summaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* Fix a memory leak in get_creds.c's try_fallback_realm()Greg Hudson2010-04-211-1/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23920 dc483132-0cff-0310-8789-dd5450dbe970
* Amend r23917 to correct some uses of *out_creds which should now useGreg Hudson2010-04-211-3/+2
| | | | | | the local variable. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23918 dc483132-0cff-0310-8789-dd5450dbe970
* In the get_credentials() helper of the gss-krb5 init_sec_context code,Greg Hudson2010-04-211-2/+8
| | | | | | ensure that *out_creds is only filled in on successful return. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23917 dc483132-0cff-0310-8789-dd5450dbe970
* When setting up to get a TGT for the service realm in the TGS code,Greg Hudson2010-04-201-5/+5
| | | | | | | | | | | | get the cached local TGT before setting up the realm path. Prior to this change, calling krb5_get_credentials() with an empty ccache would result in KRB5_CC_NOTFOUND for a foreign server principal, but would result in KRB5_NO_TKT_IN_REALM (generated by krb5_walk_realm_tree) for a local server principal. With this change, KRB5_CC_NOTFOUND is returned in both cases. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23909 dc483132-0cff-0310-8789-dd5450dbe970
* Add KRB5_INIT_CREDS_STEP_FLAG_CONTINUE for parity with Heimdal.Greg Hudson2010-04-203-14/+11
| | | | | | | | Rename KRB5_TKT_CREDS_CONTINUE to KRB5_TKT_CREDS_STEP_FLAG_CONTINUE for consistency. Adjust init_creds context to be less confusing in light of the above. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23906 dc483132-0cff-0310-8789-dd5450dbe970
* Introduce new krb5_tkt_creds APIGreg Hudson2010-04-145-1486/+1110
| | | | | | | | | | | | Merged from branches/iakerb: add new asynchronous krb5_tkt_creds APIs, which allow a caller to take responsibility for transporting requests to the KDC and getting responses back. Rewrite the existing krb5_get_credentials API in terms of the new functions. Get rid of krb5_get_cred_from_kdc and friends, since they are no longer used. ticket: 6700 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23900 dc483132-0cff-0310-8789-dd5450dbe970
* Validate and renew should work on non-TGT credsGreg Hudson2010-04-133-151/+197
| | | | | | | | | | | | | The validate and renew APIs were using get_cred_from_kdc, which always presents a TGT to get credentials. Instead, they should present the ticket they are trying to validate or renew. This is most easily done with krb5_get_cred_via_tkt(). Move the relevant code into a new file since it now has nothing in common with the other APIs implemented in get_creds.c. ticket: 6699 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23891 dc483132-0cff-0310-8789-dd5450dbe970
* Remove krb5int_send_tgs(); it is unused as of r23358Greg Hudson2010-04-083-90/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23881 dc483132-0cff-0310-8789-dd5450dbe970
* Add krb5_cc_dup() to make it possible to copy ccache handlesGreg Hudson2010-04-081-0/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23874 dc483132-0cff-0310-8789-dd5450dbe970
* Fix backwards flag output in krb5_init_creds_step()Greg Hudson2010-03-291-2/+2
| | | | | | | | | | | | krb5_init_creds_step() is taken from Heimdal, which sets *flags to 1 for "continue" and 0 for "stop". Unfortunately, we got it backwards in 1.8; fix it for 1.8.1. ticket: 6693 tags: pullup target_version: 1.8.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23844 dc483132-0cff-0310-8789-dd5450dbe970
* In gc_frm_kdc.c, rename cur_kdc to cur_realm and nxt_kdc to nxt_realm,Greg Hudson2010-03-261-67/+70
| | | | | | | | | | to make it easier to distinguish them from cur_tgt and nxt_tgt. Make similar name changes to lst_kdc and kdc_list, as well as the function find_nxt_kdc(). No functional changes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23837 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Arlene Berry to not use freed memory inTom Yu2010-03-231-1/+2
| | | | | | | | | | gss_import_sec_context in some error paths. ticket: 6678 target_version: 1.8.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23834 dc483132-0cff-0310-8789-dd5450dbe970
* MITKRB5-SA-2010-002 CVE-2010-0628 denial of service in SPNEGOTom Yu2010-03-231-22/+16
| | | | | | | | | | | The SPNEGO implementation in krb5-1.7 and later could crash due to assertion failure when receiving some sorts of invalid GSS-API tokens. ticket: 6690 target_version: 1.8.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23832 dc483132-0cff-0310-8789-dd5450dbe970
* Include int-proto.h in mk_req_ext.c for krb5int_validate_timesGreg Hudson2010-03-181-0/+1
| | | | | | declaration. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23818 dc483132-0cff-0310-8789-dd5450dbe970
* When checking for KRB5_GET_INIT_CREDS_OPT_CHG_PWD_PRMPT, don'tGreg Hudson2010-03-171-1/+1
