summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Flatten lib/crypto/krb, as its seven subdirectories only contained aGreg Hudson2011-03-0542-587/+128
| | | | | | few source file each (often only 1-2). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24679 dc483132-0cff-0310-8789-dd5450dbe970
* Fix SHA-256 on big-endian platformsGreg Hudson2011-03-031-0/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24678 dc483132-0cff-0310-8789-dd5450dbe970
* Consolidate almost all lib/crypto/krb headers into a singleGreg Hudson2011-03-02212-3960/+1884
| | | | | | | | | | | | | crypto_int.h. In that header, define and document responsibilities for crypto modules, some of which are satisfied through a module-specific crypto_mod.h. In the OpenSSL and NSS modules, remove many of the headers and sources providing functionality which isn't needed by lib/crypto/krb any more (direct interfaces to MD4, MD5, and SHA-1 hashing, as well as DES weak key testing). Change most Makefile.ins to only include headers from lib/crypto/krb and lib/crypto/$(CRYPTO_IMPL), instead of from many different directories. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24677 dc483132-0cff-0310-8789-dd5450dbe970
* Remove some declarations from kdc_preauth.c which are no longer neededGreg Hudson2011-03-021-9/+0
| | | | | | after r24403. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24676 dc483132-0cff-0310-8789-dd5450dbe970
* In export-check.pl, display a better error if there are duplicateGreg Hudson2011-03-021-0/+4
| | | | | | symbols in the export list. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24675 dc483132-0cff-0310-8789-dd5450dbe970
* Simplify lib/crypto/krb/arcfour in the wake of r23444. Move theGreg Hudson2011-02-2811-393/+305
| | | | | | | contents of arcfour_aead.c into arcfour.c, turn the key derivation helper functions into static functions, and eliminate arcfour-int.h. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24673 dc483132-0cff-0310-8789-dd5450dbe970
* Use the hash provider interface in krb5int_arcfour_string_to_key soGreg Hudson2011-02-282-34/+13
| | | | | | | that we don't need a direct interface to MD4 in the crypto modules. Also clean up the code a bit. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24672 dc483132-0cff-0310-8789-dd5450dbe970
* Reference random-to-key handlers through the enctype instead of theGreg Hudson2011-02-2761-704/+486
| | | | | | | | | | | | enc_provider, for consistency with string-to-key and the place of implementation (other enc_provider functions are implemented in the back end, but random-to-key handlers are in krb). Use a single handler for non-DES/DES3 enctypes since it's always just directly copying the bits. Collapse the three implementations (des, des3, and direct) into random_to_key.c, as they're very short, and eliminate the lib/crypto/krb/rand2key directory. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24669 dc483132-0cff-0310-8789-dd5450dbe970
* Remove nonexistent aes_ctr from object and source file lists inGreg Hudson2011-02-271-3/+0
| | | | | | lib/crypto/openssl/enc_provider/Makefile.in. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24668 dc483132-0cff-0310-8789-dd5450dbe970
* Make sure ulog_map() is invoked whenever we open the database inGreg Hudson2011-02-272-8/+11
| | | | | | | | | | | kdb5_util. Fixes all of the master key rollover commands in the presence of iprop. Reported by kacarstensen@csupomona.edu. ticket: 6875 tags: pullup target_version: 1.9.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24667 dc483132-0cff-0310-8789-dd5450dbe970
* Namespace-protect SHA-256 symbols. Build SHA-256 code independently ofGreg Hudson2011-02-258-92/+68
| | | | | | whether Fortuna was selected. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24666 dc483132-0cff-0310-8789-dd5450dbe970
* Add Fortuna test program to file list for dependency generationGreg Hudson2011-02-252-9/+23
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24665 dc483132-0cff-0310-8789-dd5450dbe970
* Add a non-default PRNG module which just retrieves entropy fromGreg Hudson2011-02-251-0/+94
| | | | | | /dev/urandom without any cryptographic post-processing. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24664 dc483132-0cff-0310-8789-dd5450dbe970
* Remove some unnecessary includes from prng_fortuna.cGreg Hudson2011-02-251-2/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24663 dc483132-0cff-0310-8789-dd5450dbe970
