summaryrefslogtreecommitdiffstats
path: root/src/kdc
Commit message (Collapse)AuthorAgeFilesLines
...
* Use a hash table in the KDC lookaside cacheGreg Hudson2012-05-304-110/+160
| | | | | | | Add a hash table to kdc/replay.c for fast lookup of incoming packets. Continue to keep a time-ordered linked list of all entries for fast expiry of stale entries. The preprocessor constant LOOKASIDE_HASH_SIZE can be used to change the size of the hash table.
* Remove orphaned Apple PKINIT supportGreg Hudson2012-04-264-879/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25830 dc483132-0cff-0310-8789-dd5450dbe970
* Flip the default of start_kadmind in k5test.pyGreg Hudson2012-04-262-2/+2
| | | | | | | Very few Python tests need kadmind, so it makes more sense to have to turn it on than to have to turn it off. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25825 dc483132-0cff-0310-8789-dd5450dbe970
* Add clock skew testsGreg Hudson2012-04-171-1/+7
| | | | | | | Add a KDC option (-T) to run with a time offset, and use that to test kdc_timesync behavior. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25807 dc483132-0cff-0310-8789-dd5450dbe970
* Make cross-TGT key rollover work from AD to MITGreg Hudson2012-04-021-45/+140
| | | | | | | | | | | | | | | | | Active Directory always issues cross-realm tickets without a kvno, which we see as kvno 0. When we see that, try the highest kvno (as we already do) and then a few preceding kvnos so that key rollover of the AD->MIT cross TGT can work. Add new helpers kdc_rd_ap_req, which takes the place of a couple of steps from kdc_process_tgs_req, and find_server_key, which takes the place of some of the end steps of kdc_get_server_key. Code changes by Nicolas Williams. Test cases by me. ticket: 7109 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25799 dc483132-0cff-0310-8789-dd5450dbe970
* Suppress some gcc uninitialized variable warningsGreg Hudson2012-03-221-0/+1
| | | | | | | | ticket: 7107 gcc 4.6.2 reportedly finds some spurious maybe-uninitialized warnings. Suppress them. Patch from Eray Aslan with some adjustment. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25783 dc483132-0cff-0310-8789-dd5450dbe970
* Only store master mey list in DAL handleGreg Hudson2012-03-212-6/+2
| | | | | | | | | | | | | | r24314 (#6778) created a hybrid owernship model for the master key list, with one virtual copy stored in the DAL handle and one provided to the caller of krb5_db_fetch_mkey_list. Replace this with a model where only the DAL handle owns the list, and a caller can get access to an alias pointer with a new function krb5_db_mkey_list_alias(). Functions which previously accepted the master key list as an input parameter now expect to find it in the DAL handle. Patch by Will Fiveash <will.fiveash@oracle.com>. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25781 dc483132-0cff-0310-8789-dd5450dbe970
* Require IPv6 supportKen Raeburn2012-02-281-5/+0
| | | | | | | | | | | | | | The configure-time options to enable and disable IPv6 support have been deprecated for some time, but the checks for OS support were kept. This removes those checks, and unconditionally compiles in the IPv6 support. There was a configure-time test to see if the macro INET6 needed to be defined in order to enable (visibility of) OS support for IPv6, which was needed on an IRIX system we tested with. That check is retained, but the revised code is untested on IRIX. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25719 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up dispatch lookaside code slightlyGreg Hudson2012-01-261-17/+14
| | | | | | | | | | | | | Always log when we get a lookaside cache hit, eliminating a confusing conditional. This is a slight behavior change because we never used to log a lookaside cache hit when we can't deliver the response via UDP, but that was never really deliberate or important--we log all sorts of stuff about responses which might turn out to be too big. Also eliminate a signed/unsigned comparison warning in finish_dispatch. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25661 dc483132-0cff-0310-8789-dd5450dbe970
* Various lookaside cache fixesGreg Hudson2012-01-261-18/+22
| | | | | | | | | | | | | | | | | | | | | | | | | Don't touch the lookaside cache if we're responding with a lookaside cache entry. Also, leave the null entry behind if we're deliberately dropping a request (a rare case) so that we don't have to process it again. Fixes several lookaside problems in 1.10: * When dropping a request because it was already being processed, we were erroneously removing the null entry, causing us to process the request again upon a second retransmit. * When responding to a finished request with a lookaside entry, we were removing and re-adding the entry to the cache, resetting its time and performing unnecessary work. * We were not caching responses we couldn't deliver because they were too big for UDP, causing us to re-process the request when it came in again via TCP instead of simply delivering the cached response. ticket: 7082 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25660 dc483132-0cff-0310-8789-dd5450dbe970