| | | | | | | | | | dereference options if it's NULL. ticket: 6681 target_version: 1.8.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23815 dc483132-0cff-0310-8789-dd5450dbe970
* Merge users/raeburn/branches/network-mergeKen Raeburn2010-03-174-6/+2016
| | | | | | | | | | Re-integrates the forked versions of network.c in kdc and kadmin/server. Server-specific initialization and SIGHUP-reset code is moved into other source files; the more generic network-servicing code is merged and moved into apputils library already used by both programs. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23811 dc483132-0cff-0310-8789-dd5450dbe970
* Lazy history key creationGreg Hudson2010-03-112-60/+37
| | | | | | | | | | | Create kadmin/history lazily when we need it (i.e. when a password is changed on a principal with a policy) instead of whenever we open the database. Allows kadmin.local to be used as a read-only tool on non- kadmin-conformant database back ends such as the Samba bridge. ticket: 6679 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23799 dc483132-0cff-0310-8789-dd5450dbe970
* Use KRB5_CONF_ macros instead of strings in the source file for profile ↵Zhanna Tsitkov2010-03-101-3/+3
| | | | | | config attributes "default" and "logging" git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23798 dc483132-0cff-0310-8789-dd5450dbe970
* Release the internal_name field of a SPNEGO context if it has not beenGreg Hudson2010-03-051-0/+3
| | | | | | | | | | claimed for a caller argument. ticket: 6674 target_version: 1.8.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23772 dc483132-0cff-0310-8789-dd5450dbe970
* Add IPv6 support to changepw.c (reverting r21004 since it is no longerGreg Hudson2010-03-051-7/+26
| | | | | | | | | | necessary). Patch from Submit Bose <sbose@redhat.com>. ticket: 6661 target_version: 1.8.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23767 dc483132-0cff-0310-8789-dd5450dbe970
* Remove some more test suite cruft:Greg Hudson2010-02-281-7/+2
| | | | | | | | | | | | | * localhostname from get_hostname was unused. * database_name is no longer used except (misleadingly) in kdb5_util output. * admin_database_name and admin_database_lockfile are no longer used. * default_domain is only used for v4->v5 principal conversion, which isn't tested. * libkadm5's init-v2.exp had a copy of get_hostname; domain and localhostname from it were unused. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23759 dc483132-0cff-0310-8789-dd5450dbe970
* Two problems in kadm5_get_principal mask handlingGreg Hudson2010-02-241-6/+8
| | | | | | | | | | | | KADM5_MOD_NAME was being applied to entry->principal instead of entry->mod_name. KADM5_MKVNO was not being applied to entry->mkvno. Patch from Marcus Watts <mdw@umich.edu>. ticket: 6668 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23749 dc483132-0cff-0310-8789-dd5450dbe970
* Explain the current SPNEGO initiator/acceptor design in comments. NoGreg Hudson2010-02-221-11/+66
| | | | | | code changes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23743 dc483132-0cff-0310-8789-dd5450dbe970
* Fix two unrelated problems in SPNEGO which don't crop up with the krb5Greg Hudson2010-02-221-10/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | mechanism. 1. The third call to spnego_init_accept_context uses faulty logic to determine if the exchange is complete, preventing a third mech token from being sent to the acceptor if no MIC exchange is required. Follow the logic used in the second call (in init_ctx_nego), which is correct. 2. If the acceptor selects a mech other than the optimistic mech, it sets sc->mic_reqd to 1 whether or not the selected mech supports MICs (which isn't known until the mech completes). Most code outside of handle_mic checks sc->mic_reqd along with (sc->ctx_flags & GSS_C_INTEG_FLAG), but the code in acc_ctx_call_acc neglected to do so, so it could improperly delegate responsibility for deciding when the negotiation was finished to handle_mic--which never gets called if (sc->ctx_flags & GSS_C_INTEG_FLAG) is false. Fix acc_ctx_call_acc to check sc->ctx_flags so that mechs which don't support integrity protection can complete if they are selected non-optimistically. ticket: 6603 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23742 dc483132-0cff-0310-8789-dd5450dbe970
* Update dependenciesKen Raeburn2010-02-201-0/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23740 dc483132-0cff-0310-8789-dd5450dbe970
* Fix cipher state chaining in OpenSSL back endGreg Hudson2010-02-183-61/+90
