summaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* Fix KDC heap corruption vuln [CVE-2012-1015]Tom Yu2012-08-011-0/+3
| | | | | | | | | | | | | | | | | | | | Fix KDC heap corruption vulnerability [MITKRB5-SA-2012-001 CVE-2012-1015]. The cleanup code in kdc_handle_protected_negotiation() in kdc_util.c could free an uninitialized pointer in some error conditions involving "similar" enctypes and a failure in krb5_c_make_checksum(). Additionally, adjust the handling of "similar" enctypes to avoid advertising enctypes that could lead to inadvertent triggering of this vulnerability (possibly in unpatched KDCs). Note that CVE-2012-1014 (also described in MITKRB5-SA-2012-001) only applies to the krb5-1.10 branch and doesn't affect the master branch or releases prior to krb5-1.10. ticket: 7225 (new) target_version: 1.9.5 tags: pullup
* Constify krb5_string_to_keysalts()'s string argNicolas Williams2012-07-303-12/+14
|
* Policy extensions + new policy: allowed ks typesNicolas Williams2012-07-3018-83/+504
| | | | | | | | | | | | | | | | | This simply adds KADM5_API_VERSION_4 and various fields to the policy structures: - attributes (policy-ish principal attributes) - max_life (max ticket life) - max_renewable_life (max ticket renewable life) - allowed_keysalts (allowed key/salt types) - TL data (future policy extensions) Of these only allowed_keysalts is currently implemented. Some refactoring of TL data handling is also done. ticket: 7223 (new)
* Minor fixes to expand_path.cGreg Hudson2012-07-251-35/+24
| | | | | | | Corrections to stuff noticed by kaduk: * Eliminate a space before paren in a call to free(). * Use %lu for unsigned long in format strings. * Simplify the tokens table definition.
* Support changing the built-in ccache/keytab namesGreg Hudson2012-07-244-12/+4
| | | | | | | | | | | | | | * Add DEFCCNAME, DEFKTNAME, and DEFCKTNAME configure variables to change the built-in ccache and keytab names. * Add krb5-config options to display the built-in ccache and keytab names. * In the default build, use krb5-config to discover the system's built-in ccache and keytab names and use them (if not overridden). This can be controlled with the --with-krb5-config=PATH or --without-krb5-config configure options. * Make the built-in ccache name subject to parameter expansion. ticket: 7221 (new)
* Add default_ccache_name profile variableGreg Hudson2012-07-241-1/+10
| | | | | | | Like default_keytab_name and default_client_keytab_name, default_ccache_name is subject to parameter expansion. ticket: 7220 (new)
* Rearrange ccdefname.c slightlyGreg Hudson2012-07-241-91/+53
| | | | | | | | Eliminate the USE_CCAPI variant of get_from_os() which was only used in KfM. Make get_from_os() allocate its result (wrapping the Windows implementation so it can continue to use a fixed-size buffer). Simplify krb5_cc_set_default_name() and krb5_cc_default_name(). Make some minor style adjustments.
* Add token expansion for keytab namesGreg Hudson2012-07-241-56/+44
| | | | | | | Make the default_keytab_name and default_client_keytab_name variables subject to parameter expansion. ticket: 7219 (new)
* Add internal path expansion functionsGreg Hudson2012-07-245-4/+577
| | | | | | | | Add an adapted version of Heimdal's expand_path.c, defining k5_expand_path_tokens() and k5_expand_path_tokens_extra(). These functions allow template paths like %{TEMP}/krb5cc_%{uid} to be resolved. Also add a test program to exercise the path expansion code.
* Implement credential store support in spnegoSimo Sorce2012-07-202-15/+55
|
* Implement credential store support for krb5 mechSimo Sorce2012-07-206-27/+263
|
* Introduce credential store extensionsSimo Sorce2012-07-205-32/+269
| | | | | | | | | Add new APIs gss_acquire_cred_from, gss_add_cred_from, and gss_store_cred_into, which take additional argments to specify the location of the credential storage using a key-value map, where keys are interpreted by the mechanisms. ticket: 7217 (new)
* Use internal release function in oid_ops.cSimo Sorce2012-07-181-1/+1
| | | | | In the end the internal one is called in all cases, but it seem cleaner to use the internal one instead of relying on the redirection.
* In g_oid_ops.c, remove an unneeded declarationSimo Sorce2012-07-181-3/+0
| | | | The code that used it is no longer in this file.