* Don't use stack variable address in as_req stateGreg Hudson2012-01-261-5/+5
| | | | | | | | | | | | | The KDC's process_as_req was storing the address of a stack variable (client_princ), which fails if the request is not immediately serviced. Move that variable to the state structure so its address remains valid for the lifetime of the request. ticket: 7081 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25659 dc483132-0cff-0310-8789-dd5450dbe970
* install sphinx-generated manpagesTom Yu2012-01-091-0/+2
| | | | | | | | | | | | | | | | | Install sphinx-generated manpages. Original nroff manpages remain for reference until proofreading is complete. Modify doc/rst_source/conf.py to better deal with shadow manpages -- sphinx will now build k5login.5 instead of .k5login.5, and kadmin.1 instead of both kadmin.1 and kadmin.local.8. Proofreaders should ensure that the original nroff manpages (and associated Makefile rules) are deleted once their reST format equivalents have been proofread. ticket: 7064 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25625 dc483132-0cff-0310-8789-dd5450dbe970
* Stop using krb5_typed_data structure typeGreg Hudson2011-12-211-4/+3
| | | | | | | | | | | | Use the krb5_pa_data structure type when encoding or decoding TYPED-DATA. Leave the krb5_typed_data structure definition in krb5.h with a comment saying not to use it. Remove krb5_free_typed_data (which was never declared in krb5.h). Remove some vestigial accessor stuff related to PKINIT encoding and decoding TYPED-DATA, which was unneeded since r25483. Bump the accessor structure version to 19 accordingly. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25601 dc483132-0cff-0310-8789-dd5450dbe970
* SA-2011-007 KDC null pointer deref in TGS handling [CVE-2011-1530]Tom Yu2011-12-063-1/+11
| | | | | | | | | | | Fix a null pointer dereference condition that could cause a denial of service. ticket: 7042 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25525 dc483132-0cff-0310-8789-dd5450dbe970
* Make verto context available to kdcpreauth modulesGreg Hudson2011-11-154-9/+22
| | | | | | | | | | | | Add an event_context callback to kdcpreauth. Adjust the internal KDC and main loop interfaces to pass around the event context, and expose it to kdcpreauth modules via the rock. ticket: 7019 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25475 dc483132-0cff-0310-8789-dd5450dbe970
* Update verto to 0.2.2 releaseGreg Hudson2011-11-151-1/+5
| | | | | | | | | | | | | Update verto sources to 0.2.2 release versions. verto_reinitialize() now has a return value; check it in kdc/main.c. Store verto-libev.c alongside verto-k5ev.c to make it easy to diff corresponding versions when updating. ticket: 7018 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25474 dc483132-0cff-0310-8789-dd5450dbe970
* Simplify and fix kdcpreauth request_body callbackGreg Hudson2011-11-145-10/+47
| | | | | | | | | | | | | | | | | | | Alter the contract for the kdcpreauth request_body callback so that it returns an alias to the encoded body instead of a fresh copy. At the beginning of AS request processing, save a copy of the encoded request body, or the encoded inner request body for FAST requests. Previously the request_body callback would re-encode the request structure, which in some cases has been modified by the AS request code. No kdcpreauth modules currently use the request_body callback, but PKINIT will need to start using it in order to handle FAST requests correctly. ticket: 7017 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25473 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of periods in Python test success messagesGreg Hudson2011-11-031-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25432 dc483132-0cff-0310-8789-dd5450dbe970
* Use zero-filled states for all async ops in KDCGreg Hudson2011-10-283-30/+10
| | | | | | | | | There have been a couple of uninitialized field bugs in the restructured KDC code, partly because compilers can't find these bugs as easily as they can find uninitialized local variable bugs. Use zero-filled state structures to make this type of bug less likely. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25422 dc483132-0cff-0310-8789-dd5450dbe970
* Initialize typed_e_data in as_req_stateGreg Hudson2011-10-281-0/+1
