gss-proxy.git/proxy/src/mechglue, branch review Work on gss-proxy before it lands upstream Fix handling of context initialization 2015-03-29T21:42:08+00:00 Simo Sorce simo@redhat.com 2015-03-29T21:42:08+00:00 78f092a567dfdbdf63d295e9a9cf48aaaace380b If a previous call has decided to use only local (to the process) credentials, then we need to override all the way to the end. A previous patch also swapped the order in which credential handler and context handler are initialized, make sure also to swap the fallback checks. Set the behavior to the process default only if it wasn't forced to local. Signed-off-by: Simo Sorce <simo@redhat.com> 
If a previous call has decided to use only local (to the process)
credentials, then we need to override all the way to the end.

A previous patch also swapped the order in which credential handler
and context handler are initialized, make sure also to swap the
fallback checks.
Set the behavior to the process default only if it wasn't forced to
local.

Signed-off-by: Simo Sorce <simo@redhat.com>
Properly handle security contexts on error 2015-03-24T15:49:25+00:00 Simo Sorce simo@redhat.com 2015-02-26T20:49:59+00:00 ab69b71fcf9187269058b4e1ff7b394cc37f19da On error we need to make sure we do not return a pointer to a security context that may have been already freed. So make sure to always unconditionally return the context that we've been returned by our callees. Also reorganize the code so we do not accidently wipe the context and leak memoy on error. This fixed a double-free bug found by NFS folks @ Red Hat Fixes: https://fedorahosted.org/gss-proxy/ticket/137 Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Nathaniel McCallum <npmccallum@redhat.com> 
On error we need to make sure we do not return a pointer to a
security context that may have been already freed.
So make sure to always unconditionally return the context that we've
been returned by our callees.
Also reorganize the code so we do not accidently wipe the context
and leak memoy on error.

This fixed a double-free bug found by NFS folks @ Red Hat

Fixes: https://fedorahosted.org/gss-proxy/ticket/137

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Nathaniel McCallum <npmccallum@redhat.com>
Zero out the outputs of display_name 2015-01-22T19:54:05+00:00 Simo Sorce simo@redhat.com 2015-01-22T19:26:23+00:00 9da1bc9dec8d228b35ef8639832cddc5e477ddf8 The mechglue expects the mechanism function to zero them in all cases. Otherwise on error it will later try to free the output buffer value which can be an arbitrary pointer. This will cause a segfault or worse in glibc's free(). Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Roland Mainz <rmainz@redhat.com> 
The mechglue expects the mechanism function to zero them in all cases.
Otherwise on error it will later try to free the output buffer value
which can be an arbitrary pointer. This will cause a segfault or
worse in glibc's free().

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Roland Mainz <rmainz@redhat.com>
Fix potential segfault in gssi_inquire_context(). 2014-02-05T14:08:53+00:00 Günther Deschner gdeschner@redhat.com 2014-01-29T16:59:03+00:00 c17f20b949d2e80e596ce21ecd944db80aaa80b1 Signed-off-by: Günther Deschner <gdeschner@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> 
Signed-off-by: Günther Deschner <gdeschner@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Use secure_getenv in client and mechglue module 2013-11-21T12:48:25+00:00 Simo Sorce simo@redhat.com 2013-11-20T16:58:22+00:00 23f4ee4359d10f66e1938ce6b1d92d3cc77865ff proxymehc.so may be used in setuid binaries so follow best security practices and use secure_getenv() if available. Fallback to poorman emulation when secure_getenv() is not available. Resolves: https://fedorahosted.org/gss-proxy/ticket/110 Reviewed-by: Günther Deschner <gdeschner@redhat.com> 
proxymehc.so may be used in setuid binaries so follow best security
practices and use secure_getenv() if available.
Fallback to poorman emulation when secure_getenv() is not available.

