summaryrefslogtreecommitdiffstats
path: root/src/lib/gssapi
Commit message (Collapse)AuthorAgeFilesLines
* Fix import_sec_context with interposersSimo Sorce2013-03-241-21/+14
| | | | | | | | | | | | | | | | | | The code was correctly selecting the mechanism to execute, but it was improperly setting the mechanism type of the internal context when the selected mechanism was that of an interposer and vice versa. When an interposer is involved the internal context is that of the interposer, so the mechanism type of the context needs to be the interposer oid. Conversely, when an interposer re-enters gssapi and presents a token with a special oid, the mechanism called is the real mechanism, and the context returned is a real mechanism context. In this case the mechanism type of the context needs to be that of the real mechanism. ticket: 7592 target_version: 1.11.2 tags: pullup
* make dependGreg Hudson2013-03-243-213/+205
|
* Eliminate unused variablesGreg Hudson2013-03-151-1/+0
|
* Fix argument type in kg_unseal_v1Greg Hudson2013-03-151-1/+1
| | | | | | The caller of kg_unseal_v1 passes a gss_qop_t * for the qop_state parameter, so make it use that type instead of an int *. Noted by David Benjamin <davidben@mit.edu>.
* Add missing .gitignore entries and clean rulesGreg Hudson2013-02-271-2/+2
| | | | ticket: 7585
* Modernize k5bufGreg Hudson2013-02-143-16/+16
| | | | | | Rename the krb5int_buf_ family of functions to use the k5_ prefix for brevity. Reformat some k5buf implementation code to match current practices.
* Add k5_json_array_fmt and use it in export_cred.cGreg Hudson2013-02-131-261/+273
| | | | | | Add a template-based array constructor for convenient marshalling of structured values as JSON array values. Use it to simplify export_cred.c.
* Make internal JSON functions return error codesGreg Hudson2013-02-132-75/+97
| | | | | | | | | Return error codes (0, ENOMEM, or EINVAL) from JSON support functions instead of returning results directly. This makes error handling simpler for functions which assemble JSON objects and then return a krb5_error_code values. Adjust all callers. Use shims in export_cred.c to minimize changes there; it will be redesigned internally in a subsequent commit.
* Fix RFC 5587 const pointer typedefsGreg Hudson2013-02-111-3/+3
| | | | | | | | | | | | gss_const_ctx_id_t, gss_const_cred_id_t, and gss_const_name_t are supposed to be const pointers to the appropriate structures, not the structures themselves. These are not used by any prototypes yet, and no application would have any reason to use them as they are, so it should be safe to change them within the public header. ticket: 7567 (new) target_version: 1.11.1 tags: pullup
* Add and use k5memdup, k5memdup0 helpersGreg Hudson2013-02-094-15/+6
| | | | | | Add k5-int.h static functions to duplicate byte ranges, optionally with a trailing zero byte, and set an error code like k5alloc does. Use them where they would shorten existing code.
* make dependGreg Hudson2013-01-104-4/+4
| | | | | Mostly this gets rid of the trailing space on line 2 after bb76891f5386526bdf91bc790c614fc9296cb5fa.
* Rename ccache configuration macrosZhanna Tsitkov2013-01-092-6/+6
| | | | | KRB5_CONF_ prefix should be used for the krb5/kdc.conf parameters. Use KRB5_CC_CONF_ prefix for cache configuration variables.
* Fix void pointer arithmetic in oid_ops.cGreg Hudson2013-01-091-1/+1
| | | | | | | | When asserting that out has advanced the expected number of bytes in generic_gss_str_to_oid, avoid adding to oid->elements, which is a void pointer. Instead subtract from out and compare. ticket: 7524
* Fix gss_str_to_oid and gss_oid_to_str edge casesGreg Hudson2013-01-011-125/+121
| | | | | | | | | | | | | Neither function correctly handled OIDs whose second arc exceeds 47 (theoretically possible if the first arc is 2). gss_str_to_oid had additional problems: it used scanf, it didn't consistently protect against read overrun if the input buffer wasn't null-terminated, and it could get confused by + or - characters in the first two arcs. Fix gss_oid_to_str and rewrite gss_str_to_oid. Also add a test program. ticket: 7524 (new)
* Fix a small memory leak in util_errmapGreg Hudson2013-01-011-12/+9
| | | | | | | | | | | Calls to gssint_mecherrmap_map_errcode would result in calling mecherror_copy with a zero-length mech OID, which would result in an OID with 0 for length and malloc(0) for elements. On platforms which return non-null from malloc(0), gssint_mecherrmap_destroy() wouldn't free the elements pointer. Avoid calling malloc(0) and don't use the length field to decide whether to free an elements pointer.