* Make dependGreg Hudson2011-02-2555-1754/+1595
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24662 dc483132-0cff-0310-8789-dd5450dbe970
* Now that all PRNG modules fit nicely into a single source file,Greg Hudson2011-02-2519-326/+150
| | | | | | | | | simplify the PRNG abstraction, flattening the implementations into crypto/krb and removing the indirection through function pointers. Move the guts of the NSS PRNG implementation into the nss subdir so that crypto/krb doesn't need to be built with CRYPTO_IMPL_CFLAGS. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24661 dc483132-0cff-0310-8789-dd5450dbe970
* Remove Yarrow PRNG implementationGreg Hudson2011-02-2530-2916/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24660 dc483132-0cff-0310-8789-dd5450dbe970
* A couple more Windows build system adjustments for Fortuna as defaultGreg Hudson2011-02-252-2/+8
| | | | | | PRNG. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24659 dc483132-0cff-0310-8789-dd5450dbe970
* Add a stubs file missing from r24656Greg Hudson2011-02-251-0/+68
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24658 dc483132-0cff-0310-8789-dd5450dbe970
* Make Fortuna the default PRNG for the Windows buildGreg Hudson2011-02-252-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24657 dc483132-0cff-0310-8789-dd5450dbe970
* Unbreak the OpenSSL and NSS crypto builds in the wake of r24652Greg Hudson2011-02-2411-79/+119
| | | | | | (Fortuna as default PRNG), and remove some unnecessary related files. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24656 dc483132-0cff-0310-8789-dd5450dbe970
* Fix dangling Makefile reference after r24652Greg Hudson2011-02-241-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24655 dc483132-0cff-0310-8789-dd5450dbe970
* Make dependGreg Hudson2011-02-241-9/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24654 dc483132-0cff-0310-8789-dd5450dbe970
* Make Fortuna the default PRNG algorithmGreg Hudson2011-02-241-13/+3
| | | | | | ticket: 6874 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24653 dc483132-0cff-0310-8789-dd5450dbe970
* Fortuna as default PRNGGreg Hudson2011-02-2412-839/+497
| | | | | | | | | | | | | | Rewrite prng_fortuna.c to much more closely match the description of Fortuna in chapter 9 of Cryptography Engineering. Add a facility to get OS entropy and implement it for Unix and Windows (not yet tested on Windows) to replace prng/fortuna/entropy.c. Rewrite the test harness to always ensure stable output and perform a statistical test on the predictable internal state resulting from the stable-output tests. ticket: 6874 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24652 dc483132-0cff-0310-8789-dd5450dbe970
* Remember to free the result of getaddrinfo() in the new sendto_kdcGreg Hudson2011-02-231-0/+1
| | | | | | | | code. ticket: 6868 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24651 dc483132-0cff-0310-8789-dd5450dbe970
* Fix memory leak in t_expire_warnEzra Peisach2011-02-231-0/+1
| | | | | | | | | Free context. Allows one to look for new leaks introduced in other pathways. ticket: 6872 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24650 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a memory leak introduced in r23926 where k_cred was not freed onGreg Hudson2011-02-221-30/+24
| | | | | | | | | | | successful return from kg_new_connection(). Reported by Julien Chaffraix. ticket: 6800 target_version: 1.9.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24646 dc483132-0cff-0310-8789-dd5450dbe970
* Don't leak the mechanism internal context when we get an error in theGreg Hudson2011-02-221-1/+6
| | | | | | | | | | mechglue's gss_accept_sec_context. From aberry@likewise.com. ticket: 6813 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24645 dc483132-0cff-0310-8789-dd5450dbe970
* Delete kinit_kdb.o in make cleanTom Yu2011-02-221-1/+1
| | | | | | | | ticket: 6871 tags: pullup target_version: 1.9.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24644 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a conceptual bug in r24639: the intermediate key container lengthGreg Hudson2011-02-181-1/+1
| | | | | | | | | | should be the hash's output size, not its block size. (The bug did not show up in testing because it is harmless in practice; MD5 has a larger block size than output size.) ticket: 6869 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24641 dc483132-0cff-0310-8789-dd5450dbe970
