summaryrefslogtreecommitdiffstats
path: root/src/lib/gssapi/krb5
Commit message (Collapse)AuthorAgeFilesLines
* make dependGreg Hudson2013-03-241-204/+198
|
* Fix argument type in kg_unseal_v1Greg Hudson2013-03-151-1/+1
| | | | | | The caller of kg_unseal_v1 passes a gss_qop_t * for the qop_state parameter, so make it use that type instead of an int *. Noted by David Benjamin <davidben@mit.edu>.
* Add k5_json_array_fmt and use it in export_cred.cGreg Hudson2013-02-131-261/+273
| | | | | | Add a template-based array constructor for convenient marshalling of structured values as JSON array values. Use it to simplify export_cred.c.
* Make internal JSON functions return error codesGreg Hudson2013-02-132-75/+97
| | | | | | | | | Return error codes (0, ENOMEM, or EINVAL) from JSON support functions instead of returning results directly. This makes error handling simpler for functions which assemble JSON objects and then return a krb5_error_code values. Adjust all callers. Use shims in export_cred.c to minimize changes there; it will be redesigned internally in a subsequent commit.
* Add and use k5memdup, k5memdup0 helpersGreg Hudson2013-02-094-15/+6
| | | | | | Add k5-int.h static functions to duplicate byte ranges, optionally with a trailing zero byte, and set an error code like k5alloc does. Use them where they would shorten existing code.
* make dependGreg Hudson2013-01-101-1/+1
| | | | | Mostly this gets rid of the trailing space on line 2 after bb76891f5386526bdf91bc790c614fc9296cb5fa.
* Rename ccache configuration macrosZhanna Tsitkov2013-01-092-6/+6
| | | | | KRB5_CONF_ prefix should be used for the krb5/kdc.conf parameters. Use KRB5_CC_CONF_ prefix for cache configuration variables.
* Separate clpreauth and kdcpreauth interfacesGreg Hudson2012-12-191-98/+98
| | | | | | | Since there is no overlap between the clpreauth and kdcpreauth interface declarations, there's no particular reason to combine them into one header. For backward compatibility and convenience, leave behind a preauth_plugin.h which includes both.
* GENC should always export composite namesLuke Howard2012-10-032-10/+12
| | | | | | | | | | | RFC 6680 requires that gss_export_name_composite begin the output token with 04 02. So we must produce a composite token even if the name has no authdata, and be able to consume a composite token with no authdata attributes. [ghudson@mit.edu: expanded commit message] ticket: 7400 (new)
* Keep verifier cred locked in accept_sec_contextGreg Hudson2012-09-211-15/+15
| | | | | | | | | | It might have been safe to access the krb5 verifier cred without a lock before constrained delegation, but it is less likely to be safe now that we might access both the initiator and acceptor parts of the cred. Hold a lock on the cred for the full accept_sec_context operation. ticket: 7366 (new)
* Resolve verifier cred in accept_sec_contextGreg Hudson2012-09-211-2/+3
| | | | | | | | | If the verifier cred handle is of type GSS_C_BOTH, we need to resolve the initiator part of it in order to create a s4u2proxy delegated credential handle. (If it's of type GSS_C_ACCEPT, kg_resolve_cred won't do anything beyond locking and validating the credential.) ticket: 7356
* Unregister error message key on library unloadBen Kaduk2012-09-121-0/+1
| | | | | | | | | | | | | | | Revision fcdd2de1 added the K5_KEY_GSS_KRB5_ERROR_MESSAGE key, and registered it in the gssapi library initialization routine, but did not unregister it in the libary finalization routine. When the library is unloaded and reloaded in the same process, this leads to an assertion failure, since we check that destructors_set[keynum] is zero (no destructor set) when registering a key in util/support/threads.c. Unregister the key on library cleanup to resolve the error. ticket: 7353 target_version: 1.10.4 tags: pullup
* make dependGreg Hudson2012-09-121-0/+32
|
* Add krb5 support for GSS cred export and importGreg Hudson2012-09-115-0/+1117
| | | | | | | Using the new internal JSON support to implement serialization and unserialization of krb5 GSS credentials. ticket: 7354
* Add support for GSS_C_NT_COMPOSITE_EXPORTLuke Howard2012-08-312-2/+7
| | | | ticket: 7347 (new)
* Run "make depend"Tom Yu2012-08-231-0/+15
|
* Use gssalloc in krb5_gss_export_nameGreg Hudson2012-08-111-1/+1
| | | | | | | krb5_gss_export_name uses malloc to construct a gss_buffer_desc value, and should use gssalloc_malloc instead. ticket: 7233
* Use gssalloc in more parts of GSSAPIGreg Hudson2012-08-112-3/+5
| | | | | | | | | Fix some GSSAPI buffer allocations which were missed in 800358b1790ef82710af0b6021c6ff2dca2b0de7: gss_export_sec_context, gss_display_name, and IAKERB and SPNEGO token construction. ticket: 7233 (new) tags: pullup
* Add debug mode to gssapi_alloc.hGreg Hudson2012-08-111-1/+1
| | | | | | | | | | Because the gssalloc macros are normally equivalent to malloc and free on Unix, we cannot use the full test suite to find cases where we allocate with malloc and free with gssalloc_free or vice versa. Provide a way to test for this kind of bug (if only in a special build configuration) by supporting a DEBUG_GSSALLOC symbol, which causes the gssalloc wrappers to be deliberately incompatible with malloc and free.