* Fix gss_str_to_oid for OIDs with zero-valued arcsLuke Howard2013-01-011-6/+6
| | | | | | | | | | | gss_str_to_oid wasn't outputting any bytes for a zero-valued arc. It should output one byte with value 0. [ghudson@mit.edu: commit message] ticket: 7523 (new) target_version: 1.11.1 tags: pullup
* Separate clpreauth and kdcpreauth interfacesGreg Hudson2012-12-193-102/+102
| | | | | | | Since there is no overlap between the clpreauth and kdcpreauth interface declarations, there's no particular reason to combine them into one header. For backward compatibility and convenience, leave behind a preauth_plugin.h which includes both.
* Style cleanup for internal error handlingGreg Hudson2012-12-191-1/+1
| | | | | | | Fix style issues in kerrs.c and errors.c. Rename error handling functions to use shorter k5_ prefix. Eliminate an inoperable krb5int_set_error() call in gic_opte_alloc and convert the other call to use krb5_set_error_message().
* Fix various integer issuesGreg Hudson2012-12-101-3/+3
| | | | | | | | | | | | | | | In kdc_util.c and spnego_mech.c, error returns from ASN.1 length functions could be ignored because they were assigned to unsigned values. In spnego_mech.c, two buffer size checks could be rewritten to reduce the likelihood of pointer overflow. In dump.c and kdc_preauth.c, calloc() could be used to simplify the code and avoid multiplication overflow. In pkinit_clnt.c, the wrong value was checked for a null result from malloc(), and the code could be simplified. Reported by Nickolai Zeldovich <nickolai@csail.mit.edu>. ticket: 7488
* Build fixes for windowsBen Kaduk2012-12-051-1/+1
| | | | | | | | | | | | Add entries to OBJS and SRCS as well as STLIBOBJS. Use KRB5_CALLCONV at function definition as well as declaration. Declare missing variable in _WIN32-conditional code. ticket: 7479 (new) tags: pullup target_version: 1.11
* Don't use void * arithmetic in interposed_oidGreg Hudson2012-10-131-1/+2
|
* GENC should always export composite namesLuke Howard2012-10-032-10/+12
| | | | | | | | | | | RFC 6680 requires that gss_export_name_composite begin the output token with 04 02. So we must produce a composite token even if the name has no authdata, and be able to consume a composite token with no authdata attributes. [ghudson@mit.edu: expanded commit message] ticket: 7400 (new)
* Add SPI calls to import objects by mech oidSimo Sorce2012-10-026-17/+85
| | | | | | | | | | An interposer mech needs to be able to handle multiple mechanisms. When importing a mech token for a name, cred, or context, the interposer mech needs to know the mech type of the token being imported. To make this work, add SPI calls which accept a mech type argument. [ghudson@mit.edu: Stylistic changes, commit squashing, commit message]
* Use interposer mechanisms in mechglue functionsSimo Sorce2012-10-0214-112/+183
| | | | | | | | | | Wherever a GSSAPI mechglue function accepts a mech OID from the caller, use gssint_select_mech_type() to choose the mechanism to use. Wherever a mechglue function outputs a mech OID to the caller, use gssint_get_public_oid() or gssint_make_public_oid_set() to expose the public mech OID. [ghudson@mit.edu: Stylistic changes, commit squashing, commit message]
* Add primitives for using interposed mechanismsSimo Sorce2012-10-022-4/+152
| | | | | | | | | | Add gssint_select_mechanism() to determine what mechanism to use for a caller-specified OID, gssint_get_public_oid() to determine what mechanism to expose to the caller, and gssint_make_public_oid_set to translate an array of mech OIDs into a set of public OIDs. In gssint_get_mechanism(), match interposed OIDs as well as real ones. [ghudson@mit.edu: Stylistic changes, commit squashing, commit message]
* Add support for loading interposer modulesSimo Sorce2012-10-022-24/+247
| | | | | | | | | | | | Extend the syntax of the gss mech config file to allow a module type delimited by triangle brackets. If the module type is "interposer", flag the mechanism entry as being an interposer mechanism. A module marked as an interposer is loaded immediately (so it can interpose a built-in mechanism) and produces a list of OIDs to interpose. Interposer mechanisms are not exposed to applications. [ghudson@mit.edu: Stylistic changes, commit squashing, commit message]