* Don't reject AP-REQs based on PACsGreg Hudson2011-02-162-38/+13
| | | | | | | | | | | | | | | | | Experience has shown that it was a mistake to fail AP-REQ verification based on failure to verify the signature of PAC authdata contained in the ticket. We've had two rounds of interoperability issues with the hmac-md5 checksum code, an interoperability issue OSX generating unsigned PACs, and another problem where PACs are copied by older KDCs from a cross-realm TGT into the service ticket. If a PAC signature cannot be verified, just don't mark it as verified and continue on with the AP exchange. ticket: 6870 target_version: 1.9.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24640 dc483132-0cff-0310-8789-dd5450dbe970
* hmac-md5 checksum doesn't work with DES keysGreg Hudson2011-02-161-1/+1
| | | | | | | | | | | | | | krb5int_hmacmd5_checksum calculates an intermediate key using an HMAC. The container for this key should be allocated using the HMAC output size (which is the hash blocksize), not the original key size. This bug was causing the function to fail with DES keys, which can be used with hmac-md5 in PAC signatures. ticket: 6869 target_version: 1.9 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24639 dc483132-0cff-0310-8789-dd5450dbe970
* In kg_acceptor_princ, make Coverity happy by using a different test toGreg Hudson2011-02-141-1/+1
| | | | | | determine if we should set (*princ_out)->type. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24638 dc483132-0cff-0310-8789-dd5450dbe970
* In kadm5_rename_principal, fix an oversight which would cause errorsGreg Hudson2011-02-131-1/+2
| | | | | | from krb5_principal2salt_norealm to be ignored. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24637 dc483132-0cff-0310-8789-dd5450dbe970
* Untabify trace.c (tabs crept in when the file was created)Greg Hudson2011-02-131-14/+14
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24636 dc483132-0cff-0310-8789-dd5450dbe970
* Defer hostname lookups in krb5_sendto_kdcGreg Hudson2011-02-1313-847/+626
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Restructure the locate_kdc and sendto_kdc code to defer getaddrinfo calls until we need the answer. This requires many changes: * struct addrlist is now called struct serverlist, and is declared in os-proto.h instead of k5-int.h. It contains an array of struct server_entry structures which can hold either a name or an address. (Address entries are used for locate_kdc module results.) * The connection state list is now a linked list, and holds address information directly instead of using a struct addrinfo (this simplifies memory management). Each connection entry contains a callback buffer (previously stored in a separate array) and an index into the server list. * The {addrstate} trace formatting primitive is no longer needed, and has been replaced by {connstate}. There is also a new tracing event for resolving hostnames. * locate_server, locate_kdc, free_serverlist, and sendto get their prefixes changed from krb5int_ to k5_ as their prototypes were being adjusted anyway. The family argument is gone from the locate functions as it was never productively used. k5_sendto now receives the socket types of interest. * krb5_sendto_kdc will now pass a 0 socktype to k5_locate_kdc if both socket types are wanted. There were some allowances for this in locate but this was never previously done. In order to be conservative when invoking locate modules, we always pass an explicit socktype, thus calling lookup twice (as we did before, albeit with a separate init/fini cycle) in the common case. When creating hostname entries in serverlist from profile configuration, we preserve the 0 value of socktype, and later create both TCP and UDP addresses from the getaddrinfo results when the host is resolved. * Some accessor functions previously used by libkrb4 have been removed as they impinged upon this work. ticket: 6868 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24635 dc483132-0cff-0310-8789-dd5450dbe970
* Trace logging file descriptor leakGreg Hudson2011-02-131-0/+1
| | | | | | | | | | | | | File descriptors created for trace logging were never being closed. With short-lived contexts this leak would eventually overflow the process's file table. Correct this oversight by closing the file descriptor in file_trace_cb before freeing its container. ticket: 6867 target_version: 1.9.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24634 dc483132-0cff-0310-8789-dd5450dbe970
