summaryrefslogtreecommitdiffstats
path: root/src/kdc
Commit message (Collapse)AuthorAgeFilesLines
...
* whitespaceKen Raeburn2009-01-281-27/+30
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21813 dc483132-0cff-0310-8789-dd5450dbe970
* use memchrKen Raeburn2009-01-271-6/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21809 dc483132-0cff-0310-8789-dd5450dbe970
* Introduced new static function prep_reprocess_req to make code more readableZhanna Tsitkov2009-01-261-103/+116
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21801 dc483132-0cff-0310-8789-dd5450dbe970
* Check asprintf return codes. StylingZhanna Tsitkov2009-01-262-589/+617
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21795 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate the need for the domain_realm mapping table on the client side by ↵Zhanna Tsitkov2009-01-233-33/+253
| | | | | | implementing minimal referral support in the KDC git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21792 dc483132-0cff-0310-8789-dd5450dbe970
* Add some output parameter initializations n order to eliminate someGreg Hudson2009-01-231-0/+1
| | | | | | spurious Coverity defects. (Far from a comprehensive pass.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21782 dc483132-0cff-0310-8789-dd5450dbe970
* If recv_from_to is passed a buffer for the local endpoint address,Ken Raeburn2009-01-141-1/+9
| | | | | | | clobber it before doing anything else, just in case we can't retrieve the address and the caller blindly uses the buffer anyways. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21747 dc483132-0cff-0310-8789-dd5450dbe970
* Merge some very simple points of divergence in the two copies of network.c ↵Ken Raeburn2009-01-141-18/+10
| | | | | | | | -- enum ordering, whitespace, duplicate macro definitions, unused code, 0 vs NULL... git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21746 dc483132-0cff-0310-8789-dd5450dbe970
* Pass s4u name and c_flags to log_tgs_req. If values are supplied, logKen Raeburn2009-01-143-5/+23
| | | | | | | | an additional message to record the name and s4u mode. Untested for lack of code to invoke these code paths. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21745 dc483132-0cff-0310-8789-dd5450dbe970
* /tmp/3Ken Raeburn2009-01-133-91/+39
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21741 dc483132-0cff-0310-8789-dd5450dbe970
* Add a call to limit_string that appears to have been accidentally removedSam Hartman2009-01-121-0/+1
| | | | | | somewhere along the mskrb-integ branch git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21729 dc483132-0cff-0310-8789-dd5450dbe970
* Patch from Luke Howard:Sam Hartman2009-01-123-7/+30
| | | | | | | | | Previously when using the kdb keytab, there was a check to confirm that the server was supported as a server and that attackers could not force an enctype downgrade. Add these to kdc_get_server_key git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21727 dc483132-0cff-0310-8789-dd5450dbe970
* Patch from Luke HowardSam Hartman2009-01-121-5/+2
| | | | | | There's a superfluous check in kdc_util.c; ad_entry is always non NULL git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21726 dc483132-0cff-0310-8789-dd5450dbe970
* Restore behavior of returning KRB5APP_ERR_BAD_INTEGRITY fromSam Hartman2009-01-121-1/+1
| | | | | | | | preauth methods. This creates a problem for Windows clients, but not doing it creates a problem for MIT clients. Today our KDC is more likely to be used with MIT clients, but we need to examine this issues in more detail. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21725 dc483132-0cff-0310-8789-dd5450dbe970
* Add message hash support to the replay interface, using extensionGreg Hudson2009-01-121-0/+1
| | | | | | | | | | | | | | records (with an empty client string) to retain compatibility with old code. For rd_req, the ciphertext of the authenticator (with no ASN.1 wrapping) is hashed; for other uses of the replay cache, no message hash is used at this time. This commit adds a command-line tool for testing the replay cache but does not add any automated tests. ticket: 1201 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21723 dc483132-0cff-0310-8789-dd5450dbe970
* Patch from Luke HowardSam Hartman2009-01-061-38/+23
| | | | | | to make an explicit call to check the ACL for s4u delegations rather than relying on tl-data. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21712 dc483132-0cff-0310-8789-dd5450dbe970
