| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
| |
Turn the last two entries of the pa_types table into helper functions
which we invoke before the loop. Then, get rid of the part of the
loop which consults the pa_types table.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25841 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25840 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Correctly set the name-type for the TGS principals to KRB5_NT_SRV_INST
in TGS-REQs. (Previously, only AS-REQs had the name-type set in this
way.) Windows Server 2008 R2 read-only domain controllers (RODCs)
insist on having the correct name-type for the TGS principal in
TGS-REQs as well as AS-REQs, at least for the TGT-forwarding case.
Thanks to Sebastian Galiano for reporting this bug and helping with
testing.
ticket: 7120
target_version: 1.10.2
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25839 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
| |
The addition of afs3-salt processing in get_etype_info made it overly
large, so split out the pw-salt/afs3-salt processing into a separate
function. Also fix two dumb bugs.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25838 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In krb5_init_creds_ctx and krb5_clpreauth_rock_st, use a boolean to
track whether we're still using the default salt instead of
overloading salt.length. In preauth2.c, process afs3 salt values like
we would in krb5int_des_string_to_key, and set an s2kparams indicator
instead of overloading salt.length. Also use an s2kparams indicator
in kdb_cpw.c's add_key_pwd. Remove the s2k code to handle overloaded
salt lengths, except for a sanity check.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25837 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
| |
Pull etype-info2, etype-info, pw-salt, and afs3-salt handling out of
the pa_types loop into a new helper function get_etype_info().
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25834 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
| |
Use krb5int_copy_data_contents_add0 when copying a pa-pw-salt or
pa-afs3-salt value in pa_salt(). If it's an afs3-salt, we're going to
throw away the length and use strcspn in krb5int_des_string_to_key,
which isn't safe if the value is unterminated.
ticket: 2545
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25833 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
| |
Move the last real preauth mechanism, SAM-2, from the pa_types table
to a built-in module.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25831 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25830 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
Although the kadmin client never generates a KADM5_POLICY_CLR mask bit
with addprinc, the bit will be set if a kadm5.acl line imposes the
-clearpolicy restriction. Relax the sanity checking in
kadm5_create_principal_3 to allow KADM5_POLICY_CLR as long as
KADM5_POLICY is not also set.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25827 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
| |
Very few Python tests need kadmind, so it makes more sense to have to
turn it on than to have to turn it off.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25825 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Initialize use_count fields in krb5_preauth_request_context_init,
which is invoked before each AS request. Previously they were
initialized only in krb5_init_preauth_context, which is only invoked
once per krb5 library context.
ticket: 7119
target_version: 1.10.2
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25822 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
A database created prior to 1.3 will have multiple password history
keys, and kadmin prior to 1.8 won't necessarily choose the first one.
So if there are multiple keys, we have to try them all. If none of
the keys can decrypt a password history entry, don't fail the password
change operation; it's not worth it without positive evidence of
password reuse.
ticket: 7099
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25819 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
| |
When getting initial credentials with a keytab, filter the list of
request enctypes based on the keys in the keytab.
Based on a patch from Stef Walter.
ticket: 2131
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25818 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
| |
Use krb5_init_creds_set_keytab in krb5_get_init_creds_keytab, so that
processing added to the former will be used by the latter. This is
slightly awkward because of the way we do the use_master fallback, in
that we have to duplicate some of krb5int_get_init_creds.
Based on a patch from Stef Walter.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25817 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a clpreauth callback which gets the time of day using an offset
determined by the preauth-required error, and use it in encrypted
timestamp and encrypted challenge. This timestamp is not necessarily
authenticated, but the security consequences for those preauth mechs
are minor (and can be mitigated by turning off kdc_timesync on
clients).
Based on a patch from Stef Walter.
ticket: 7114
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25808 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
| |
Reported by stefw@gnome.org.
ticket: 7112
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25803 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
When decoding an AS-REP enc part, we should accept app tags 26 (the
bogus one we generate) and 25 (the correct value). We were accepting
26 and 24. Bug report and fix by stefw@gnome.org.
ticket: 7111
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25802 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When we check for password reuse, only compare keys with the most
recent kvno against history entries, or else we will always fail with
-keepold.
