summaryrefslogtreecommitdiffstats
path: root/src/kdc
Commit message (Collapse)AuthorAgeFilesLines
...
* Rename krb5_dbekd_encrypt_key_data and krb5_dbekd_decrypt_key_data toGreg Hudson2010-07-024-23/+20
| | | | | | | | | just use the krb5_dbe prefix. ticket: 6749 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24164 dc483132-0cff-0310-8789-dd5450dbe970
* Remove the set_master_key and get_master_key DAL interfaces and theirGreg Hudson2010-07-021-5/+0
| | | | | | | | | | | | corresponding libkdb5 APIs, as they were not productively used. In kdb5_ldap_util, stop using the realm data's mkey field as a container to communicate the master key to static helper functions, since the field no longer exists. ticket: 6749 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24162 dc483132-0cff-0310-8789-dd5450dbe970
* make dependGreg Hudson2010-06-071-62/+66
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24119 dc483132-0cff-0310-8789-dd5450dbe970
* Don't include nul characters in the text we send with krb-errorGreg Hudson2010-05-242-2/+2
| | | | | | responses from the KDC. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24097 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate the unused realm_dbname field from krb5_realm_paramsGreg Hudson2010-05-042-3/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23968 dc483132-0cff-0310-8789-dd5450dbe970
* memory leak in process_tgs_req in r23724Tom Yu2010-04-301-1/+3
| | | | | | | | | | | Fix a KDC memory leak that was introduced by r23724 that could leak the decoded request. ticket: 6711 tags: pullup target_version: 1.8.2 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23959 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate a non-useful NULL check in the KDC's dispatch() function.Greg Hudson2010-04-221-1/+1
| | | | | | | | If process_as_req or process_tgs_req return successfully, they will always fill in *response. (If they didn't, the subsequence (*response)->length check would crash anyway.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23922 dc483132-0cff-0310-8789-dd5450dbe970
* Fix CVE-2010-1230 (MITKRB5-SA-2010-004) double-free in KDC triggeredTom Yu2010-04-201-0/+2
| | | | | | | | | | | | | | by ticket renewal. Add a test case. See also http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577490 Thanks to Joel Johnson and Brian Almeida for the reports. ticket: 6702 target_version: 1.8.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23912 dc483132-0cff-0310-8789-dd5450dbe970
* Merge users/raeburn/branches/network-mergeKen Raeburn2010-03-179-1829/+177
| | | | | | | | | | Re-integrates the forked versions of network.c in kdc and kadmin/server. Server-specific initialization and SIGHUP-reset code is moved into other source files; the more generic network-servicing code is merged and moved into apputils library already used by both programs. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23811 dc483132-0cff-0310-8789-dd5450dbe970
* handle NT_SRV_INST in service principal referralsTom Yu2010-03-161-0/+1
| | | | | | | | | | | Handle NT_SRV_INST in service principal cross-realm referrals, as Windows apparently uses that instead of NT_SRV_HST for at least some service principals. ticket: 6685 target_version: 1.8.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23810 dc483132-0cff-0310-8789-dd5450dbe970
* Ignore improperly encoded signedpath AD elementsGreg Hudson2010-03-051-1/+5
| | | | | | | | | | | | | We have some reason to believe Microsoft and Heimdal are both using the authdata value 142 for different purposes, leading to failures in verify_ad_signedpath(). For better interoperability, treat such tickets as unsigned, rather than invalid. ticket: 6676 target_version: 1.8.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23766 dc483132-0cff-0310-8789-dd5450dbe970
* The TGS code was not freeing authdata. This is an old leak which wasGreg Hudson2010-02-181-2/+3
| | | | | | | | | | | made more evident in 1.8 by the addition of ad-signedpath authdata appearing in most tickets issued through the TGS path. ticket: 6659 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23735 dc483132-0cff-0310-8789-dd5450dbe970
* MITKRB5-SA-2010-001 CVE-2010-0283 KDC denial of serviceTom Yu2010-02-163-1/+8