* Keep verifier cred locked in accept_sec_contextGreg Hudson2012-09-211-15/+15
| | | | | | | | | | It might have been safe to access the krb5 verifier cred without a lock before constrained delegation, but it is less likely to be safe now that we might access both the initiator and acceptor parts of the cred. Hold a lock on the cred for the full accept_sec_context operation. ticket: 7366 (new)
* Resolve verifier cred in accept_sec_contextGreg Hudson2012-09-211-2/+3
| | | | | | | | | If the verifier cred handle is of type GSS_C_BOTH, we need to resolve the initiator part of it in order to create a s4u2proxy delegated credential handle. (If it's of type GSS_C_ACCEPT, kg_resolve_cred won't do anything beyond locking and validating the credential.) ticket: 7356
* Refactor gss mech config parserGreg Hudson2012-09-171-85/+53
| | | | Use helper functions to shorten and clarify loadConfigFile.
* Delete unused internal mechglue functionsGreg Hudson2012-09-172-125/+0
| | | | | | | Get rid of gssint_get_mechanisms, gssint_mech_to_oid, and gssint_oid_to_mech, which constructed a list of mechanism names and mapped between mech names and OIDs. These functions were only used by gss_inquire_mechs_for_name, which now uses gss_indicate_mechs instead.
* Simplify gss_inquire_mechs_for_nameGreg Hudson2012-09-171-68/+45
| | | | | | | | | Use gss_indicate_mechs instead of gssint_get_mechanisms and gssint_mech_to_oid to iterate over the list of mechanism OIDs. Use a static helper to determine whether a mech supports a name type, avoiding most of the work done in the for loop. Use a cleanup handler. Don't leave partial results in the output parameter on error.
* Avoid leaks on gss_accept_sec_context errorsSimo Sorce2012-09-161-4/+5
| | | | | | | | | | | | | | | Failure handling during the postprocessing of mech->gss_accept_sec_context was inconsistent. In one case we delete the output token but leave the partly-constructed context present in *context_handle (violating RFC 2744 if this is the first call); in other cases we leave the output token in the caller's buffer but do destroy the partly-constructed context. Make this more consistent by always destroying the output token and partly-constructed context. (RFC 2744 prefers, but does not require, leaving the partly-constructed context present on error if it was present on entry. At the moment we are ignoring that preference.) [ghudson@mit.edu: Rewrote commit message with more details]
* Unregister error message key on library unloadBen Kaduk2012-09-121-0/+1
| | | | | | | | | | | | | | | Revision fcdd2de1 added the K5_KEY_GSS_KRB5_ERROR_MESSAGE key, and registered it in the gssapi library initialization routine, but did not unregister it in the libary finalization routine. When the library is unloaded and reloaded in the same process, this leads to an assertion failure, since we check that destructors_set[keynum] is zero (no destructor set) when registering a key in util/support/threads.c. Unregister the key on library cleanup to resolve the error. ticket: 7353 target_version: 1.10.4 tags: pullup
* make dependGreg Hudson2012-09-122-0/+48
|
* Add SPNEGO support for GSS cred export and importGreg Hudson2012-09-112-1/+51
| | | | ticket: 7354
* Add krb5 support for GSS cred export and importGreg Hudson2012-09-115-0/+1117
| | | | | | | Using the new internal JSON support to implement serialization and unserialization of krb5 GSS credentials. ticket: 7354
* Introduce gss_export_cred and gss_import_credGreg Hudson2012-09-116-0/+314
| | | | | | | | Add gss_export_cred and gss_import_cred mechglue functions to serialize and unserialize GSSAPI credential handles. Mechanism implementations and tests will follow. ticket: 7354 (new)
* Add support for GSS_C_NT_COMPOSITE_EXPORTLuke Howard2012-08-317-62/+78
| | | | ticket: 7347 (new)
* Fix memory leak in gss_add_credGreg Hudson2012-08-301-0/+3
| | | | | The most recent commit to g_acquire_cred.c allocates an OID set to pass to the mech, but never releases it. Fix that.