* Fix capitalizationSam Hartman2009-01-061-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21707 dc483132-0cff-0310-8789-dd5450dbe970
* No C++ style comments in C code pleaseKen Raeburn2009-01-051-4/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21702 dc483132-0cff-0310-8789-dd5450dbe970
* move generated dependencies out of Makefile.inKen Raeburn2009-01-052-136/+134
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Move automatically-generated dependencies into separate files in the source tree, and take the data out of Makefile.in. Keep the "make depend" rules for stripping out the dependencies from Makefile.in, in case some optional directories were missed, but everything that builds on my UNIX build has been converted. (Converting a directory just requires creating an empty "deps" file so that config.status can build the makefile, and then later running "make depend" in that directory to get the correct content for it.) Change configure scripts to incorporate the "deps" file when building each Makefile. This change requires the existence of a file "deps" in each source directory where we build a makefile, even if there are no sources for which to compute dependencies; a switch to GNU make would let us conditionalize that, but we can assess that later. Update dependencies for the generate Makefile itself to list the deps file. This will also require some minor tweaking of the Windows build, to make it incorporate the new deps file. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21701 dc483132-0cff-0310-8789-dd5450dbe970
* Remove support for setting a client flag indicating pkinit is used on the db ↵Sam Hartman2009-01-031-3/+0
| | | | | | | | | | | entry. I'm reasonably sure that this would belong in a pkinit plugin not in do_as_req.c. Also, the flag should be documented to indicate what it means--client attempted pkinit? Client succeeded in using pkinit? I also wonder whether you want a mechanism for a db plugin to figure out all the padata or fast factors that a request is using. Note that this flag will need to be added back by at least one vendor. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21694 dc483132-0cff-0310-8789-dd5450dbe970
* xrealm_non_transitive not trust_non_transitiveSam Hartman2009-01-031-2/+2
| | | | | | | | | | Kerberos does not imply trust in the existence of a cross-realm key. Trust is implied when a foreign principal is placed on an ACL: the remote realm is trusted to authenticate that principal and is trusted not to confuse one principal with another. Keep terminology consistent. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21693 dc483132-0cff-0310-8789-dd5450dbe970
* Merge mskrb-integ onto trunkSam Hartman2009-01-0312-402/+2134
| | | | | | | | | | | | | | | | | | | | | | | | The mskrb-integ branch includes support for the following projects: Projects/Aliases * Projects/PAC and principal APIs * Projects/AEAD encryption API * Projects/GSSAPI DCE * Projects/RFC 3244 In addition, it includes support for enctype negotiation, and a variety of GSS-API extensions. In the KDC it includes support for protocol transition, constrained delegation and a new authorization data interface. The old authorization data interface is also supported. This commit merges the mskrb-integ branch on to the trunk. Additional review and testing is required. Merge commit 'mskrb-integ' into trunk ticket: new status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21690 dc483132-0cff-0310-8789-dd5450dbe970
* Collect ticket-request logging calls together in one place for easierKen Raeburn2008-12-224-103/+181
| | | | | | customization. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21564 dc483132-0cff-0310-8789-dd5450dbe970
* In the KDC, remove krb4 request handling support and fakeka codeGreg Hudson2008-12-158-2803/+9
| | | | | | | ticket: 6303 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21448 dc483132-0cff-0310-8789-dd5450dbe970
* Remove some lingering Saber C cruftGreg Hudson2008-12-051-35/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21293 dc483132-0cff-0310-8789-dd5450dbe970
* Fix data initialization in process_as_req functionZhanna Tsitkov2008-12-051-2/+2
| | | | | | Ticket: 6282 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21291 dc483132-0cff-0310-8789-dd5450dbe970
* Convert many uses of sprintf to snprintf or asprintfGreg Hudson2008-12-011-1/+1
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21258 dc483132-0cff-0310-8789-dd5450dbe970
