summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Windows leash64 fixes: use proper names for leash and krb5 dllsTom Yu2011-12-121-0/+6
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25545 dc483132-0cff-0310-8789-dd5450dbe970
* kfw installer: add runtime.wxi WIXINCLUDES in Makefile to fix dependenciesTom Yu2011-12-121-0/+1
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25544 dc483132-0cff-0310-8789-dd5450dbe970
* LeashView.cpp: only specify TVIF_TEXT if there is actually textTom Yu2011-12-121-1/+4
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25543 dc483132-0cff-0310-8789-dd5450dbe970
* windows ccapi: use a random challenge to authenticate ccapiserverTom Yu2011-12-121-2/+38
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25542 dc483132-0cff-0310-8789-dd5450dbe970
* windows ccapi: launch server without console by defaultTom Yu2011-12-121-5/+6
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25541 dc483132-0cff-0310-8789-dd5450dbe970
* Make ccapiserver exit if its receiveloop thread terminates for any reasonTom Yu2011-12-122-2/+10
| | | | | | | | | | This happens, for example, when the rpc endpoint is already registered by another ccapiserver process. There's no reason to leave a zombie process running that can't receive messages. ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25540 dc483132-0cff-0310-8789-dd5450dbe970
* fix warning in test_cc_credentials_iterator_next.cTom Yu2011-12-121-0/+1
| | | | | | | | include test_ccapi_iterators.h for check_cc_credentials_iterator_next ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25539 dc483132-0cff-0310-8789-dd5450dbe970
* windows ccapiserver: replace Sleep with event waitTom Yu2011-12-125-10/+52
| | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7050 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25538 dc483132-0cff-0310-8789-dd5450dbe970
* Corrected the name of KRB5_NT_SRV_HST macro. Added some doxygen commentsZhanna Tsitkov2011-12-121-30/+21
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25537 dc483132-0cff-0310-8789-dd5450dbe970
* Fix subkey memory leak in krb5_get_credentialsGreg Hudson2011-12-091-0/+2
| | | | | | | | | | | If a get_credentials operation requires multiple TGS requests, we need to free the subkey from previous requests before saving a new one. ticket: 7049 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25536 dc483132-0cff-0310-8789-dd5450dbe970
* Fix memory leaks in FAST TGS supportGreg Hudson2011-12-092-4/+12
| | | | | | | | | | krb5int_fast_prep_req remove tgs from request->padata and needs to free it. get_creds.c needs to use a fresh FAST state for each TGS request to avoid leaking armor keys. ticket: 7026 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25535 dc483132-0cff-0310-8789-dd5450dbe970
* Actually allow null server key in krb5_pac_verifyGreg Hudson2011-12-081-3/+0
| | | | | | ticket: 7048 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25534 dc483132-0cff-0310-8789-dd5450dbe970
* Allow null server key to krb5_pac_verifyGreg Hudson2011-12-072-6/+8
| | | | | | | | | | When the KDC verifies a PAC, it doesn't really need to check the server signature, since it can't trust that anyway. Allow the caller to pass only a TGT key. ticket: 7048 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25532 dc483132-0cff-0310-8789-dd5450dbe970
* Add automated tests for S4U2Self and S4U2ProxyGreg Hudson2011-12-075-9/+347
| | | | | | | | | These tests mainly exercise the client-side GSSAPI code for S4U2Self and S4U2Proxy. They also exercise the KDC code for S4U2Self, but only the denial logic for S4U2Proxy since the DB2 back end doesn't support constrained delegation currently. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25531 dc483132-0cff-0310-8789-dd5450dbe970
* Allow S4U2Proxy service tickets to be cachedGreg Hudson2011-12-071-3/+1
| | | | | | | | | | Previous to this change, the GSS code avoids caching S4U2Proxy results for fear of the memory cache growing without bound, but that seems unlikely to be a serious problem. Allow these to be cached. ticket: 7047 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25530 dc483132-0cff-0310-8789-dd5450dbe970
* Allow S4U2Proxy delegated credentials to be savedGreg Hudson2011-12-078-31/+89
| | | | | | | | | | | | | | | The initial implementation of client-side S4U2Proxy support did not allow delegated proxy credentials to be stored (gss_store_cred would error out, and gss_krb5_copy_ccache would generate a non-working cache). To make this work, we save the impersonator name in a cache config variable and in a cred structure field (replacing the proxy_cred flag), and make the default principal of the proxy cache the subject principal as the caller would expect for a regular delegated cred. ticket: 7046 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25529 dc483132-0cff-0310-8789-dd5450dbe970
