summaryrefslogtreecommitdiffstats
path: root/src/lib/gssapi
Commit message (Collapse)AuthorAgeFilesLines
...
* Use gss_set_cred_option instead of (undeclared) gssspi_set_cred_optionKen Raeburn2010-10-021-4/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24410 dc483132-0cff-0310-8789-dd5450dbe970
* A cleaner impleentation of r24399 which adds two new auth context APIsGreg Hudson2010-10-011-4/+7
| | | | | | | | | (and is therefore less suitable for backporting to 1.8) but doesn't reach inside the auth context structure in the krb5 mechanism code. ticket: 6768 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24400 dc483132-0cff-0310-8789-dd5450dbe970
* GSSAPI forwarded credentials must be encrypted in session keyGreg Hudson2010-10-011-3/+11
| | | | | | | | | | | | | | | When IAKERB support was added, the krb5_mk_req checksum function gained access to the send subkey. This caused GSSAPI forwarded credentials to be encrypted in the subkey, which violates RFC 4121 section 4.1.1 and is not accepted by Microsoft's implementation. Temporarily null out the send subkey in the auth context so that krb5_mk_ncred uses the session key instead. ticket: 6768 target_version: 1.8.4 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24399 dc483132-0cff-0310-8789-dd5450dbe970
* Use IAKERB OID header for all IAKERB messages including AP-REQLuke Howard2010-09-274-4/+16
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24363 dc483132-0cff-0310-8789-dd5450dbe970
* Simplify acquire_accept_cred very slightly, avoiding some long linesGreg Hudson2010-09-271-7/+6
| | | | | | and repeated macro calls. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24357 dc483132-0cff-0310-8789-dd5450dbe970
* Add gss_krb5_import_credGreg Hudson2010-09-2713-273/+577
| | | | | | | | | | | | Add gss_krb5_import_cred from Heimdal; allows krb5 creds to be acquired from a keytab or ccache into a GSSAPI credential without using global process or thread variables. Merged from the users/lhoward/import-cred branch. ticket: 6785 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24356 dc483132-0cff-0310-8789-dd5450dbe970
* Make dependGreg Hudson2010-09-083-164/+211
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24298 dc483132-0cff-0310-8789-dd5450dbe970
* Allow krb5_gss_register_acceptor_identity to unset keytab nameGreg Hudson2010-08-192-10/+8
| | | | | | | | | | | | | krb5_gss_register_acceptor_identity sets a mutex-locked global (not thread-specific) variable containing a keytab name. This change allows the variable to be unset by passing a null value. A more elegant long-term solution to the problem is Heimdal's gss_krb5_import_cred function. ticket: 6758 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24242 dc483132-0cff-0310-8789-dd5450dbe970
* Remove two unused source files in lib/gssapi/genericGreg Hudson2010-08-122-118/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24238 dc483132-0cff-0310-8789-dd5450dbe970
* Add correct error table when initializing gss-krb5Greg Hudson2010-06-211-1/+1
| | | | | | | | | | | | | | | gss_krb5int_lib_init was adding the generic GSS error table (again) instead of the krb5 error table, which could lead to crashes on library unload. This bug was introduced in krb5 1.7; the fix is also applicable there. Patch from Leonardo Chiquitto <leonardo.lists@gmail.com>. ticket: 6745 target_version: 1.8.3 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24139 dc483132-0cff-0310-8789-dd5450dbe970
* Stop checking the current time against the context expiration time inGreg Hudson2010-06-083-29/+3
| | | | | | | | | | | | | | | | the message wrap/unwrap functions in the krb5 GSS mech. Heimdal doesn't do it, and it generally results in poor app behavior when a ticket expires. In exchange, it doesn't provide much security benefit since it's not enforced across the board--for example, ssh sessions can persist beyond ticket expiration time since they don't use GSS to wrap payload data. (This is a continuation of r24120, which should have contained the changes to all four files.) ticket: 6739 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24121 dc483132-0cff-0310-8789-dd5450dbe970
* Stop checking the current time against the context expiration time inGreg Hudson2010-06-081-14/+0
| | | | | | | | | | | | | | | the message wrap/unwrap functions in the krb5 GSS mech. Heimdal doesn't do it, and it generally results in poor app behavior when a ticket expires. In exchange, it doesn't provide much security benefit since it's not enforced across the board--for example, ssh sessions can persist beyond ticket expiration time since they don't use GSS to wrap payload data. ticket: 6739 target_version: 1.8.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24120 dc483132-0cff-0310-8789-dd5450dbe970
* make dependGreg Hudson2010-06-073-264/+270
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24119 dc483132-0cff-0310-8789-dd5450dbe970
* make dependGreg Hudson2010-05-281-15/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24109 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Arlene Berry to detect and ignore a duplicateTom Yu2010-05-201-0/+12
| | | | | | | | | | | mechanism token sent in the mechListMIC field, such as sent by Windows 2000 Server. ticket: 6726 target_version: 1.8.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24075 dc483132-0cff-0310-8789-dd5450dbe970