| | | | | | | | | | | | | | | | | | | | Make cipher state chaining work in the OpenSSL back end for des, des3, and arcfour enc providers. Subtleties: * DES and DES3 have checks to avoid clobbering ivec with uninitialized data if there is no data to encrypt. * Arcfour saves the OpenSSL cipher context across calls. To protect against a caller improperly copying the state (which happens to work with other enc providers), a loopback pointer is used, as in GSSAPI. * EVP_EncryptFinal_ex is unnecessary with stream ciphers and would interfere with cipher state chaining if it did anything, so just remove it. ticket: 6665 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23734 dc483132-0cff-0310-8789-dd5450dbe970
* Add display statements for the encrypted tokens generated by t_encryptGreg Hudson2010-02-171-0/+24
| | | | | | so that its output can be compared between different back ends. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23733 dc483132-0cff-0310-8789-dd5450dbe970
* Remove another remnant of krb4Ken Raeburn2010-02-151-86/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23723 dc483132-0cff-0310-8789-dd5450dbe970
* Clarify the SPNEGO NegHints code and plug two cases where half-createdGreg Hudson2010-02-131-25/+19
| | | | | | context could be leaked. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23722 dc483132-0cff-0310-8789-dd5450dbe970
* Simplify the SPNEGO neg_mechs intersection logic a bit usingGreg Hudson2010-02-121-7/+6
| | | | | | gss_test_oid_set_member. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23717 dc483132-0cff-0310-8789-dd5450dbe970
* Minimal support for updating history keyGreg Hudson2010-02-115-131/+113
| | | | | | | | | | | | | | | | | | Add minimal support for re-randomizing the history key: * cpw -randkey kadmin/history now works, but creates only one key. * cpw -randkey -keepold kadmin/history still fails. * libkadm5 no longer caches the history key. Performance impact is minimal since password changes are not common. * randkey no longer checks the newly randomized key against old keys, and the disabled code to do so in setkey/setv4key is gone, so now only kadm5_chpass_principal_3 accesses the password history. ticket: 6660 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23716 dc483132-0cff-0310-8789-dd5450dbe970
* Implement gss_set_neg_mechsGreg Hudson2010-02-109-81/+301
| | | | | | | | | | | | | | | | | Implement gss_set_neg_mechs in SPNEGO by intersecting the provided mech set with the mechanisms available in the union credential. As we now need space to hold the mech set, the SPNEGO credential is now a structure and not just a mechglue credential. t_spnego.c is a test program which exercises the new logic. Like the other GSSAPI tests, it is not run as part of "make check" at this time. ticket: 6658 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23715 dc483132-0cff-0310-8789-dd5450dbe970
* krb5int_fast_free_state segfaults if state is nullSam Hartman2010-02-091-0/+2
| | | | | | | | | | | | | krb5int_fast_free_state fails if state is null. INstead it should simply return Reorganization of the get_init_creds logic has created situations where the init_creds loop can fail between the time when the context is initialized and the fast state is initialized. ticket: 6657 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23713 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Arlene Berry to handle the case where a mechanismTom Yu2010-02-051-2/+10
| | | | | | | | | | | implements set_cred_option but does not implement the requested option. ticket: 6601 tags: pullup target_version: 1.8 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23698 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Arlene Berry to avoid segfault if a mechTom Yu2010-02-051-0/+5
| | | | | | | | | | gss_inquire_context returns GSS_C_NO_NAME for the target name. ticket: 6600 tags: pullup target_version: 1.8 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23696 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Arlene Berry to return a comparable static OID objectTom Yu2010-02-051-0/+3
| | | | | | | | | | | instead of the application-passed (probably dynamically allocated) OID, to avoid use-after-free problems. ticket: 6598 tags: pullup target_version: 1.8 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23695 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up error handling in krb5int_make_tgs_request_ext, closing someGreg Hudson2010-02-021-60/+41
| | | | | | unlikely memory leaks. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23682 dc483132-0cff-0310-8789-dd5450dbe970
* set_default_enctype_var should filter not reject weak enctypesTom Yu2010-02-012-32/+105
| | | | | | | | | | | | | | | | | | With allow_weak_crypto=false, set_default_enctype_var() (helper function for krb5_set_default_tgs_enctypes(), etc.) was rejecting any application-provided enctype list that contained any weak enctype even when valid strong enctypes were present. This broke some Samba things. Filter the weak enctypes instead. Add test cases. Reported to Debian by Holger Isenberg. (Debian bug #566977) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566977 Thanks to Simo Sorce for testing. ticket: 6653 tags: pullup target_version: 1.8 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23681 dc483132-0cff-0310-8789-dd5450dbe970