* SA-2011-007 KDC null pointer deref in TGS handling [CVE-2011-1530]Tom Yu2011-12-063-1/+11
| | | | | | | | | | | Fix a null pointer dereference condition that could cause a denial of service. ticket: 7042 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25525 dc483132-0cff-0310-8789-dd5450dbe970
* make dependKen Raeburn2011-12-052-5/+10
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25505 dc483132-0cff-0310-8789-dd5450dbe970
* Set a default enctype for optimistic preauthGreg Hudson2011-12-041-0/+8
| | | | | | | | | | | | | | | | | | | | | | When the client application requests optimistic preauth for a preauth type which uses the password, we don't have an etype-info2 to interpret since we haven't talked to the KDC. So we need to guess an enctype, salt, and s2k parameters. In 1.9 and prior, encrypted timestamp contained code to use the first requested enctype in this case, but encrypted challenge did not. In 1.10 prior to this change, neither mechanism uses a reasonable default. Set a default enctype in krb5_init_creds_init so that all password-based preauth mechanisms will use a reasonable default in the optimistic preauth case. The default salt and s2k parameters for this case will be the principal-based default salt and the enctype-based default parameters. ticket: 7033 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25504 dc483132-0cff-0310-8789-dd5450dbe970
* Added support for loading of Krb5.ini from Windows APPDATASam Hartman2011-12-021-8/+77
| | | | | | | | | | Signed-off-by: Alexey Melnikov <aamelnikov@gmail.com> ticket: 7038 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25500 dc483132-0cff-0310-8789-dd5450dbe970
* Use LsaDeregisterLogonProcess(), not CloseHandle()Sam Hartman2011-12-021-9/+9
| | | | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7037 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25499 dc483132-0cff-0310-8789-dd5450dbe970
* Fix free ofuninitialized memory in sname_to_princSam Hartman2011-12-021-2/+3
| | | | | | | | | | | Fix free of uninitialized memory in error case introduced in 1.10 development cycle. ticket: 7036 tags: pullup Target_Version: 1.10 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25498 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_lcc_store() now ignores config credentialsSam Hartman2011-12-021-0/+9
| | | | | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7035 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25497 dc483132-0cff-0310-8789-dd5450dbe970
* mk_cred: memory managementSam Hartman2011-12-021-1/+1
| | | | | | | | | | | | | | Fix for mk_cred.c: calloc() not malloc() Avoid calling free() in cleanup on uninitialized sub-ptrs if error occurs. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7034 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25496 dc483132-0cff-0310-8789-dd5450dbe970
* Ldap dependency for parallel buildsSam Hartman2011-11-291-0/+3
| | | | | | | | | | The ldap plugin needs to declare a dependency on the ldap library ticket: 7030 tags: pullup target_version: 1.10 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25494 dc483132-0cff-0310-8789-dd5450dbe970
* Fix --with-system-verto without pkg-configGreg Hudson2011-11-291-1/+1
| | | | | | | | | | | | If we're using the system verto and pkg-config isn't found but libverto is, set VERTO_LIBS to just -lverto as there won't be a k5ev module. ticket: 7029 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25493 dc483132-0cff-0310-8789-dd5450dbe970
* Use INSTALL_DATA to avoid marking .mo files executableSam Hartman2011-11-291-1/+1
| | | | | | ticket: new target_version: 1.10 tags: pullup subject: Use INSTALL_DATA to install message catalogues git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25492 dc483132-0cff-0310-8789-dd5450dbe970
* AC_CHECK_LIB should put -lcrypto in PKINIT_CRYPTO_IMPL_LIBS not LIBSSam Hartman2011-11-291-1/+1
| | | | | | | | | for pkinit. A similar problem exists for crypto_impl and is not addressed by this patch. ticket: new Subject: LIBS should not include PKINIT_CRYPTO_IMPL_LIBS tags: pullup target_version: 1.10 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25491 dc483132-0cff-0310-8789-dd5450dbe970
* Adjust krb5int_decode_tgs_rep, closing a leakGreg Hudson2011-11-231-19/+20
| | | | | | | | Use current practices for parameter naming and resource cleanup. Avoid a leak of local_dec_rep (now named dec_rep) if we take a "goto cleanup" path. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25490 dc483132-0cff-0310-8789-dd5450dbe970