* Remove gss_mechanism_extSimo Sorce2012-08-081-9/+2
| | | | | | | | This function did not serve any useful purpose. Remove it and the special case it creates; move the only function it contained to the main gss_mechanism structure where it belongs. Note that the function name is preserved so that loadable modules are not affected by this change.
* Implement credential store support for krb5 mechSimo Sorce2012-07-206-27/+263
|
* __func__ -> __FUNCTION__ in disp_status.cKevin Wasserman2012-07-161-4/+4
| | | | | | | | | For MSVC compatibility Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7208 (new) tags: pullup
* Comment fall-throughs in iakerb switch statementGreg Hudson2012-07-021-0/+2
|
* Fix minor memory leaks in acquire_cred.cGreg Hudson2012-07-021-4/+4
|
* Add client keytab initiation supportGreg Hudson2012-07-026-223/+395
| | | | | | | | | Support acquiring GSSAPI krb5 credentials by fetching initial credentials using the client keytab. Credentials obtained this way will be stored in the default ccache or collection, and will be refreshed when they are halfway to expiring. ticket: 7189 (new)
* Get default cred only once in gss-krb5 initiatorGreg Hudson2012-07-022-42/+41
| | | | | | | | | | In the regular krb5 code path, only get a default krb5 cred for the initial token, since we don't need the cred for mutual_auth anyway. In the IAKERB mechanism, cache the default cred in iakerb_ctx_id_rec so we don't have to construct it again for each token. Also, get an IAKERB default cred, not a regular krb5 cred (a bug which is harmless now, but becomes more of a problem with keytab initiation changes).
* Rename gss-krb5 cred tgt_expire fieldGreg Hudson2012-06-277-11/+11
| | | | | | | The tgt_expire field is used to store non-TGT expiry times in a couple of cases: when the ccache has no TGT, and after we've obtained a cred for the target service. Rename it to just "expire" to be less misleading.
* Scan ccache more efficiently in gss_acquire_credGreg Hudson2012-06-271-28/+25
| | | | | Avoid rereading the ccache in order to find the impersonator config entry. Instead, check each entry as we scan through the first time.
* Simplify password storage in krb5_gss_cred_id_recGreg Hudson2012-06-275-17/+12
| | | | | The password is always zero-terminated, so we can store it as a char * instead of a krb5_data.
* Simplify acquire_cred.cGreg Hudson2012-06-221-109/+48
| | | | | | struct acquire_cred_args was used purely to pass arguments to acquire_cred (a static function), and had no advantages for that purpose over positional arguments.
* Remove orphaned KfM codeGreg Hudson2012-06-211-63/+2
|
* Fail from gss_acquire_cred if we have no credsGreg Hudson2012-06-151-0/+8
| | | | | | | | If a caller tries to acquire krb5 initiator creds with no desired name and we have no credentials in the cache collection, fail from gss_acquire_cred intead of deferring until gss_init_sec_context. ticket: 7160
* Remove big-endian gss-krb5 supportGreg Hudson2012-06-0810-100/+32
| | | | | | | | The big_endian flag in krb5_gss_ctx_id_rec is there for interoperability with a really ancient implementation which we believe is no longer in use. Get rid of it and the code to handle it. ticket: 7166 (new)
* Fail from gss_acquire_cred if we have no keytabGreg Hudson2012-06-031-0/+8
| | | | | | | | If a caller tries to acquire krb5 acceptor creds with no desired name and we have no keytab keys, fail from gss_acquire_cred instead of deferring until gss_accept_sec_context. ticket: 7159 (new)
* Set display_value in krb5_gss_get_name_attributeGreg Hudson2012-02-061-1/+1
| | | | | | | | | | | | | | | | | | | | A backwards conditional in r25358 caused krb5_gss_get_name_attribute not to set display_value on success. Fix the sense of the conditional. We still don't quite correctly handle the cases where data_to_gss() fails, but those should be rare and the problem in those cases isn't severe, so it can be fixed separately. Also, value and display_value should probably be initialized to null buffers on failure, as is common with GSS interfaces. ticket: 7087 status: open target_version: 1.10.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25674 dc483132-0cff-0310-8789-dd5450dbe970
* Don't check mech in krb5_gss_inquire_cred_by_mechGreg Hudson2012-01-311-10/+0
| | | | | | | | | | | | | | | krb5_gss_inquire_cred_by_mech checks its mech argument against two of the four mechs a krb5 cred might have (the krb5 mech and the old krb5 mech, but not the wrong Microsoft mech or the IAKERB mech), so would spuriously fail for the other two mechs. There is no reason to check the mechanism if we assume a reasonable mechglue is interpreting application gss_inquire_cred_by_mech calls, so just remove the check. ticket: 7084 target_version: 1.10.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25666 dc483132-0cff-0310-8789-dd5450dbe970
* Allow S4U2Proxy service tickets to be cachedGreg Hudson2011-12-071-3/+1