| | | | | | | | | | | | | | The typed_e_data field in struct as_req_state was not properly initialized, causing the KDC to sometimes respond with typed-data e_data for a preauth-required error when the client sends no padata. This bug was masked with recent clients, which send a KRB5_ENCPADATA_REQ_ENC_PA_REP padata. ticket: 6995 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25419 dc483132-0cff-0310-8789-dd5450dbe970
* Make krb5_find_authdata publicGreg Hudson2011-10-252-9/+6
| | | | | | | | | | Rename krb5int_find_authdata to krb5_find_authdata and make it public. ticket: 6992 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25414 dc483132-0cff-0310-8789-dd5450dbe970
* Refactor salt computation into libkdb5Greg Hudson2011-10-243-157/+52
| | | | | | | Add a new API krb5_dbe_compute_salt() to determine the salt for a key data entry, and use it in the three places we currently compute salts. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25410 dc483132-0cff-0310-8789-dd5450dbe970
* Fix handling of null edata method in KDC preauthGreg Hudson2011-10-201-1/+1
| | | | | | | | | | | | Correctly include an empty padata value if a KDC preauth system has no get_edata method. This bug prevented the KDC from indicating FAST support in preauth-required errors. ticket: 6988 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25385 dc483132-0cff-0310-8789-dd5450dbe970
* Make reindentTom Yu2011-10-172-7/+6
| | | | | | | Also fix pkinit_crypto_nss.c struct initializers and add parens to a ternary operator in do_as_req.c for better indentation. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25362 dc483132-0cff-0310-8789-dd5450dbe970
* Drop retransmits while processing requestsGreg Hudson2011-10-153-7/+46
| | | | | | | | Supporting asynchronous preauth modules means that the KDC can receive a retransmitted request before it finishes processing the initial request. Ignore those retransmits instead of processing them. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25350 dc483132-0cff-0310-8789-dd5450dbe970
* Untabify kdc_preauth_encts.cGreg Hudson2011-10-151-5/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25349 dc483132-0cff-0310-8789-dd5450dbe970
* Make kdcpreauth edata method respond via callbackGreg Hudson2011-10-153-96/+168
| | | | | | From npmccallum@redhat.com with changes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25348 dc483132-0cff-0310-8789-dd5450dbe970
* Make get_preauth_hint_list respond via callbackGreg Hudson2011-10-153-29/+48
| | | | | | From npmccallum@redhat.com with changes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25347 dc483132-0cff-0310-8789-dd5450dbe970
* Remove enc-timestamp code from kdc_preauth.cGreg Hudson2011-10-151-124/+0
| | | | | | This code should have been removed in r25319 but was not. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25346 dc483132-0cff-0310-8789-dd5450dbe970
* make dependTom Yu2011-10-141-0/+13
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25344 dc483132-0cff-0310-8789-dd5450dbe970
* Minor cleanups to encrypted challengeGreg Hudson2011-10-071-22/+24
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25320 dc483132-0cff-0310-8789-dd5450dbe970
* Use built-in modules for encrypted timestampGreg Hudson2011-10-074-0/+156
| | | | | | | | Break out the encrypted timestamp code from kdc_preauth.c and preauth2.c into built-in modules, allowing admins to disable it and reducing the size of the framework code. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25319 dc483132-0cff-0310-8789-dd5450dbe970
* Add get_string, free_string kdcpreauth callbacksGreg Hudson2011-10-061-0/+15
| | | | | | | | String attributes should be useful to preauth modules without having to link against libkdb5. Add a callback to make client string attributes accessible to modules. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25318 dc483132-0cff-0310-8789-dd5450dbe970
* Ditch fast_factor.h since it contains only stubsGreg Hudson2011-10-062-12/+10
| | | | | | | | Leave a comment behind where we called fast_set_kdc_verified(). Remove the call to fast_kdc_replace_reply_key() since it's wrong (encrypted challenge doesn't replace the reply key in that sense). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25317 dc483132-0cff-0310-8789-dd5450dbe970
* Use type-safe callbacks in preauth interfaceGreg Hudson2011-10-062-192/+98
| | | | | | | | | | | | | | | Replace the generic get_data functions in clpreauth and kdcpreauth with structures containing callback functions. Each structure has a minor version number to allow adding new callbacks. For simplicity, the new fast armor key callbacks return aliases, which is how we would supply the armor key as a function parameter. The new client keys callback is paired with a free_keys callback to reduce the amount of cleanup code needed in modules. ticket: 6971 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25315 dc483132-0cff-0310-8789-dd5450dbe970