* Whitespace, style changes to past two commitsGreg Hudson2011-11-235-76/+84
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25489 dc483132-0cff-0310-8789-dd5450dbe970
* FAST TGSSam Hartman2011-11-237-18/+129
| | | | | | | | | | Implement RFC 6113 FAST TGS support. Includes library support for a varient of explicit TGS armor that has not yet been proposed within the IETF. ticket: 7026 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25488 dc483132-0cff-0310-8789-dd5450dbe970
* FAST: error handling and const keyblockSam Hartman2011-11-232-23/+34
| | | | | | | | | | | | krb5int_fast_process_error: Allow out_padata and retry to be null for TGS case. Refactor function to do more frees in the exit handling and to declare variables at the top. krb5int_fast_reply_key: input keyblock arguments should be const ticket: 7025 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25487 dc483132-0cff-0310-8789-dd5450dbe970
* ticket: newSam Hartman2011-11-236-59/+49
| | | | | | | | | | | | | | | | | subject: FAST PKINIT target_version: 1.10 tags: pullup Per RFC 6113 fast should use the inner request body for the pkinit checksum. We did that on the KDC; now do so on the client. Remove code that explicitly blocked pkinit under FAST. Also, use the reply key *before* the strengthen key is applied when verifying the PADATA_PKINIT_KX. Add FAST pkinit test. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25486 dc483132-0cff-0310-8789-dd5450dbe970
* Use POSIX constants instead of S_IREAD/S_IWRITEGreg Hudson2011-11-221-2/+2
| | | | | | | | S_IREAD and S_IWRITE are ancient names for S_IRUSR and S_IWUSR, and are not defined on some modern platforms (such as Android). Use the POSIX names instead. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25485 dc483132-0cff-0310-8789-dd5450dbe970
* Fix compile error in previous changeGreg Hudson2011-11-221-1/+0
| | | | | | | | | A last-minute code editing mistake crept into the previous commit; fix it. ticket: 7023 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25484 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up client-side preauth error data handlingGreg Hudson2011-11-217-116/+97
| | | | | | | | | | | | | | | | | | | | | | | | Change the clpreauth tryagain method to accept a list of pa-data, taken either from the FAST response or from decoding the e_data as either pa-data or typed-data. Also change the in_padata argument to contain just the type of the request padata rather than the whole element, since modules generally shouldn't care about the contents of their request padata (or they can remember it). In krb5int_fast_process_error, no longer re-encode FAST pa-data as typed-data for the inner error e_data, but decode traditional error e_data for all error types, and try both pa-data and typed-data encoding. In PKINIT, try all elements of the new pa-data list, since it may contain FAST elements as well as the actual PKINIT array. (Fixes an outstanding bug in FAST PKINIT.) ticket: 7023 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25483 dc483132-0cff-0310-8789-dd5450dbe970
* Recognize IAKERB mech in krb5_gss_display_statusGreg Hudson2011-11-211-1/+2
| | | | | | | | | | | | Minor status codes were not displaying properly when originated from the IAKERB mech, because of a safety check on mech_type. From Ralf Haferkamp <rhafer@suse.de>. ticket: 7020 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25482 dc483132-0cff-0310-8789-dd5450dbe970
* Fix failure interval of 0 in LDAP lockout codeGreg Hudson2011-11-202-3/+4
| | | | | | | | | | | | | | | | A failure count interval of 0 caused krb5_ldap_lockout_check_policy to pass the lockout check (but didn't cause a reset of the failure count in krb5_ldap_lockout_audit). It should be treated as forever, as in the DB2 back end. This bug is the previously unknown cause of the assertion failure fixed in CVE-2011-1528. ticket: 7021 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25480 dc483132-0cff-0310-8789-dd5450dbe970
* Improve documentation in preauth_plugin.hGreg Hudson2011-11-191-6/+15
| | | | | | | | | | Also declare the verto_context structure to ensure that it is has the proper scope when used as the return type of the event_context callback. ticket: 7019 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25479 dc483132-0cff-0310-8789-dd5450dbe970
* Fix k5test error message for missing runenv.pyGreg Hudson2011-11-151-1/+1
| | | | | | | "make fake-install" no longer exists, so tell the developer to run "make runenv.py" instead. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25477 dc483132-0cff-0310-8789-dd5450dbe970