* Run "make depend"Tom Yu2012-08-231-0/+15
|
* Clean up k5buf_to_gss helperGreg Hudson2012-08-232-5/+3
| | | | | | | k5buf_to_gss was used in only one place (generic_gss_oid_to_str), where we want to include the terminating null byte in the GSS buffer. Remove that assumption from the helper, and instead explicitly append the null byte to the buffer before translating.
* Use gssalloc in krb5_gss_export_nameGreg Hudson2012-08-111-1/+1
| | | | | | | krb5_gss_export_name uses malloc to construct a gss_buffer_desc value, and should use gssalloc_malloc instead. ticket: 7233
* Use gssalloc in more parts of GSSAPIGreg Hudson2012-08-115-11/+13
| | | | | | | | | Fix some GSSAPI buffer allocations which were missed in 800358b1790ef82710af0b6021c6ff2dca2b0de7: gss_export_sec_context, gss_display_name, and IAKERB and SPNEGO token construction. ticket: 7233 (new) tags: pullup
* Add debug mode to gssapi_alloc.hGreg Hudson2012-08-113-23/+79
| | | | | | | | | | Because the gssalloc macros are normally equivalent to malloc and free on Unix, we cannot use the full test suite to find cases where we allocate with malloc and free with gssalloc_free or vice versa. Provide a way to test for this kind of bug (if only in a special build configuration) by supporting a DEBUG_GSSALLOC symbol, which causes the gssalloc wrappers to be deliberately incompatible with malloc and free.
* Remove gss_mechanism_extSimo Sorce2012-08-085-124/+26
| | | | | | | | This function did not serve any useful purpose. Remove it and the special case it creates; move the only function it contained to the main gss_mechanism structure where it belongs. Note that the function name is preserved so that loadable modules are not affected by this change.
* Pass the actual mech oid in creds functionsSimo Sorce2012-08-062-11/+34
| | | | | | This way the mechanism handler knows what mech type is intended. This allows plugin that implement multiple mechanisms or interposer plugins to know what they are being asked to do.
* Always consider desired_mechs empty in spnego (2)Simo Sorce2012-08-061-9/+7
| | | | | | | | Follow previous change to add_cred_from. The only case where the spnego gss_*_cred_* functions can be called with specific OIDs is if the mechglue calls spnego with the spengo oid, which we never want to loop on anyway. So always consider it as null, it's the correct behavior with current semantics.
* Reuse code to free gss_mech_info structureSimo Sorce2012-08-051-21/+4
|
* Always consider desired_mechs empty in spnegoSimo Sorce2012-08-031-18/+4
| | | | | | | The only case where the spnego gss_aquire_cred function can be called with specific OIDs is if the mechglue calls spenego with the spengo oid, which we never want to loop on anyway. So always consider it as null, it's the correct behavior with current semantics.
* Make gss_ctx_id_t truly opaqueSimo Sorce2012-08-035-6/+6
| | | | | | This allows us to still use it for type safety in the APIs while at the same time prevent code from trying to dereference internal_ctx_id by mistake.
generated by cgit (git 2.34.1) at 2025-09-26 19:32:17 +0000