| | | | | | | | | | | | | Code introduced in krb5-1.7 can cause an assertion failure if a KDC-REQ is internally inconsistent, specifically if the ASN.1 tag doesn't match the msg_type field. Thanks to Emmanuel Bouillon (NATO C3 Agency) for discovering and reporting this vulnerability. ticket: 6662 tags: pullup target_version: 1.8 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23724 dc483132-0cff-0310-8789-dd5450dbe970
* Followon fixes to r23712:Greg Hudson2010-02-105-9/+14
| | | | | | | | | | | | | | | | * A few formatting fixes. * Fix unlikely leak in kdc_handle_protected_negotiation: if add_pa_data_element with copy == FALSE fails, it's still the caller's responsibility to free pa.contents. * Fix pre-existing (since r23465) leak of reply_encpart.enc_padata in process_as_req. * Call add_pa_data_element with copy == TRUE in return_referral_enc_padata since we are passing memory owned by the database entry. ticket: 6656 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23714 dc483132-0cff-0310-8789-dd5450dbe970
* enc_padata can include empty sequenceSam Hartman2010-02-095-84/+61
| | | | | | | | | | | | | | | | | There are two issues with return_enc_padata. 1) It often will return an empty sequence of enc_padata rather than not including the field 2) FAST negotiation is double supported in the referral tgs path and not supported in the non-referral path Rewrite the return_enc_padata logic to: * Split out referral interactions with kdb into its own function * Use add_pa_data_element ticket: 6656 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23712 dc483132-0cff-0310-8789-dd5450dbe970
* Fix cross-realm handling of AD-SIGNEDPATHGreg Hudson2010-02-053-7/+19
| | | | | | | | | | | | | | | Avoid setting AD-SIGNEDPATH when returning a cross-realm TGT. Previously we were avoiding it when answering a cross-realm client, which was wrong. Don't fail out on an invalid AD-SIGNEDPATH checksum; just don't trust the ticket for S4U2Proxy (as if AD-SIGNEDPATH weren't present). ticket: 6655 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23697 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of kdb_ext.h and allow out-of-tree KDB pluginsGreg Hudson2010-01-272-56/+48
| | | | | | | | | | | | | Move the contents of kdb_ext.h into kdb.h, since there is no meaningful "extensions" category of DB interfaces now that this stuff is in our tree. Allows out-of-tree KDB plugins to be built since we install kdb.h. ticket: 6649 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23674 dc483132-0cff-0310-8789-dd5450dbe970
* Simplify and fix FAST check for keyed checksum typeGreg Hudson2010-01-121-15/+4
| | | | | | | | | | | | Use krb5_c_is_keyed_checksum to detect unkeyed checksums when handling FAST requests. The old check was broken for 1.8 because krb5_c_verify_checksum got pickier about invalid keyblocks. ticket: 6632 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23628 dc483132-0cff-0310-8789-dd5450dbe970
* Always treat anonymous as preauth requiredSam Hartman2010-01-071-0/+1
| | | | | | | | | | Always treat the WELLKNOWN/ANONYMOUS principal as requiring pre-authentication. The anonymous draft depends on a pre-auth exchange to invoke pkinit. ticket: 6623 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23603 dc483132-0cff-0310-8789-dd5450dbe970
* Make preauth_module_dir override, rather than supplement, theGreg Hudson2010-01-071-33/+10
| | | | | | | built-in path list, to avoid problems with running the same preauth module twice. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23602 dc483132-0cff-0310-8789-dd5450dbe970
* Add preauth_module_dir support to the KDC preauth module loaderGreg Hudson2010-01-041-3/+44
| | | | | | | (should have been part of r23531). Most or all of this logic should be moved into the plugin code or a layer above it, after the branch. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23584 dc483132-0cff-0310-8789-dd5450dbe970
* Ignore some routing messages indicating changes that don't affect ourKen Raeburn2010-01-031-0/+24
| | | | | | set of local addresses. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23570 dc483132-0cff-0310-8789-dd5450dbe970
* Change db_args from being a global to only defined in the functionEzra Peisach2010-01-012-16/+16