* krb5_stdccv3_get_principal error handling fixupKevin Wasserman2012-07-161-1/+3
| | | | | | | | | Don't treat an error returned by krb5_parse_name as a cc-internal error. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7214 (new) tags: pullup
* fix leak in cc_mslsa.cKevin Wasserman2012-07-161-0/+2
| | | | | | | | cc_name needs to be freed in krb5_lcc_close(). Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7213
* Fix macro redefinition warnings in cc_mslsa.cKevin Wasserman2012-07-161-1/+2
| | | | | | | | Include ntstatus.h and define WIN32_NO_STATUS before including winnt.h Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7213
* Implement cccol iterators for mslsaKevin Wasserman2012-07-161-7/+61
| | | | | | | | | Also implement switch_to stub Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7213 (new) tags: pullup
* MSLSA Don't use lstrcpy on ANSI stringsKevin Wasserman2012-07-161-11/+3
| | | | | | | | | Also change parameter types to eliminate casts. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7212 (new) tags: pullup
* define USE_HEAPALLOC in gssapi_alloc.hKevin Wasserman2012-07-161-4/+7
| | | | | | | | Easier to disable for testing. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7211 (new)
* Build lib/krb5/ccache/ccapi on Windows onlyKevin Wasserman2012-07-161-0/+1
| | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7209
* Define USE_CCAPI_V3 in krb5/ccache on windowsKevin Wasserman2012-07-162-1/+1
| | | | | | | | | USE_CCAPI_V3 provides cccol iteration support for ccapi. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7209 (new) tags: pullup
* __func__ -> __FUNCTION__ in disp_status.cKevin Wasserman2012-07-161-4/+4
| | | | | | | | | For MSVC compatibility Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7208 (new) tags: pullup
* Don't use syslog / LOG_DEBUG when they don't existKevin Wasserman2012-07-161-1/+1
| | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7207 (new) tags: pullup
* Rename 'free' -> 'free_func' in asn1_encode.c/.hKevin Wasserman2012-07-162-3/+3
| | | | | | | | | MSVC memory tracking tools do '#define free(p) _dbg_free(...)'. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7205 (new) tags: pullup
* kfw add preauth_sam2 to OBJS for windows buildKevin Wasserman2012-07-161-0/+1
| | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7203 (new) tags: pullup
* Fix error handling in allocate_princ()Greg Hudson2012-07-131-2/+4
| | | | | The most recent change could leak memory when trying to parse an invalid principal because of a failure to use the cleanup handler.
* Replace // comment in ccdefname.cGreg Hudson2012-07-131-1/+1
|
* Add krb5int_cc_user_set_default_nameKevin Wasserman2012-07-112-4/+55
| | | | | | | | | | | | | Set the default credential cache name for all processes for the current user. Currently implemented, for windows only, by setting HKEY_CURRENT_USER\Software\MIT\Kerberos5:ccname to the specified ccache name. This will not override the environment variable 'KRB5CCNAME'. It will override HKEY_LOCAL_MACHINE and 'indirect' registry values. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7199 (new) tags: pullup
* Implement switch_to for ccapiv3Kevin Wasserman2012-07-112-0/+27
| | | | | | | | | | | krb5_stdccv3_switch_to() calls cc_ccache_set_default(). krb5_stdccv3_resolve() checks for NULL or empty residual and calls cc_context_get_default_ccache_name() in those cases. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7198 (new) tags: pullup
* Automatically create DIR ccache directoriesGreg Hudson2012-07-112-2/+3
| | | | | | | | If the directory for a DIR ccache doesn't exist yet, try to create it (but not its parents) with mode 700. Exercise this in test scripts by not pre-creating directories. ticket: 7196 (new)
* Avoid mapping GSSAPI minor code on successGreg Hudson2012-07-081-1/+2
| | | | | | | | | In gssint_import_internal_name, don't map the minor code from mech->gss_duplicate_name if it returned successfully. Fixes an "unexpected non-zero minor status" error reported by SAP's gsstest when it invokes gss_canonicalize_name(). ticket: 7194 (new)
* Reject extra realm separators in principal namesGreg Hudson2012-07-081-0/+2
| | | | | | Commit f609e5caff410cc8f71db7d95b4da219541437db accidentally omitted the check for extra realm separators, leading to an assertion error when parsing x@y@z or similar. Restore the check.
* Remove dead codeBen Kaduk2012-07-051-11/+0
| | | | | This (hair-raising) macro is not referenced anywhere in the tree, so remove it and the associated comment.
* Fix typo in previous change to get_fq_hostnameTom Yu2012-07-031-1/+1
| | | | ticket: 7086
* Fix a minor memory leak in get_fq_hostnameArlene Berry2012-07-031-1/+3
| | | | ticket: 7086
* Take care with types in process_routing_update()Ben Kaduk2012-07-031-8/+11
| | | | | | | read(2) returns an ssize_t, not an int. We want to compare this value against several unsigned size_ts, so make a local copy. Also cast to int for printing; size_t can be wider than int, but these values should be small.