Resolves: https://fedorahosted.org/gss-proxy/ticket/110

Reviewed-by: Günther Deschner <gdeschner@redhat.com>
Fix calling gpm_inquire_cred_by_mech 2013-11-19T13:04:09+00:00 Simo Sorce simo@redhat.com 2013-11-13T23:13:44+00:00 b8901d1d20a5d0ef1a3118bfe5816e04c09e6cf5 We need to pass the real mechanism oid here, not the spcial oid. special oids are used exclusively by the interposer and gssapi machinery that calls the interposer, they must never be propagated to clients or servers. https://fedorahosted.org/gss-proxy/ticket/107 Reviewed-by: Günther Deschner <gdeschner@redhat.com> 
We need to pass the real mechanism oid here, not the spcial oid.
special oids are used exclusively by the interposer and gssapi
machinery that calls the interposer, they must never be propagated
to clients or servers.

https://fedorahosted.org/gss-proxy/ticket/107

Reviewed-by: Günther Deschner <gdeschner@redhat.com>
Add way to return regular oid from special 2013-11-19T13:04:03+00:00 Simo Sorce simo@redhat.com 2013-11-13T23:12:44+00:00 122b35f7adf37bc81f6d53bb5f9e058b68334cbb In some cases we need to pass on the corresponding real oid, after we are given a special oid. Add helper functions to do that. https://fedorahosted.org/gss-proxy/ticket/107 Reviewed-by: Günther Deschner <gdeschner@redhat.com> 
In some cases we need to pass on the corresponding real oid, after we
are given a special oid.
Add helper functions to do that.

https://fedorahosted.org/gss-proxy/ticket/107

Reviewed-by: Günther Deschner <gdeschner@redhat.com>
Fix LOCAL_FIRST behavior 2013-10-18T12:34:46+00:00 Simo Sorce simo@redhat.com 2013-10-15T19:45:59+00:00 aaad6e85e8a1e25da3005b1593834a8269114171 We were erroneously returning and never falling back if LOCAL_FIRST was selected. Correct also the remote first fallback flow. Resolves: https://fedorahosted.org/gss-proxy/ticket/105 Reviewed-by: Günther Deschner <gdeschner@redhat.com> 
We were erroneously returning and never falling back if LOCAL_FIRST was
selected. Correct also the remote first fallback flow.

Resolves: https://fedorahosted.org/gss-proxy/ticket/105

Reviewed-by: Günther Deschner <gdeschner@redhat.com>
Coverity fixes. 2013-06-27T16:07:23+00:00 Simo Sorce simo@redhat.com 2013-06-25T20:07:42+00:00 f66a585e042fbb2f313c1cbde329088fac86cea6 Fix a 4 coverity issues, ranging from memory leaks, to uninitialized variables, to potential NULL derefernce. Also a TOCTOU report that is in one of the accessory test scripts. The bug itself is not reallya TOCTOU, but the check done in the script is unecessary, so I just removed it. Signed-off-by: Simo Sorce <simo@redhat.com> Reviewed-by: Günther Deschner <gdeschner@redhat.com> 
Fix a 4 coverity issues, ranging from memory leaks, to uninitialized
variables, to potential NULL derefernce.
Also a TOCTOU report that is in one of the accessory test scripts.
The bug itself is not reallya TOCTOU, but the check done in the script is
unecessary, so I just removed it.

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Günther Deschner <gdeschner@redhat.com>
Disable gss_export_name_composite() for now. 2013-05-16T10:11:42+00:00 Günther Deschner gdeschner@redhat.com 2013-05-16T10:06:19+00:00 94d395f36e996f19d7e10a54c734f8bc0dc21da1 We first need to fix our tests and implementation. Temporary workaround for: https://fedorahosted.org/gss-proxy/ticket/81 Signed-off-by: Günther Deschner <gdeschner@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> 
We first need to fix our tests and implementation.

Temporary workaround for:
https://fedorahosted.org/gss-proxy/ticket/81

Signed-off-by: Günther Deschner <gdeschner@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>