* Reposition a trace call which was dereferencing freed memory afterGreg Hudson2011-02-131-1/+2
| | | | | | | | r24616. ticket: 6855 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24633 dc483132-0cff-0310-8789-dd5450dbe970
* KDC denial of service attacks [MITKRB5-SA-2011-002 CVE-2011-0281 ↵Tom Yu2011-02-095-18/+32
| | | | | | | | | | | | | | | CVE-2011-0282 CVE-2011-0283] [CVE-2011-0281 CVE-2011-0282] Fix some LDAP back end principal name handling that could cause the KDC to hang or crash. [CVE-2011-0283] Fix a KDC null pointer dereference introduced in krb5-1.9. ticket: 6860 tags: pullup target_version: 1.9.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24622 dc483132-0cff-0310-8789-dd5450dbe970
* kpropd denial of service [MITKRB5-SA-2011-001 CVE-2010-4022]Tom Yu2011-02-091-4/+4
| | | | | | | | | | | When operating in standalone mode and not doing iprop, don't return from do_standalone() if the child exits with abnormal status. ticket: 6859 tags: pullup target_version: 1.9.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24621 dc483132-0cff-0310-8789-dd5450dbe970
* Add missing KRB5_USE_INET6 ifdefs around some bits of IPv6 code whichGreg Hudson2011-02-092-0/+4
| | | | | | | | didn't have them. From aberry@likewise.com. ticket: 6857 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24620 dc483132-0cff-0310-8789-dd5450dbe970
* Assume ELF on FreeBSD if objformat doesn't existGreg Hudson2011-02-091-1/+1
| | | | | | | | | | | | | If /usr/bin/objformat doesn't exist on a FreeBSD system, it could indicate a pre-3.0 a.out version or a post-7.0 ELF version. Since FreeBSD 3.0 is now twelve years old, it's safer to assume ELF than a.out. From aberry@likewise.com. ticket: 6858 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24619 dc483132-0cff-0310-8789-dd5450dbe970
* Fix seg faulting trace log message for use of fallback realmGreg Hudson2011-02-081-1/+1
| | | | | | | | | | | The call to TRACE_TKT_CREDS_FALLBACK in get_creds.c was supplying the wrong argument, causing a crash. ticket: 6856 target_version: 1.9.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24618 dc483132-0cff-0310-8789-dd5450dbe970
* Set JAVADOC_AUTOBRIEF to YES to allow Doxygen interpret the first line of a ↵Zhanna Tsitkov2011-02-082-11/+8
| | | | | | | | JavaDoc-style comment as the brief description. Also, minor argument name fix in krb5.hin git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24617 dc483132-0cff-0310-8789-dd5450dbe970
* Improve acceptor name flexibilityGreg Hudson2011-02-0719-155/+675
| | | | | | | | | | | | | | | | | | | | | | Be more flexible about the principal names we will accept for a given GSS acceptor name. Also add support for a new libdefaults profile variable ignore_acceptor_hostname, which causes the hostnames of host-based service principals to be ignored when passed by server applications as acceptor names. Note that we still always invoke krb5_sname_to_principal() when importing a gss-krb5 mechanism name, even though we won't always use the result. This is an unfortunate waste of getaddrinfo/getnameinfo queries in some situations, but the code surgery necessary to defer it appears too risky at this time. The project proposal for this change is at: http://k5wiki.kerberos.org/wiki/Projects/Acceptor_Names ticket: 6855 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24616 dc483132-0cff-0310-8789-dd5450dbe970
* Add "make doxugen" option to generate doxygen outputZhanna Tsitkov2011-02-072-0/+1670
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24615 dc483132-0cff-0310-8789-dd5450dbe970
* Added doxygen comments (mostly from the backup location)Zhanna Tsitkov2011-02-071-119/+3866
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24614 dc483132-0cff-0310-8789-dd5450dbe970
* Change flow control in krb5_gss_import_name to better match currentGreg Hudson2011-02-041-95/+60
| | | | | | coding practices. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24613 dc483132-0cff-0310-8789-dd5450dbe970
* Remove an unnecessary statement in acquire_init_cred(). We never setGreg Hudson2011-02-031-7/+1
| | | | | | an acceptor name different from desired_princ. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24612 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-10-02 12:31:00 +0000