| | | | | | | that uses it. This removes a warning of shadowed variable names. Change several functions to static when limited to main.c git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23563 dc483132-0cff-0310-8789-dd5450dbe970
* Add gcc printf attribute for kdc_err prototypeEzra Peisach2010-01-011-1/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23562 dc483132-0cff-0310-8789-dd5450dbe970
* Add a new -P option to krb5kdc and kadmind which, if given, specifiesRuss Allbery2010-01-012-2/+40
| | | | | | | | | the path to which to write the PID file of the daemon after it finishes initializing. Ticket: 6618 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23560 dc483132-0cff-0310-8789-dd5450dbe970
* Fix spelling and hyphen errors in man pagesRuss Allbery2009-12-311-1/+1
| | | | | | | | | | | Fix spelling errors in man pages detected by Debian's Lintian program. Also escape some -'s that are intended to be literal ASCII dashes and not Unicode hyphens so that groff won't change them into true hyphens. ticket: 6616 component: krb5-doc git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23554 dc483132-0cff-0310-8789-dd5450dbe970
* No comma at end of enumerator listKen Raeburn2009-12-311-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23549 dc483132-0cff-0310-8789-dd5450dbe970
* Move krb5int_get_domain_realm_mapping into kdc_util.c as this function is a ↵Zhanna Tsitkov2009-12-302-2/+64
| | | | | | helper in kdc code git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23546 dc483132-0cff-0310-8789-dd5450dbe970
* MITKRB5-SA-2009-003 CVE-2009-3295 KDC null deref in referralsTom Yu2009-12-291-1/+1
| | | | | | | | | | | | | On certain error conditions, prep_reprocess_req() calls kdc_err() with a null pointer as the format string, causing a null dereference and denial of service. Legitimate protocol requests can trigger this problem. ticket: 6608 tags: pullup target_version: 1.7.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23533 dc483132-0cff-0310-8789-dd5450dbe970
* Whitespace fixes for new anonymous supportGreg Hudson2009-12-282-4/+6
| | | | | | ticket: 6607 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23528 dc483132-0cff-0310-8789-dd5450dbe970
* Anonymous support for KerberosSam Hartman2009-12-284-6/+32
| | | | | | | | | | | | | | | | | | | | | | This ticket implements Project/Anonymous pkinit from k5wiki. Provides support for completely anonymous principals and untested client support for realm-exposed anonymous authentication. * Introduce kinit -n * Introduce kadmin -n * krb5_get_init_creds_opt_set_out_ccache aliases the supplied ccache * No longer generate ad-initial-verified-cas in pkinit * Fix pkinit interactions with non-TGT authentication Merge remote branch 'anonymous' into trunk Conflicts: src/lib/krb5/krb/gic_opt.c ticket: 6607 Tags: enhancement git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23527 dc483132-0cff-0310-8789-dd5450dbe970
* fast negotiation projecSam Hartman2009-12-146-36/+119
| | | | | | | | | | | | | | | | Merge branches/fast-negotiate into trunk. This implements http://k5wiki.kerberos.org/wiki/Projects/Fast_negotiation Additional changes: * krb5_c_make_checksum with checksum type 0 uses mandatory checksum for given key enctype Conflicts: src/lib/crypto/krb/make_checksum.c ticket: 6595 Tags: enhancement git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23465 dc483132-0cff-0310-8789-dd5450dbe970
* Reformat new commentsKen Raeburn2009-12-031-14/+20
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23441 dc483132-0cff-0310-8789-dd5450dbe970
* fix slow behavior on Mac OS X with link-local addressesKen Raeburn2009-12-031-10/+48
| | | | | | | | | | | | | | | | | | | | | | | | | When using my previous patch, if a local hostname like "foobar.local" is looked up, you may get back a link-local IPv6 address. However, the KDC seems to be unable to respond from that address, resulting in a ~1s delay for each KDC exchange while waiting for the client to fail over to another address (in my case, another IPv6 address). Create a new object for holding whatever auxiliary information might be needed to properly transmit the response to the client. Currently, that only means the interface index number under IPv6. Fill it in on receipt, always; copy it back to the pktinfo structure when transmitting, ONLY if the local source address is link-local. If an error occurs while transmitting the reply, print both the remote destination address and the local source address. Use getnameinfo instead of inet_ntop. Apply the same changes to kadmind, to keep the versions of network.c more or less in sync. ticket: 6591 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23440 dc483132-0cff-0310-8789-dd5450dbe970
