krb5.git/src/lib/krb5/ccache, branch keyring MIT Kerberos patches Set expiration time on keys and keyrings 2013-11-15T21:40:44+00:00 Simo Sorce simo@redhat.com 2013-11-15T21:36:05+00:00 64bf5e01cee2317d59084b6c134cdd11b21f7552 By setting the timeout based on the credetial's timeout we let the system automatically cleanup expired credentials. [ghudson@mit.edu: simplified code slightly] ticket: 7769 (new) target_version: 1.12 tags: pullup 
By setting the timeout based on the credetial's timeout we let the
system automatically cleanup expired credentials.

[ghudson@mit.edu: simplified code slightly]

ticket: 7769 (new)
target_version: 1.12
tags: pullup
Add support to store time offsets in cc_keyring 2013-11-15T19:50:04+00:00 Simo Sorce simo@redhat.com 2013-11-14T22:23:59+00:00 568fc6d12c231d00d3b4d75826da93b772e7c075 The code follows the same model used for the memory ccache type. Time offsets are stored in each credential cache in a special key just like the principal name. Legacy session caches do not store timestamps as legacy code would fail when iterating over the new offset key. [ghudson@mit.edu: minor formatting changes; note legacy session exception in commit message] ticket: 7768 (new) target_version: 1.12 tags: pullup 
The code follows the same model used for the memory ccache type.  Time
offsets are stored in each credential cache in a special key just like
the principal name.  Legacy session caches do not store timestamps as
legacy code would fail when iterating over the new offset key.

[ghudson@mit.edu: minor formatting changes; note legacy session
exception in commit message]

ticket: 7768 (new)
target_version: 1.12
tags: pullup
Catch more strtol() failures when using KEYRINGs 2013-11-12T16:13:51+00:00 Nalin Dahyabhai nalin@dahyabhai.net 2013-11-11T18:10:08+00:00 5ac159e220297a8f62dd5edcec6f9b988b0627ea When parsing what should be a UID while resolving a KEYRING ccache name, don't just depend on strtol() to set errno when the residual that we pass to it can't be parsed as a number. In addition to checking errno, pass in and check the value of an "endptr". [ghudson@mit.edu: simplified slightly] ticket: 7764 (new) target_version: 1.12 tags: pullup 
When parsing what should be a UID while resolving a KEYRING ccache
name, don't just depend on strtol() to set errno when the residual
that we pass to it can't be parsed as a number.  In addition to
checking errno, pass in and check the value of an "endptr".

[ghudson@mit.edu: simplified slightly]

ticket: 7764 (new)
target_version: 1.12
tags: pullup
Conditionally test KEYRING ccache type 2013-10-02T14:41:40+00:00 Greg Hudson ghudson@mit.edu 2013-09-28T20:29:36+00:00 5d03cb6b235f0ee0e30b34630f95f208d6acd3d0 If the keyctl command is found and klist recognizes the KEYRING credential cache type, then run several tests against keyring ccaches: the collection test program in lib/krb5/ccache, the command-line collection tests in tests/t_ccache.py, and some new tests to verify legacy session cache behavior. Much of the Python code in t_ccache.py is moved into a new function named "collection_test" so we can run it once against a DIR collection and once against a KEYRING collection. Also: fix a memory leak in the collection test program; add a test for iteration when the default cache name is a subsidiary name; use a process keyring ccache in t_cc.c to avoid leaving behind empty collections in the session keyring after each test run. Adapted from a patch by simo@redhat.com. ticket: 7711 
If the keyctl command is found and klist recognizes the KEYRING
credential cache type, then run several tests against keyring ccaches:
the collection test program in lib/krb5/ccache, the command-line
collection tests in tests/t_ccache.py, and some new tests to verify
legacy session cache behavior.  Much of the Python code in t_ccache.py
is moved into a new function named "collection_test" so we can run it
once against a DIR collection and once against a KEYRING collection.

Also: fix a memory leak in the collection test program; add a test for
iteration when the default cache name is a subsidiary name; use a
process keyring ccache in t_cc.c to avoid leaving behind empty
collections in the session keyring after each test run.

Adapted from a patch by simo@redhat.com.

ticket: 7711
Support new KEYRING anchor names and big_key keys 2013-10-02T14:41:34+00:00 Greg Hudson ghudson@mit.edu 2013-09-28T18:12:58+00:00 7c69a0372db5b7ed670ef3099a97942ede7a4739 Add support for the new anchor names persistent, user, and session. The persistent anchor attempts to use a persistent keyring for a specified uid, and falls back to the user keyring if it cannot; the collection is stored at a fixed name within the persistent or user keyring. The session anchor uses the session keyring without legacy semantics. For all keyring types except legacy, attempt to use the "big_key" key type on systems which have keyctl_get_persistent. (They are essentially unrelated features, but were added at the same time.) This key type is stored in a kernel tmpfs and can store larger tickets. Since kernel commit 96b5c8fea6c0861621051290d705ec2e971963f1, new keys created by add_key() only have VIEW permission for the user, and the rest of the permissions require "possession," which means there is a path from the thread, process, or session keyring to the key. For the user and persistent anchor types, we link the collection into the process keyring to ensure that we have a possession rights on the collection. Adapted from a patch by simo@redhat.com. ticket: 7711 
Add support for the new anchor names persistent, user, and session.
The persistent anchor attempts to use a persistent keyring for a
specified uid, and falls back to the user keyring if it cannot; the
collection is stored at a fixed name within the persistent or user
keyring.  The session anchor uses the session keyring without legacy
semantics.