* Convert many uses of strcpy/strcat (and sometimes sprintf) to acceptedGreg Hudson2008-11-052-19/+17
| | | | | | | | | string-handling functions. ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21001 dc483132-0cff-0310-8789-dd5450dbe970
* Don't build dependencies for fakeka.cKen Raeburn2008-11-041-14/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20965 dc483132-0cff-0310-8789-dd5450dbe970
* Don't build dependencies for v4rcp.c.Ken Raeburn2008-11-041-74/+76
| | | | | | Rebuild dependencies for k5-buf.h, and without krb4 support. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20964 dc483132-0cff-0310-8789-dd5450dbe970
* Apply a patch from Apple to correct a few memory leaksGreg Hudson2008-11-032-10/+4
| | | | | | ticket: 6201 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20958 dc483132-0cff-0310-8789-dd5450dbe970
* partial rewrite of the ASN.1 encodersKen Raeburn2008-10-251-8/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Instead of a pile of macros generating code, that have to be threaded together in just the right way to get a valid ASN.1 encoding, we now have a pile of macros for defining data structures describing the objects and the ASN.1 types they should be encoded as, which structures are interpreted by recursive invocations of an encoder engine; there should be somewhat less rope for accidentally creating invalid encodings. The new macros are commented in asn1_k_encode.c. Putting most of the work into the encoder engine also reduces the code size (in one configuration, including LDAP-KDB and PKINIT encoders, code size went from 37K to <16K, though 10K of tables were added, and the PKINIT encoders are still open-coded). Some encoder interfaces have been revised to be more regular -- all now take one pointer to const argument (no two-input encoders, no pointer-to-non-const-pointer-to-const). A few encoders were eliminated or disabled because they were neither used nor exported from the library. The LDAP-KDB encoder has been converted, but the PKINIT encoders have not as there are no regression tests for them currently. There is still plenty of room for improvement; some notes on specific ideas have been added. String encoding primitives have been combined to reduce code size. A primitive for encoding bit strings has been added. Some miscellaneous warnings in the decoders have been cleaned up. A new dejagnu test case is added that ensures that KRB-SAFE messages get exercised. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20923 dc483132-0cff-0310-8789-dd5450dbe970
* Use strlcpy instead of strcpy in many placesGreg Hudson2008-10-244-18/+19
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20919 dc483132-0cff-0310-8789-dd5450dbe970
* Use strdup in place of malloc/strcpy in many placesGreg Hudson2008-10-202-4/+2
| | | | | | | ticket: 6200 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20898 dc483132-0cff-0310-8789-dd5450dbe970
* makedependKen Raeburn2008-09-181-56/+70
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20731 dc483132-0cff-0310-8789-dd5450dbe970
* Fix resource leakKen Raeburn2008-08-281-0/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20701 dc483132-0cff-0310-8789-dd5450dbe970
* Update description of -k option: From the code it appears the defaultKen Raeburn2008-08-251-3/+3
| | | | | | | | is des-cbc-crc, and it applies to entering passwords with -m. ticket: 5565 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20692 dc483132-0cff-0310-8789-dd5450dbe970
* Incorporate Apple's patchKen Raeburn2008-08-255-0/+318
| | | | | | | | | | | | | | | | | | | | | | Add a test authorization data scheme, in both built-in and plugin forms; built-in version is #ifdef'ed out. Update configury to create the build directory for the plugin, but don't build or install it by default. Create the new (and normally empty) authorization data plugin directory at install time. Add some (normally disabled) code to log authz data from rd_req. Fix up some comments that still refer to preauth plugins. Add some details in comments on the API, and why it's private for now. Make the plugin init context support work, by not passing null pointers. ticket: 5565 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20691 dc483132-0cff-0310-8789-dd5450dbe970
* a stash file is not a keytabWill Fiveash2008-08-151-1/+2
