krb5.git/src/lib/kdb, branch kinit-c MIT Kerberos patches Use new error message wrapping APIs 2014-12-07T20:11:01+00:00 Nicolas Williams nico@cryptonector.com 2014-11-12T21:49:37+00:00 ebcdf02f8ec212555b1762007fa8454615900f36 Define internal names k5_prendmsg and k5_wrapmsg and use them where we amend error messages. This slightly changes the error message when we fail to construct FAST AP-REQ armor, decrypt a FAST reply, or store credentials in a gic_opts output ccache. Adjust the test suite for the latter of those changes. [ghudson@mit.edu: define and use internal names for brevity; pull in test fix from later commit; expand commit message; fix redundant separators in LDAP messages] ticket: 8046 
Define internal names k5_prendmsg and k5_wrapmsg and use them where we
amend error messages.  This slightly changes the error message when we
fail to construct FAST AP-REQ armor, decrypt a FAST reply, or store
credentials in a gic_opts output ccache.  Adjust the test suite for
the latter of those changes.

[ghudson@mit.edu: define and use internal names for brevity; pull in
test fix from later commit; expand commit message; fix redundant
separators in LDAP messages]

ticket: 8046
Fix uninitialized variable bug in kdb_cpw.c 2014-09-05T19:36:11+00:00 Greg Hudson ghudson@mit.edu 2014-09-05T19:36:11+00:00 9a6dc30d9105f0a3c2a209a2154660a0474b3499 Now that add_key_rnd isn't looking up the TGT principal entry, it could use retval before initializing it if the loop runs for zero iterations. Get rid of the add_key_rnd label (as it no longer does anything) and just return 0 after the loop ends. 
Now that add_key_rnd isn't looking up the TGT principal entry, it
could use retval before initializing it if the loop runs for zero
iterations.  Get rid of the add_key_rnd label (as it no longer does
anything) and just return 0 after the loop ends.
Simplify kdb_cpw.c 2014-09-05T18:48:12+00:00 Greg Hudson ghudson@mit.edu 2014-08-25T23:14:50+00:00 759a8e1001ac21161d26eb1dc80c6601fb379964 In add_key_rnd, stop looking up the krbtgt DB entry; we have not used it since 1.1. Use copy_key_data in add_key_rnd and add_key_pwd. krb5_dbe_crk, krb5_dbe_ark, krb5_dbe_def_cpw, and krb5_dbe_apw all contained similar logic. Consolidate all of them into a static helper function which does the work of all four. The ark/apw variants had slightly different behavior then crk/cpw with keepold=true, so introduce a three-value enum to express all three behaviors. 
In add_key_rnd, stop looking up the krbtgt DB entry; we have not used
it since 1.1.

Use copy_key_data in add_key_rnd and add_key_pwd.

krb5_dbe_crk, krb5_dbe_ark, krb5_dbe_def_cpw, and krb5_dbe_apw all
contained similar logic.  Consolidate all of them into a static helper
function which does the work of all four.  The ark/apw variants had
slightly different behavior then crk/cpw with keepold=true, so
introduce a three-value enum to express all three behaviors.
Re-encrypt preserved key data in new master key 2014-09-05T18:36:55+00:00 Greg Hudson ghudson@mit.edu 2014-08-25T16:48:14+00:00 32c9b8f1aa1b348388ed227394cc609e68ed833b When we are preserving old key data in kdb_cpw.c, ensure that it is encrypted with the same master key as the new key data. This ensures that the KRB5_TL_MKVNO tl-data on the principal entry applies to all of the key data, not just some of it. ticket: 7995 target_version: 1.13 tags: pullup 
When we are preserving old key data in kdb_cpw.c, ensure that it is
encrypted with the same master key as the new key data.  This ensures
that the KRB5_TL_MKVNO tl-data on the principal entry applies to all
of the key data, not just some of it.

ticket: 7995
target_version: 1.13
tags: pullup
Ignore iprop deletion of deleted princ 2014-08-02T18:20:35+00:00 Tom Yu tlyu@mit.edu 2014-08-02T18:20:35+00:00 8f752f88bf1b1284d8e2b8119031625f2b703ab7 Now that an iprop full dump might not hold a lock around the entire dump, it's possible that iprop will queue an incremental update while the dump is in progress. If a principal is deleted while the dump is in progress, the dump could omit that principal, yet the deletion event would still be queued in the ulog. Ignore that deletion without generating an error. This is the same basic change as for ticket #7753. ticket: 7977 
Now that an iprop full dump might not hold a lock around the entire
dump, it's possible that iprop will queue an incremental update while
the dump is in progress.  If a principal is deleted while the dump is
in progress, the dump could omit that principal, yet the deletion
event would still be queued in the ulog.  Ignore that deletion without
generating an error.