This bug primarily affects rollover of cross-realm TGT principals,
which typically use password-derived keys and may have an associated
password policy such as "default".
Bug report and candidate fix (taken with a slight modification) by
Nicolas Williams.
ticket: 7110
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25801 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
| |
encountered while initializing krb5 library context
ticket: 7091
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25800 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
| |
We shouldn't peer at trans->tr_contents.data[0] if
trans->tr_contents.length is 0, even if the data field is non-null.
Harmless as long as the ASN.1 decoder uses null data fields for empty
krb5_data values, but still wrong.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25797 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
| |
In k5_asn1_decode_bytestring, just leave *str_out as NULL if len is 0,
instead of calling malloc(0) and possibly returning a spurious ENOMEM.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25796 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
| |
* Bring formatting for gss_userok and gss_authorize_localname into
conformance.
* Bring parameter markup for gss_localname into conformance.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25790 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
| |
ticket: 7107
gcc 4.6.2 reportedly finds some spurious maybe-uninitialized warnings.
Suppress them. Patch from Eray Aslan with some adjustment.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25783 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
r24314 (#6778) created a hybrid owernship model for the master key
list, with one virtual copy stored in the DAL handle and one provided
to the caller of krb5_db_fetch_mkey_list. Replace this with a model
where only the DAL handle owns the list, and a caller can get access
to an alias pointer with a new function krb5_db_mkey_list_alias().
Functions which previously accepted the master key list as an input
parameter now expect to find it in the DAL handle.
Patch by Will Fiveash <will.fiveash@oracle.com>.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25781 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
| |
asserts may be compiled out with -DNDEBUG, so it's wrong to use an
assert expression with an important side effect.
(We also have scores of side-effecting asserts in test programs, but
those are less important and can be dealt with separately.)
ticket: 7105
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25760 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
| |
The data-driven decoder for etype-info2 was neglecting to call
init_no_salt() when no salt is present in the encoding. Add in the
missing call. Also add decode test cases for etype-info2, which would
have caught this if they weren't missing.
ticket: 7100
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25744 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
| |
Fix a cast to prvent signed/unsigned warning.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25735 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
r24241 (#6755) introduced a bug where if the KDC sends a LastReq entry
containing an account expiry time, we send a prompter warning for
password expiry even if there was no entry containing a password
expiry time. Typically, this results in the message "Warning: Your
password will expire in less than one hour on Thu Jan 1 12:00:00
1970".
Fix this by explicitly checking for pw_exp == 0 in warn_pw_expiry()
after we've gotten past the conditional for invoking the callback.
ticket: 7098
target_version: 1.9.4
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25730 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
| |
The admin keytab hasn't been needed or used by kadmind since 1.4
(except possibly by legacy admin daemons which we no longer ship).
Eliminate remaining references to it in code, test cases, and
documentation.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25729 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The configure-time options to enable and disable IPv6 support have
been deprecated for some time, but the checks for OS support were
kept. This removes those checks, and unconditionally compiles in the
IPv6 support.
There was a configure-time test to see if the macro INET6 needed to be
defined in order to enable (visibility of) OS support for IPv6, which
was needed on an IRIX system we tested with. That check is retained,
but the revised code is untested on IRIX.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25719 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
| |
ticket: 7092
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25706 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25705 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
RFC 4120 defines the EncryptedData kvno field as an integer in the
range of unsigned 32-bit numbers. Windows encodes and decodes the
field as a signed 32-bit integer. Historically we do the same in our
encoder in 1.6 and prior, and in our decoder through 1.10. (Actually,
our decoder through 1.10 decoded the value as a long and then cast the
result to unsigned int, so it would accept positive values >= 2^31 on
64-bit platforms but not on 32-bit platforms.)
