gss-proxy.git/proxy/src, branch impersonate

Add impersonation support

2013-10-18T19:33:55+00:00

By setting the impersonate flag to true, the acquisition of credentials will
be done using constrained delegation (s4uself + s4u2proxy).

To work this needs MIT Kereberos 1.11.4 or later.
Previous versions have a bug in the import_cred function that prevents the
library from properly importing previously exported delegated credentials.

Resolves: https://fedorahosted.org/gss-proxy/ticket/95

Move uid to name resolution in its own function.

2013-10-18T14:35:26+00:00

Add option to specify allowed usage.

2013-10-18T13:46:24+00:00

Credentials can often be used both to accept and to initiate contexts.
With this option admins can allow a specific usage only.
This is to avoid allowing an unprivileged process to fool a remote
client by allowing it to impersonate a server, when we only want to
allow this service to use credentials to initiate contexts.

Reviewed-by: Günther Deschner

Allow arbitrary users to connect to a service

2013-10-18T13:46:24+00:00

The rpc.gssd daemon is changing to fork and change uid to the unprivileged
user it wants to authenticate, this means gssproxy needs to allow connection
from any euid. When this is done though, the trusted flag needs to be dropped,
if the connecting euid does not match the default trusted uid to prevent
improper impersonation.

Resolves: https://fedorahosted.org/gss-proxy/ticket/103
Reviewed-by: Günther Deschner

Fix LOCAL_FIRST behavior

2013-10-18T12:34:46+00:00

We were erroneously returning and never falling back if LOCAL_FIRST was
selected. Correct also the remote first fallback flow.

Resolves: https://fedorahosted.org/gss-proxy/ticket/105

Reviewed-by: Günther Deschner

Fix resource leak in gpm_accept_sec_context().

2013-10-15T11:48:20+00:00

Resolves Coverity CID #12027.

Signed-off-by: Günther Deschner 
Reviewed-by: Simo Sorce

Use right signedness for creds buffer.

2013-08-28T15:04:58+00:00

gp_export_creds_*() functions are using a arrays of int32_t values, however this
array holds uids and gids which are unsigned integers.

Signed-off-by: Günther Deschner

Fix selinux option check

2013-08-26T15:05:32+00:00

Found by coverity (CID 11894)

Reviewed-by: Günther Deschner

Add service match using SeLinux Context

2013-07-02T14:17:23+00:00

Using getpeercon we can know the elinux context of the process talking to
gssproxy. Use this information as an optional additional filter to match
processes to service definitions.
If a selinux_context option with a full user;role;type context is specified
into a service section, then the connecting process must also be running under
the specified selinux context in order to be allowed to connect.

Signed-off-by: Simo Sorce 
Reviewed-by: Günther Deschner

Coverity fixes.

2013-06-27T16:07:23+00:00

Fix a 4 coverity issues, ranging from memory leaks, to uninitialized
variables, to potential NULL derefernce.
Also a TOCTOU report that is in one of the accessory test scripts.
The bug itself is not reallya TOCTOU, but the check done in the script is
unecessary, so I just removed it.

Signed-off-by: Simo Sorce 
Reviewed-by: Günther Deschner