* Use an opaque handle in the kdcpreauth callbackGreg Hudson2011-10-055-153/+138
| | | | | | | | | | | | | | Instead of passing a request and entry to the kdcpreauth get_data callback, pass an opaque handle. Remove DB entry and key data parameters from kdcpreauth methods (but keep the request, since that's transparent). The SecurID plugin links against libkdb5 and needs access to the client DB entry. Rather than continue to pass a DB entry to kdcpreauth methods, add a get_data callback to get the client DB entry for the few plugins which might need it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25300 dc483132-0cff-0310-8789-dd5450dbe970
* Fix initialization and pointer bugs in new codeGreg Hudson2011-10-041-1/+2
| | | | | | | Coverity found some minor-to-medium bugs in some recent changes; fix them. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25299 dc483132-0cff-0310-8789-dd5450dbe970
* Create e_data as pa_data in KDC interfacesGreg Hudson2011-10-046-139/+95
| | | | | | | | | | | | All current known uses of e_data are encoded as pa-data or typed-data. FAST requires that e_data be expressed as pa-data. Change the DAL and kdcpreauth interfaces so that e_data is returned as a sequence of pa-data elements. Add a preauth module flag to indicate that the sequence should be encoded as typed-data in non-FAST errors. ticket: 6969 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25298 dc483132-0cff-0310-8789-dd5450dbe970
* Make kdcpreauth verify respond via callbackGreg Hudson2011-10-032-147/+232
| | | | | | From npmccallum@redhat.com with changes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25294 dc483132-0cff-0310-8789-dd5450dbe970
* Make check_padata() respond via a callbackGreg Hudson2011-10-033-421/+514
| | | | | | From npmccallum@redhat.com with changes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25293 dc483132-0cff-0310-8789-dd5450dbe970
* Make do_as_req() respond via a callbackGreg Hudson2011-10-033-42/+80
| | | | | | From npmccallum@redhat.com with changes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25292 dc483132-0cff-0310-8789-dd5450dbe970
* Make dispatch() respond via a callbackGreg Hudson2011-10-032-17/+19
| | | | | | From npmccallum@redhat.com with changes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25291 dc483132-0cff-0310-8789-dd5450dbe970
* Man page spelling corrections from ville.skytta@iki.fiGreg Hudson2011-10-021-1/+1
| | | | | | ticket: 6968 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25290 dc483132-0cff-0310-8789-dd5450dbe970
* Update dependenciesEzra Peisach2011-09-261-0/+13
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25235 dc483132-0cff-0310-8789-dd5450dbe970
* Don't use accessor in encrypted challengeGreg Hudson2011-09-241-15/+9
| | | | | | | Now that the encrypted challenge code is linked into libkrb5 and the KDC, it's unnecessary to use the accessor there. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25229 dc483132-0cff-0310-8789-dd5450dbe970
* Recast encrypted challenge as linked built-insGreg Hudson2011-09-234-3/+255
| | | | | | | | Since it has no external dependencies, split up encrypted preauth into clpreauth and kdcpreauth chunks and link them directly into the consumers. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25227 dc483132-0cff-0310-8789-dd5450dbe970
* If the client offers the alg agility KDF, use itSam Hartman2011-09-211-0/+2
| | | | | | | | Signed-off-by: Margaret Wasserman <mrw@painless-security.com> pkinit: changes to call alg-agility KDF git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25218 dc483132-0cff-0310-8789-dd5450dbe970
* Fix terminate_workers() in the KDCGreg Hudson2011-09-141-3/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25179 dc483132-0cff-0310-8789-dd5450dbe970
* Simplify terminate_workers() in the KDCGreg Hudson2011-09-141-8/+9
| | | | | | | Fixes a bug where we wait for one too many workers to terminate after one of them crashes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25178 dc483132-0cff-0310-8789-dd5450dbe970
* Set up monitor signal handlers before forkingGreg Hudson2011-09-141-17/+20
| | | | | | | | | This avoids a race condition where a child reports "starting..." and begins to service requests before the monitor is ready to handle termination signals. Really only an issue for the test suite. From npmccallum@redhat.com. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25177 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-28 08:37:15 +0000