| | | | | | | | | Note, this is the commit for the associated Krb Consortium project: Projects/Masterkey Keytab Stash ticket: 194 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20661 dc483132-0cff-0310-8789-dd5450dbe970
* error in socket number range check in kdcKen Raeburn2008-08-051-3/+9
| | | | | | | | | | | | Fix off-by-one error in checking that socket file descriptor numbers are in range suitable for an fd_set. Also, don't do the check if we should someday happen to get compiled on Windows. ticket: new target_version: 1.6.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20606 dc483132-0cff-0310-8789-dd5450dbe970
* When reading from the routing socket, only provide enough space forKen Raeburn2008-07-211-30/+22
| | | | | | | the header and ignore the rest of the message. Don't complain about message size as long as we got the bits of the header we care about. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20552 dc483132-0cff-0310-8789-dd5450dbe970
* Set non-blocking mode on incoming TCP connections.Ken Raeburn2008-07-181-3/+12
| | | | | | | Don't log EINTR error in select loop. Log when shutdown signal has been received and acted on. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20541 dc483132-0cff-0310-8789-dd5450dbe970
* On systems with struct rt_msghdr, open a routing socket and wait forKen Raeburn2008-07-181-4/+169
| | | | | | | | | | | | | | | | | | | | | | | messages; when they come in, if the types suggest a possibility of network interface reconfiguration, shut down the KDC's networking and bring it back up again, rescanning the interfaces in the process. Leaving the ticket open because it should be improved: * It should only close down sockets on addresses we no longer have, and bring up sockets only on new addresses. * If we have IPV6_PKTINFO support, it should only listen for IPv4 routing changes. * If we also have IP_PKTINFO support, it shouldn't be used at all. * If we build a KDC on a system with neither struct rt_msghdr nor IP_PKTINFO (do we have any such?), we'll need another solution. Thanks to Nico Williams for the routing socket suggestion, and Apple for the initial (signal-driven) reconfiguration code. ticket: 6019 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20540 dc483132-0cff-0310-8789-dd5450dbe970
* Rewrite krb5_db_open flag handling to avoid confusing emacs c-modeKen Raeburn2008-07-181-6/+6
| | | | | | indentation support. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20539 dc483132-0cff-0310-8789-dd5450dbe970
* Use RFC 3542's IPV6_RECVPKTINFO if available. (And IP_RECVPKTINFO too.)Ken Raeburn2008-07-141-2/+12
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20515 dc483132-0cff-0310-8789-dd5450dbe970
* In FREE_SET_DATA, reset the current count as wellKen Raeburn2008-07-121-1/+1
| | | | | | | ticket: 6019 state: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20514 dc483132-0cff-0310-8789-dd5450dbe970
* kdc does not compile with glibc 2.8 Ezra Peisach2008-07-061-2/+2
| | | | | | | | | | | | | | | | | | | On Fedora 9, glibc 2.8 is used. The kdc code conditionalizes IPV6_PKTINFO and HAVE_STRUCT_IN6_PKTINFO in a number of places = but misses two for the struct one. /usr/include/netinet/in.h conditionalizes struct in6_pktinfo on __USE_GNU - which I believe implies a gnu libc extension. People on the net have defined GNU_SOURCE for various things to compile, etc. I do note that /usr/include/linux/ipv6.h exists with the same definition. I believe that ipv6 support in the kdc will not work with these changes - but the tree compiles. ticket: new git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20498 dc483132-0cff-0310-8789-dd5450dbe970
* use-after-free bugsKen Raeburn2008-06-271-2/+0
| | | | | | | | | | | Fix some bugs with storage being used immediately after being freed. None look like anything an attacker can really manipulate AFAICT. ticket: new target_version: 1.6.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20485 dc483132-0cff-0310-8789-dd5450dbe970
* misc memory leaksKen Raeburn2008-06-272-4/+13
| | | | | | | | | | | | Fix various memory leaks that show up mostly in error cases (e.g., failure to allocate one small object, and then we forget to free another one). ticket: new target_version: 1.6.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20481 dc483132-0cff-0310-8789-dd5450dbe970
* Don't use private copy of syslog.h. Rebuild dependenciesKen Raeburn2008-06-101-17/+17
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@20386 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-29 01:02:51 +0000