* Use consistent types for overflow comparisonBen Kaduk2012-07-031-1/+1
| | | | | | Unsigned long might not be 32-bits, in which case the overflow check fails for a 32-bit kdb_sno_t. Cast from -1 explicitly as a more robust check.
* Avoid unsigned/signed comparison in loop conditionBen Kaduk2012-07-031-2/+1
| | | | | | | The gid_len length is declared as an unsigned int, and loop index 'i' is a signed int. This could manifest as an infinite loop if gid_len is very large. In practice, gid_len should be small, but make 'i' the same type for consistency.
* Improve printf handling of size_t argsBen Kaduk2012-07-021-3/+4
| | | | | | | | | | | | | | | The %*s format takes two arguments, a precision length/width and an actual string; the length is specified as a signed integer. The size_t length field of the gss_buffer_desc type is an unsigned type, which must be cast or otherwise converted to a signed type to match the format string expectations. I do not think that the length will approach SIZE_T_MAX in practice, due to buffer constraints, so do not include handling for the edge case. There is a '%zu' format string for printing size_ts, but it is not available everywhere (e.g., AIX). Instead, use the unsigned long long abomination.
* Resolve no-previous-prototype warning in os/cm.cBen Kaduk2012-07-021-0/+1
| | | | | | | | | | | | | | | The warning is ../../../../krb5/src/lib/krb5/os/cm.c:43: warning: no previous prototype for 'k5 _getcurtime' which occurs because int k5_getcurtime(struct timeval *tvp) is defined (and used) in cm.c but there is no forward declaration. Include the os-proto.h (internal) header which declares this function to eliminate the warning. k5_getcurtime() is the first declaration in cm.c, so there is not an ABI concern. The only other consumer of k5_getcurtime(), sendto_kdc.c, already includes os-proto.h, so this issue is purely cosmetic.
* Add krb5_kt_client_default to krb5_32.defGreg Hudson2012-07-021-0/+1
|
* Comment fall-throughs in iakerb switch statementGreg Hudson2012-07-021-0/+2
|
* Fix minor memory leaks in acquire_cred.cGreg Hudson2012-07-021-4/+4
|
* Check sort_enctypes return value in gic_keytabGreg Hudson2012-07-021-2/+3
|
* Include all default etypes in gic_keytab requestsGreg Hudson2012-07-021-26/+30
| | | | | | | | | | | Revert 18b02f3e839c007fff54fc9b693f479b7563ec73 in the KDC. Instead, when making an initial request with a keytab, transmit the whole default_tkt_enctypes list, but sorted with the enctypes we have in the keytab first. That way the KDC should prefer enctypes which we have keys for (for both reply key and session key), but the other enctypes are still available for use as ticket session keys. ticket: 7190
* Add client keytab initiation supportGreg Hudson2012-07-026-223/+395
| | | | | | | | | Support acquiring GSSAPI krb5 credentials by fetching initial credentials using the client keytab. Credentials obtained this way will be stored in the default ccache or collection, and will be refreshed when they are halfway to expiring. ticket: 7189 (new)
* Add krb5_kt_client_default APIGreg Hudson2012-07-023-0/+48
| | | | | | | | | | | | | | | | The default client keytab is intended to be used to automatically acquire initial credentials for client applications. The current hardcoded default is a placeholder, and will likely change before 1.11. Add test framework settings to ensure that a system default client keytab doesn't interfere with tests, and to allow tests to be written to deliberately use the default client keytab. Add documentation about keytabs to the concepts section of the RST docs, and describe the default client keytab there. ticket: 7188 (new)
* Get default cred only once in gss-krb5 initiatorGreg Hudson2012-07-022-42/+41
| | | | | | | | | | In the regular krb5 code path, only get a default krb5 cred for the initial token, since we don't need the cred for mutual_auth anyway. In the IAKERB mechanism, cache the default cred in iakerb_ctx_id_rec so we don't have to construct it again for each token. Also, get an IAKERB default cred, not a regular krb5 cred (a bug which is harmless now, but becomes more of a problem with keytab initiation changes).
* Rename gss-krb5 cred tgt_expire fieldGreg Hudson2012-06-277-11/+11
| | | | | | | The tgt_expire field is used to store non-TGT expiry times in a couple of cases: when the ccache has no TGT, and after we've obtained a cred for the target service. Rename it to just "expire" to be less misleading.
generated by cgit (git 2.34.1) at 2025-09-27 20:01:28 +0000