* Fix memory leakSam Hartman2009-11-301-1/+2
| | | | | | ticket: 6585 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23384 dc483132-0cff-0310-8789-dd5450dbe970
* KDC MUST NOT accept ap-request armor in FAST TGSSam Hartman2009-11-241-0/+5
| | | | | | | | | | | | | | | Per the latest preauth framework spec, the working group has decided to forbid ap-request armor in the TGS request because of security problems with that armor type. This commit was tested against an implementation of FAST TGS client to confirm that if explicit armor is sent, the request is rejected. ticket: 6585 target_version: 1.7.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23325 dc483132-0cff-0310-8789-dd5450dbe970
* Consolidate Makefile variables now that we have only a single globalGreg Hudson2009-11-222-116/+115
| | | | | | | | | | | | | configure script: $(SRCTOP) --> $(top_srcdir) $(srcdir)/$(thisconfigdir) --> $(top_srcdir) $(thisconfigdir) --> $(BUILDTOP) $(myfulldir) --> $(mydir) ticket: 6583 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23308 dc483132-0cff-0310-8789-dd5450dbe970
* For the moment, test for nullity of pointers returned by k5allocGreg Hudson2009-11-211-1/+1
| | | | | | instead of result codes, to make Coverity happy. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23298 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up some open-parenthesis problems, and reindentTom Yu2009-11-166-116/+115
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23246 dc483132-0cff-0310-8789-dd5450dbe970
* Constrained delegation without PAC supportGreg Hudson2009-11-142-80/+652
| | | | | | | | | | | Merge Luke's users/lhoward/s4u2proxy branch to trunk. Implements a Heimdal-compatible mechanism for allowing constrained delegation without back-end support for PACs. Back-end support exists in LDAP only (via a new krbAllowedToDelegateTo attribute), not DB2. ticket: 6580 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23160 dc483132-0cff-0310-8789-dd5450dbe970
* Typo fixZhanna Tsitkov2009-11-121-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23154 dc483132-0cff-0310-8789-dd5450dbe970
* Post-great-reindent check. Part IIZhanna Tsitkov2009-11-122-173/+211
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23153 dc483132-0cff-0310-8789-dd5450dbe970
* Restore the local variable typeZhanna Tsitkov2009-11-121-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23152 dc483132-0cff-0310-8789-dd5450dbe970
* Post-great-reindent check. Part IZhanna Tsitkov2009-11-126-284/+363
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23151 dc483132-0cff-0310-8789-dd5450dbe970
* Use "unsigned short" instead of "u_short" in argument to SET macro;Ken Raeburn2009-11-041-3/+8
| | | | | | | | | the Emacs cc-mode indentation code seems to get confused by the one-word case. Reindent. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23129 dc483132-0cff-0310-8789-dd5450dbe970
* Reindent after making fixes for emacs-23Tom Yu2009-11-031-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23123 dc483132-0cff-0310-8789-dd5450dbe970
* make mark-cstyleTom Yu2009-10-3118-5676/+5687
| | | | | | make reindent git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970
* In process_tgs_req, fully initialize e_data since we may copy it inGreg Hudson2009-10-291-2/+1
| | | | | | prepare_error_tgs. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23093 dc483132-0cff-0310-8789-dd5450dbe970
* remove times underflow/overflow checks, they break testsLuke Howard2009-10-291-7/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23084 dc483132-0cff-0310-8789-dd5450dbe970
* Print a "starting..." message on stderr if running in nofork mode, forTom Yu2009-10-281-0/+2
| | | | | | consistency with kadmind behavior. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23077 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-28 16:12:49 +0000