| | | | | | | | | | Previous to this change, the GSS code avoids caching S4U2Proxy results for fear of the memory cache growing without bound, but that seems unlikely to be a serious problem. Allow these to be cached. ticket: 7047 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25530 dc483132-0cff-0310-8789-dd5450dbe970
* Allow S4U2Proxy delegated credentials to be savedGreg Hudson2011-12-077-31/+86
| | | | | | | | | | | | | | | The initial implementation of client-side S4U2Proxy support did not allow delegated proxy credentials to be stored (gss_store_cred would error out, and gss_krb5_copy_ccache would generate a non-working cache). To make this work, we save the impersonator name in a cache config variable and in a cred structure field (replacing the proxy_cred flag), and make the default principal of the proxy cache the subject principal as the caller would expect for a regular delegated cred. ticket: 7046 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25529 dc483132-0cff-0310-8789-dd5450dbe970
* Recognize IAKERB mech in krb5_gss_display_statusGreg Hudson2011-11-211-1/+2
| | | | | | | | | | | | Minor status codes were not displaying properly when originated from the IAKERB mech, because of a safety check on mech_type. From Ralf Haferkamp <rhafer@suse.de>. ticket: 7020 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25482 dc483132-0cff-0310-8789-dd5450dbe970
* Make reindentTom Yu2011-10-173-3/+3
| | | | | | | Also fix pkinit_crypto_nss.c struct initializers and add parens to a ternary operator in do_as_req.c for better indentation. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25362 dc483132-0cff-0310-8789-dd5450dbe970
* Style policeGreg Hudson2011-10-171-2/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25359 dc483132-0cff-0310-8789-dd5450dbe970
* gssalloc-related fixes to naming_exts.cSam Hartman2011-10-171-28/+31
| | | | | | | | | | | | | renamed kg_data_list_to_buffer_set_nocopy to data_list_buffer_set (since nocopy is no longer guaranteed). removed extra indirection to input krb5_data list. ensured input krb5_data list is always completely freed. no longer returns EINVAL when output buffer set is NULL. fixed krb5_gss_get_name_attribute to use data_to_gss. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25358 dc483132-0cff-0310-8789-dd5450dbe970
* make dependTom Yu2011-10-141-141/+146
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25344 dc483132-0cff-0310-8789-dd5450dbe970
* gssalloc memory management for gss_buffer_setSam Hartman2011-10-141-4/+11
| | | | | | | | compiles, but untested Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25341 dc483132-0cff-0310-8789-dd5450dbe970
* Use gssalloc memory management where appropriateSam Hartman2011-10-147-43/+46
| | | | | | | | | | gss_buffer_t may be freed in a different module from where they are allocated so it is not safe to use strdup/malloc/calloc/free. similarly, gss_OID_set need to use gssalloc functions. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25332 dc483132-0cff-0310-8789-dd5450dbe970
* Utility functions to move allocations from k5buf/krb5_data to gss_buffer_tSam Hartman2011-10-141-0/+28
| | | | | | | | | | | | On Unix, these simply move the buffer pointer, but on windows they need to reallocated with gssalloc_malloc and coied since the gss_buffer_t may need to be freed in a separate module with potentially mismatched c runtime. Also fix a mismatched parameter warning in generic_gss_copy_oid_set(). Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25331 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a memory leak in make_gss_checksumGreg Hudson2011-10-071-0/+1
| | | | | | | | | | From greg.mcclement@sap.com. ticket: 6972 target_version: 1.9.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25323 dc483132-0cff-0310-8789-dd5450dbe970
* gss_unwrap_iov crashes with stream buffers for 3des, des, rc4Sam Hartman2011-10-051-1/+5
| | | | | | | | | | | | | | Use correct key to determine enctype for KG2 tokens in kg_unseal_stream_iov Tested with AES for a new enctype and 3DES for an old enctype. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 6970 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25309 dc483132-0cff-0310-8789-dd5450dbe970
* Windows fixes: add KRB5_CALLCONV where neededSam Hartman2011-09-281-1/+1
| | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25269 dc483132-0cff-0310-8789-dd5450dbe970
* * New implementation to map a gss name to localnameSam Hartman2011-09-211-19/+11
| | | | | | | | | | | | | | | | * Write gss_pname_to_uid in terms of gss_localname; suppress on win32 * Add test for gss_pname_to_uid indirectly testing gss_localname * gss_localname is the SPI, not gss_pname_to_uid * fix some const gss_OID->gss_const_oid Signed-off-by: Sam Hartman <hartmans@painless-security.com> gss_localname: map gss name to localname git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25222 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-28 03:02:05 +0000