For all keyring types except legacy, attempt to use the "big_key" key
type on systems which have keyctl_get_persistent.  (They are
essentially unrelated features, but were added at the same time.)
This key type is stored in a kernel tmpfs and can store larger
tickets.

Since kernel commit 96b5c8fea6c0861621051290d705ec2e971963f1, new keys
created by add_key() only have VIEW permission for the user, and the
rest of the permissions require "possession," which means there is a
path from the thread, process, or session keyring to the key.  For the
user and persistent anchor types, we link the collection into the
process keyring to ensure that we have a possession rights on the
collection.

Adapted from a patch by simo@redhat.com.

ticket: 7711
Add collection support for KEYRING ccache type 2013-10-02T14:41:09+00:00 Greg Hudson ghudson@mit.edu 2013-09-27T22:45:29+00:00 c1e8d03a6254e3ce86a71eed31e4c127e3324f9b Augment the KEYRING ccache type to support collection semantics similar to those of the DIR type. For keyrings with no anchor prefix, maintain compatibility with old code by linking the initial primary cache directly from the session keyring and naming it after the collection. See http://k5wiki.kerberos.org/wiki/Projects/Keyring_collection_cache for more information. Adapted from a patch by simo@redhat.com. ticket: 7711 (new) 
Augment the KEYRING ccache type to support collection semantics
similar to those of the DIR type.  For keyrings with no anchor prefix,
maintain compatibility with old code by linking the initial primary
cache directly from the session keyring and naming it after the
collection.

See http://k5wiki.kerberos.org/wiki/Projects/Keyring_collection_cache
for more information.  Adapted from a patch by simo@redhat.com.

ticket: 7711 (new)
Clarify variable names in cc_keyring.c 2013-09-28T19:25:27+00:00 Greg Hudson ghudson@mit.edu 2013-09-26T16:23:23+00:00 253155e1db678546358b69ab953f8fdd9b7fb23a Consistently use "cache_name" and "cache_id" to talk about the name and ID of the keyring containing the cache. In krb5_krcc_resolve, use "residual" for the residual string as we are no longer using it for the cache keyring name, and use "anchor_id" for the keyring identified by the prefix to make it clear that it is not the cache keyring. Adapted from a patch by simo@redhat.com. 
Consistently use "cache_name" and "cache_id" to talk about the name
and ID of the keyring containing the cache.  In krb5_krcc_resolve, use
"residual" for the residual string as we are no longer using it for
the cache keyring name, and use "anchor_id" for the keyring identified
by the prefix to make it clear that it is not the cache keyring.

Adapted from a patch by simo@redhat.com.
Defer KEYRING key creation until initialize 2013-09-28T19:25:26+00:00 Greg Hudson ghudson@mit.edu 2013-09-26T15:40:13+00:00 75b7ea9163e57ff0522f55a9cd0c2ab4b4974e38 If we resolve a KEYRING cache and the key does not exist, wait until initialize time to create it, to avoid wasting precious kernel memory on a cache which might not ever be created. Properly error out if store_cred or start_seq_get is called on an uninitialized cache, as we would for a FILE cache. Adapted from a patch by simo@redhat.com. 
If we resolve a KEYRING cache and the key does not exist, wait until
initialize time to create it, to avoid wasting precious kernel memory
on a cache which might not ever be created.  Properly error out if
store_cred or start_seq_get is called on an uninitialized cache, as we
would for a FILE cache.

Adapted from a patch by simo@redhat.com.
Add ccache collection tests using API 2013-09-24T19:00:18+00:00 Greg Hudson ghudson@mit.edu 2013-09-24T16:20:17+00:00 620275cd43e237ab273b726b2aee0ae729587772 Create a new test program in lib/krb5/ccache named t_cccol.c which verifies collection semantics using the API. Run it with an empty DIR collection in t_cccol.py. 
Create a new test program in lib/krb5/ccache named t_cccol.c which
verifies collection semantics using the API.  Run it with an empty DIR
collection in t_cccol.py.
Factor out krb5int_random_string() routine 2013-09-24T17:02:57+00:00 Zhanna Tsitkov tsitkova@mit.edu 2013-09-24T14:13:26+00:00 ee61e4adf18c6f032b7ab2fa790fb261cfc4105c Make krb5int_random_string() function available outside ccache code. Move it into a separate file under lib/krb5/krb hierarchy. 
Make krb5int_random_string() function available outside ccache code.
Move it into a separate file under lib/krb5/krb hierarchy.