* Make decryption of master key list more robustGreg Hudson2010-01-291-37/+13
| | | | | | | | | | | | | | | | | krb5_def_fetch_mkey_list was incorrectly filtering mkey_aux entries when searching the list for an entry which can be decrypted with the stashed master key. This bug was masked in most cases by the mkvno heuristic. Remove the mkvno heuristic, since performance is not an issue for this rarely-performed operation, and remove the incorrect enctype comparison in the brute-force search. ticket: 6652 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23677 dc483132-0cff-0310-8789-dd5450dbe970
* Handle migration from pre-1.7 databases with master key kvno != 1Greg Hudson2010-01-283-3/+37
| | | | | | | | | | | | | | | | | | | | krb5_dbe_lookup_mkvno assumes an mkvno of 1 for entries with no explicit tl_data. We've seen at least one pre-1.7 KDB with a master kvno of 0, violating this assumption. Fix this as follows: * krb5_dbe_lookup_mkvno outputs 0 instead of 1 if no tl_data exists. * A new function krb5_dbe_get_mkvno translates this 0 value to the minimum version number in the mkey_list. (krb5_dbe_lookup_mkvno cannot do this as it doesn't take the mkey_list as a parameter.) * Call sites to krb5_dbe_lookup_mkvno are converted to krb5_dbe_get_mkvno, except for an LDAP case where it is acceptable to store 0 if the mkvno is unknown. ticket: 6650 target_version: 1.7.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23676 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of kdb_ext.h and allow out-of-tree KDB pluginsGreg Hudson2010-01-275-41/+86
| | | | | | | | | | | | | Move the contents of kdb_ext.h into kdb.h, since there is no meaningful "extensions" category of DB interfaces now that this stuff is in our tree. Allows out-of-tree KDB plugins to be built since we install kdb.h. ticket: 6649 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23674 dc483132-0cff-0310-8789-dd5450dbe970
* define MIN() in lib/gssapi/krb5/prf.cTom Yu2010-01-261-0/+4
| | | | | | | | | | | | Apply patch from Doug Engert to define MIN(), which was causing prf.c to fail compilation on Solaris. (The definition was probably leaking from sys/param.h, included indirectly somehow.) ticket: 6648 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23673 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Arlene Berry to plug a memory leakTom Yu2010-01-261-1/+3
| | | | | | | | ticket: 6599 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23672 dc483132-0cff-0310-8789-dd5450dbe970
* Add krb5_allow_weak_crypto APIGreg Hudson2010-01-193-0/+40
| | | | | | | | | | | | Add an API to allow apps to override the profile setting of allow_weak_crypto, so that aklog can work with krb5 1.8 out of the box until OpenAFS finishes migrating away from DES. ticket: 6645 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23663 dc483132-0cff-0310-8789-dd5450dbe970
* Change basename of libkadm5 libraries to avoid Heimdal conflictGreg Hudson2010-01-194-2/+12
| | | | | | ticket: 6644 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23662 dc483132-0cff-0310-8789-dd5450dbe970
* Make history key exempt from permitted_enctypesGreg Hudson2010-01-141-7/+7
| | | | | | | | | | | | In kdb_init_hist, just use the first key entry in the kadmin/history entry. This makes the history key work even if the enctype is disallowed by allow_weak_crypto=false or other configuration. ticket: 6640 tags: pullup target_version: 1.8 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23657 dc483132-0cff-0310-8789-dd5450dbe970
* Add test program for decryption of overly short buffersGreg Hudson2010-01-122-2/+135
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23652 dc483132-0cff-0310-8789-dd5450dbe970
* Use keyed checksum type for DES FASTGreg Hudson2010-01-121-0/+3
| | | | | | | | | | | | DES enctypes have unkeyed mandatory-to-implement checksums. Since FAST requires a keyed checksum, we must pick something else in that case. ticket: 6633 target_version: 1.7 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23629 dc483132-0cff-0310-8789-dd5450dbe970
* Group together the funtions related to the supplying options to preauth ↵Zhanna Tsitkov2010-01-114-125/+159
| | | | | | | | plugin modules. Also, removed krb5int_ prefix from the names of some static functions in gic_opt.c.s git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23625 dc483132-0cff-0310-8789-dd5450dbe970
* Move krb5_authdata_export_authdata into the separate file for better code ↵Zhanna Tsitkov2010-01-103-65/+99
| | | | | | modularity git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23623 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-29 08:55:05 +0000