* Make verto context available to kdcpreauth modulesGreg Hudson2011-11-158-13/+31
| | | | | | | | | | | | Add an event_context callback to kdcpreauth. Adjust the internal KDC and main loop interfaces to pass around the event context, and expose it to kdcpreauth modules via the rock. ticket: 7019 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25475 dc483132-0cff-0310-8789-dd5450dbe970
* Update verto to 0.2.2 releaseGreg Hudson2011-11-1511-381/+939
| | | | | | | | | | | | | Update verto sources to 0.2.2 release versions. verto_reinitialize() now has a return value; check it in kdc/main.c. Store verto-libev.c alongside verto-k5ev.c to make it easy to diff corresponding versions when updating. ticket: 7018 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25474 dc483132-0cff-0310-8789-dd5450dbe970
* Simplify and fix kdcpreauth request_body callbackGreg Hudson2011-11-147-30/+53
| | | | | | | | | | | | | | | | | | | Alter the contract for the kdcpreauth request_body callback so that it returns an alias to the encoded body instead of a fresh copy. At the beginning of AS request processing, save a copy of the encoded request body, or the encoded inner request body for FAST requests. Previously the request_body callback would re-encode the request structure, which in some cases has been modified by the AS request code. No kdcpreauth modules currently use the request_body callback, but PKINIT will need to start using it in order to handle FAST requests correctly. ticket: 7017 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25473 dc483132-0cff-0310-8789-dd5450dbe970
* Handle TGS referrals to the same realmGreg Hudson2011-11-142-1/+11
| | | | | | | | | | | | | | | krb5 1.6 through 1.8 contained a workaround for the Active Directory behavior of returning a TGS referral to the same realm as the request. 1.9 responds to this behavior by caching the returned TGT, trying again, and detecting a referral loop. This is a partial regression of ticket #4955. Detect this case and fall back to a non-referreal request. ticket: 7016 target_version: 1.9.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25472 dc483132-0cff-0310-8789-dd5450dbe970
* Add consistency check for plugin interface namesGreg Hudson2011-11-132-2/+7
| | | | | | | Add an assertion to ensure that the interface_names table in plugin.c is updated when a new pluggable interface is added. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25471 dc483132-0cff-0310-8789-dd5450dbe970
* Add plugin interface_names entry for ccselectGreg Hudson2011-11-121-1/+2
| | | | | | | | | | | | When the ccselect pluggable interface was added, the interface_names table wasn't updated, so configuring modules for it wouldn't work. Add it now. ticket: 7015 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25470 dc483132-0cff-0310-8789-dd5450dbe970
* Avoid looping when preauth can't be generatedGreg Hudson2011-11-114-5/+16
| | | | | | | | | | | | | | | | | If we receive a PREAUTH_REQUIRED error and fail to generate any real preauthentication, error out immediately instead of continuing to generate non-preauthenticated requests until we hit the loop count. There is a lot of room to generate a more meaningful error about why we failed to generate preauth (although in many cases the answer may be too complicated to explain in an error message), but that requires more radical restructuring of the preauth framework. ticket: 6430 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25469 dc483132-0cff-0310-8789-dd5450dbe970
* Fix com_err.h dependencies in gss-kernel-libGreg Hudson2011-11-113-46/+55
| | | | | | | | | | | | | | | make check was failing in util/gss-kernel-lib due to dependencies when the build is configured with --with-system-et, because depfix.pl wasn't smart enough to substitute the dependency on com_err.h in the current directory. Make depfix.pl smarter, and adjust COM_ERR_DEPS to be com_err.h in gss-kernel-lib when building with the bundled com_err. ticket: 7014 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25468 dc483132-0cff-0310-8789-dd5450dbe970
* Remove -v from the preset valgrind flagsGreg Hudson2011-11-111-1/+1
| | | | | | | | Verbose output from valgrind is rarely needed and makes it harder to find errors and leaks in the output. When it is needed, it's easier to add it in than to take it out. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25467 dc483132-0cff-0310-8789-dd5450dbe970
* Added the note to the trace API functions that they have higher priority ↵Zhanna Tsitkov2011-11-091-2/+8
| | | | | | than the KRB5_TRACE env variable git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25466 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-28 05:16:52 +0000