descriptor instead of the entire conn_state structure, and move the
declarations into os-proto.h. struct remote_address also needs to be
in os-proto.h so that trace.c and t_trace.c can use it. k5_curtime
isn't needed since k5-platform.h now guarantees the presence of
gettimeofday().
|
|
|
|
|
|
|
| |
In struct conn_state, collect together the fields for the remote
address and put them in a substructure. Pass this substructure to
trace logging macros instead of the entire conn_state structure, so
that trace.c doesn't have to know about the whole structure.
|
|
|
|
| |
Avoid or notice truncations, rather than letting them happen silently.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since krb5 1.3, krb5_get_host_realm (and therefore
krb5_sname_to_principal) has refused hostnames which appear to be
numeric addresses--with the exception of 1.6, which was ignoring
errors from clean_hostname. In specialized environments, it may be
desirable to use IP addresses in service principal names, and there's
no compelling reason for us to get in the way of that.
Move the numeric address check out of k5_clean_hostname into a new
helper function, and simply skip the domain-based mechanisms if it
returns true. Factor out the [domain_realm] search into a second new
helper function to make it easier to skip.
ticket: 7603 (new)
|
|
|
|
|
| |
Bring this file up to date with current coding style. No functional
changes, except some trace logs were removed.
|
|
|
|
|
|
|
|
| |
After k5memdup0 was slightly modified in
31124ffb81e8c0935403a9fdc169dead5ecaa777, some older versions of gcc
complain about outpos being possibly used before it is initialized.
This can't actually happen, but we can silence the error and also
simplify how outpos is initialized.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
By a strict reading of the C standard, memcpy and memcmp have
undefined behavior if their pointer arguments aren't valid object
pointers, even if the length argument is 0. Compilers are becoming
more aggressive about breaking code with undefined behavior, so we
should try to avoid it when possible.
In a krb5_data object, we frequently use NULL as the data value when
the length is 0. Accordingly, we should avoid copying from or
comparing the data field of a length-0 krb5_data object. Add checks
to our wrapper functions (like data_eq and k5_memdup) and to code
which works with possibly-empty krb5_data objects. In a few places,
use wrapper functions to simplify the code rather than adding checks.
|
|
|
|
|
| |
For conciseness, directly use fields of krb5_principal objects instead
of using the accessor macros.
|
|
|
|
|
|
| |
Don't just build it.
ticket: 7601
|
|
|
|
| |
Also some other small changes and the copyright date range.
|
|
|
|
| |
Missed when converting the old nroff man pages.
|
|
|
|
| |
Otherwise they escape into the release tarball.
|
|
|
|
|
| |
Correctly check whether the next argument is NULL in the while loop
which parses store elements.
|
|
|
|
|
|
|
| |
Add an API to duplicate keytab handles, mirroring krb5_cc_dup. Use it
to simplify the krb5 GSS acquire_cred code.
ticket: 7599 (new)
|
|
|
|
|
|
|
|
| |
Modify t_credstore.c to be more flexible and adjust t_gssapi.py
accordingly. Add a test to t_client_keytab.py which acquire creds
using a programmatically specified client keytab.
ticket: 7598
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The new credential store extensions added support for specifying a
specific ccache name and also a specific keytab to be used for accepting
security contexts, but did not add a way to specify a client keytab
to be used in conjunction with the Keytab initiation support added also
in 1.11
This patch introduces a new URN named client_keytab through which a
specific client_keytab can be set when calling gss_acquire_cred_from()
and Keytab Initiation will use that keytab to initialize credentials.
[ghudson@mit.edu: minor C style fix]
ticket: 7598 (new)
|
|
|
|
| |
Obtained from Debian.
|
| |
|
| |
|
|
|
|
|
| |
Get rid of unnecessary null checks before freeing values in
libkrb5support's plugin code.
|
| |
|
| |
|
|
|
|
|
|
| |
fclose() might overwrite the errno value from fprintf, causing us to
return success when we shouldn't. Record the errno value at the time
of the fprintf failure.
|
|
|
|
|
|
| |
There's no need to check whether the file exists and is readable
before opening it, and setting an extended error message which is just
strerror_r() of the errno value isn't useful.
|
|
|
|
|
|
| |
Use empty_data(), alloc_data(), and make_data() in some appropriate
places. This has the side effect of initializing the krb5_data magic
field, which can placate debugging tools.
|
|
|
|
|
|
| |
In krb5int_dk_cmac_encrypt, cksum wasn't used. In
krb5int_dk_cmac_decrypt, cksum needs to be initialized since we clean
it up.
|
|
|
|
| |
entry must be initialized before all code which can jump to cleanup.
|
|
|
|
|
| |
Initialize policy_dn in krb5_ldap_create_password_policy; free values
unconditionally in all ldap_pwd_policy.c cleanup handlers.
|
| |
|
|
|
|
|
| |
Initialize policy_dn since we clean it up. Also free it
unconditionally.
|
|
|
|
|
| |
For easier static analysis, make sure that krb5_decode_princ_entry
always sets *entry_ptr to a valid entry or NULL.
|
| |
|
|
|
|
|
| |
If we fail to allocate setptr, don't close ret, since we've already
done so.
|
|
|
|
|
| |
If we fail to get the client principal when constructing the
stack-allocated creds structure, don't double-free creds.server.
|