This is the same basic change as for ticket #7753.

ticket: 7977
Add flag word to KDB iteration APIs 2014-08-02T18:20:33+00:00 Tom Yu tlyu@mit.edu 2014-08-02T18:20:33+00:00 ab009b8568d9b64b7e992ecdb98114e895b4a7ff ticket: 7977 (new) subject: Enable unlocked KDB iteration 
ticket: 7977 (new)
subject: Enable unlocked KDB iteration
Modify k5buf interfaces for easier use 2014-07-30T16:11:38+00:00 Greg Hudson ghudson@mit.edu 2014-07-02T16:03:54+00:00 651f3af251d172361a954f55f2d87561ae42c2d0 Make struct k5buf less opaque and get rid of k5buf-int.h. Make it easy to initialize a k5buf in an error state so that it can be freed in a cleanup handler. Add a function k5_buf_status which returns 0 or ENOMEM. Remove k5_buf_data and k5_buf_len. Rename k5_free_buf to k5_buf_free. Adjust all callers to match. 
Make struct k5buf less opaque and get rid of k5buf-int.h.  Make it
easy to initialize a k5buf in an error state so that it can be freed
in a cleanup handler.  Add a function k5_buf_status which returns 0 or
ENOMEM.  Remove k5_buf_data and k5_buf_len.  Rename k5_free_buf to
k5_buf_free.  Adjust all callers to match.
Include autoconf.h before system headers 2014-07-08T23:19:24+00:00 Greg Hudson ghudson@mit.edu 2014-07-05T15:50:58+00:00 02a1123cf44381690c28f18ab2c4ba8036200539 Include autoconf.h (either directly or via proxy) before system headers, so that feature test macros defined there can affect the system namespace. Where include order was changed, eliminate some redundant or unnecessary includes. ticket: 7961 
Include autoconf.h (either directly or via proxy) before system
headers, so that feature test macros defined there can affect the
system namespace.  Where include order was changed, eliminate some
redundant or unnecessary includes.

ticket: 7961
Use k5_setmsg 2014-06-05T15:22:50+00:00 Greg Hudson ghudson@mit.edu 2014-05-24T16:15:32+00:00 a7b5808b5df9e54ef8a8a7ac24e5faad458ddbce Replace most calls to krb5_set_error_message with k5_setmsg for brevity. Leave alone plugin sources where we don't include k5-int.h (mostly PKINIT). 
Replace most calls to krb5_set_error_message with k5_setmsg for
brevity.  Leave alone plugin sources where we don't include k5-int.h
(mostly PKINIT).
Maintain complete ulog on iprop slaves 2014-02-21T01:45:51+00:00 Greg Hudson ghudson@mit.edu 2014-01-25T19:40:41+00:00 406c83c835a8ce062d798a2ec4eda2eddd088450 Factor out most of ulog_add_update into a helper function named store_update, and make ulog_add_update just responsible for assigning a serial number and timestamp to the update before storing it. In ulog_replay, use store_update and ulog_finish_update to add each update to the ulog in addition to replaying it to the database. Don't use incr_ret->lastentry to set kdb_last_sno/kdb_last_time, since it will have been set properly by adding the individual updates; instead, just reinitialize the ulog on error. Slave ulogs use serial numbers provided from upstream, and thus do not always begin at serial number 1 after a header reset. As a result, we must: (A) in store_update, detect the first update (for which we must assign kdb_first_sno/kdb_first_time) by comparing kdb_num to 0, instead of by comparing the serial number to 1; (B) in store_update, detect that we are overwriting the first update by comparing kdb_num to ulogentries, instead of comparing the serial number to ulogentries; and (C) in ulog_map, detect that ulogentries changed by verifying the first and last serial number and timestamp against the actual ulog entries, rather than simply comparing kdb_last_sno to kdb_num. Based on code submitted by Richard Basch. ticket: 7855 
Factor out most of ulog_add_update into a helper function named
store_update, and make ulog_add_update just responsible for assigning
a serial number and timestamp to the update before storing it.  In
ulog_replay, use store_update and ulog_finish_update to add each
update to the ulog in addition to replaying it to the database.  Don't
use incr_ret->lastentry to set kdb_last_sno/kdb_last_time, since it
will have been set properly by adding the individual updates; instead,
just reinitialize the ulog on error.

Slave ulogs use serial numbers provided from upstream, and thus do not
always begin at serial number 1 after a header reset.  As a result, we
must: (A) in store_update, detect the first update (for which we must
assign kdb_first_sno/kdb_first_time) by comparing kdb_num to 0,
instead of by comparing the serial number to 1; (B) in store_update,
detect that we are overwriting the first update by comparing kdb_num
to ulogentries, instead of comparing the serial number to ulogentries;
and (C) in ulog_map, detect that ulogentries changed by verifying the
first and last serial number and timestamp against the actual ulog
entries, rather than simply comparing kdb_last_sno to kdb_num.

Based on code submitted by Richard Basch.

ticket: 7855