kvno values that large (or negative) are only likely to appear in the
context of Windows read-only domain controllers. So do what Windows
does instead of what RFC 4120 says.
ticket: 7092
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25703 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
| |
An expression in decode_sequence_of was incorrectly parenthesized,
resulting in addition to a void pointer. Also avoid repeating the
expression.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25701 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
| |
GSS functions which accept gss_buffer_t output arguments should
initialize those buffers to empty on startup (see gss_wrap, for
instance). Do so for gss_get_name_attribute in the mechglue.
ticket: 7089
target_version: 1.10.1
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25700 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
| |
Since we're not yet at the point of having an ASN.1 compiler for our
ASN.1 encoder, create a document explaining how to write macro
invocations for type descriptors from an ASN.1 module.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25699 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
| |
Remove the length field of taginfo, and change the internal ASN.1
encoder interfaces to return length separately from tag info.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25698 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
| |
r25695 left behind a dangling reference to the asn1_make object; get
rid of it.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25697 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25696 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
Get rid of a whole bunch of ASN.1 decoder infrastructure now that
we're using the data-driven decoder for everything. Define taginfo in
asn1_encode.h since asn1_get.h is going away. Rewrite split_der() to
use get_tag() since it still had an unintended dependency on the
previous generation of decoder infrastructure.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25695 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
| |
Create a special type to plug authdata types from authdata and make
krb5int_get_authdata_containee_types use it. Add a test case for it
as well. Move krb5_decode_ticket (a trivial wrapper) into
asn1_k_encode.c so that krb5_decode.c is empty.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25694 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a general ASN.1 decoder implementation in asn1_encode.c using the
same data structures as the encoder (augmented where necessary), and
use it to define decoder functions in asn1_k_encode.c. Add a boolean
type to atype_info, as it is needed for the pa_pac_req decoder. For
the moment, just #if out the old decoder functions; they and their
support code can be cleaned up later after a a few remaining utility
functions are addressed.
Changes to encoder and decoder interfaces are minimized, but there are
two small ones. ldap_seqof_key_data has a kvno field added, and some
of the decoder logic is pushed up into the caller. The safe_with_body
decoder now outputs an allocated krb5_data * instead of a krb5_data
with aliases into the input buffer.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25693 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
| |
Create a new atype_optional with a function pointer to decide whether
the type is present in the C object. For simple cases, sequences just
reference the optional version of a type. For more complex cases (such
as when the presence of the usec field of a sequence depends on whether
the timestamp is set), we define a predicate on the structure object
and nest the field type inside the optional type.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25692 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
| |
Make style changes in preparation for the table-driven decoder. No
functional changes.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25691 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25690 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The PKINIT client code doesn't use decode_krb5_pa_pk_as_rep_draft9,
which is fortunate because it doesn't work (see issue #7072).
Instead, it passes both kinds of PKINIT replies through
decode_krb5_pa_pk_as_rep, then decodes the un-enveloped CMS data in
alternative 1 (encKeyPack) as either an RFC or draft9 ReplyKeyPack.
So, remove the unused broken pa_pk_as_rep_draft9 decoder.
For pa_pk_as_req_draft9, we only use two of the fields on encode and
only one of those on decode. So, get rid of the unused fields and
the krb5_trusted_ca structure, and reduce the encoder and decoder
sequences to the minimum necessary fields.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25689 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
| |
asn1_make.c contained a variety of utility functions, most of which we
no longer needed. Fold make_tag into asn1_encode.c and get rid of
asn1_make.c and asn1_make.h.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25688 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
| |
atype_primitive is used for only two types (KerberosTime and
KerberosFlags), which doesn't justify the machinery. Turn those types
into atype_fn types and get rid of atype_primitive.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25687 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
| |
Union fields always have an offset of 0 relative to the union base,
so we just need tag types for them, not DEFFIELDs.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25686 dc483132-0cff-0310-8789-dd5450dbe970
|