* In gss_acquire_cred_with_password() and gss_add_cred_with_password(),Greg Hudson2010-05-201-38/+23
| | | | | | | require desired_name to be set, and always honor it. This is consistent with the Sun implementation and simplifies the code. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24072 dc483132-0cff-0310-8789-dd5450dbe970
* CVE-2010-1321 GSS-API lib null pointer deref (MITKRB5-SA-2010-005)Tom Yu2010-05-191-0/+7
| | | | | | | | | | | Make krb5_gss_accept_sec_context() check for a null authenticator checksum pointer before attempting to dereference it. ticket: 6725 tags: pullup target_version: 1.8.2 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24056 dc483132-0cff-0310-8789-dd5450dbe970
* If gss_inquire_cred is called with a null credential, acquire aGreg Hudson2010-05-171-44/+13
| | | | | | | | default initiator credential and process it normally, instead of using a completely different code path (the default mechanism's inquire_cred handler). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24052 dc483132-0cff-0310-8789-dd5450dbe970
* The mechglue always passes null for desired_mechs and actual_mechsGreg Hudson2010-05-177-244/+30
| | | | | | | when invoking gss_acquire_cred and friends. Eliminate a lot of unused and untestable logic in the krb5 mech which processed those arguments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24051 dc483132-0cff-0310-8789-dd5450dbe970
* The mechglue never invokes a mech's gss_add_cred function. Remove theGreg Hudson2010-05-174-411/+1
| | | | | | | | krb5 mech's add_cred implementation and null it out in the table. (This has the effect of removing the IAKERB add_cred implementation. SPNEGO already had it nulled out.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24050 dc483132-0cff-0310-8789-dd5450dbe970
* Update dependenciesKen Raeburn2010-05-162-0/+22
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24041 dc483132-0cff-0310-8789-dd5450dbe970
* Fix some bugs in the IAKERB code discovered by Coverity. Also trimGreg Hudson2010-05-012-28/+16
| | | | | | | down iakerb_initiator_step() a little using krb5_data constructors and avoiding vertical function arguments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23961 dc483132-0cff-0310-8789-dd5450dbe970
* Add IAKERB mechanism and gss_acquire_cred_with_passwordGreg Hudson2010-04-3022-303/+2413
| | | | | | | | | | | | | | Merge branches/iakerb to trunk. Includes the following: * New IAKERB mechanism. * New gss_acquire_cred_with_password mechglue function. * ASN.1 encoders and decoders for IAKERB structures (with tests). * New shortcuts in gss-sample client and server. * Tests to exercise SPNEGO and IAKERB using gss-sample application. ticket: 6712 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23960 dc483132-0cff-0310-8789-dd5450dbe970
* In kg_new_connection(), make sure k_cred is freed in all failureGreg Hudson2010-04-221-3/+2
| | | | | | cases. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23926 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Arlene Berry to cease freeing error tokens output byTom Yu2010-04-221-3/+0
| | | | | | | | | | | accept_sec_context, allowing them to actually be sent to the initiator. ticket: 6696 target_version: 1.8.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23925 dc483132-0cff-0310-8789-dd5450dbe970
* Amend r23917 to correct some uses of *out_creds which should now useGreg Hudson2010-04-211-3/+2
| | | | | | the local variable. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23918 dc483132-0cff-0310-8789-dd5450dbe970
* In the get_credentials() helper of the gss-krb5 init_sec_context code,Greg Hudson2010-04-211-2/+8
| | | | | | ensure that *out_creds is only filled in on successful return. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23917 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Arlene Berry to not use freed memory inTom Yu2010-03-231-1/+2
| | | | | | | | | | gss_import_sec_context in some error paths. ticket: 6678 target_version: 1.8.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23834 dc483132-0cff-0310-8789-dd5450dbe970
* MITKRB5-SA-2010-002 CVE-2010-0628 denial of service in SPNEGOTom Yu2010-03-231-22/+16
| | | | | | | | | | | The SPNEGO implementation in krb5-1.7 and later could crash due to assertion failure when receiving some sorts of invalid GSS-API tokens. ticket: 6690 target_version: 1.8.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23832 dc483132-0cff-0310-8789-dd5450dbe970
* Release the internal_name field of a SPNEGO context if it has not beenGreg Hudson2010-03-051-0/+3
| | | | | | | | | | claimed for a caller argument. ticket: 6674 target_version: 1.8.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23772 dc483132-0cff-0310-8789-dd5450dbe970
* Explain the current SPNEGO initiator/acceptor design in comments. NoGreg Hudson2010-02-221-11/+66
| | | | | | code changes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23743 dc483132-0cff-0310-8789-dd5450dbe970
* Fix two unrelated problems in SPNEGO which don't crop up with the krb5Greg Hudson2010-02-221-10/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | mechanism. 1. The third call to spnego_init_accept_context uses faulty logic to determine if the exchange is complete, preventing a third mech token from being sent to the acceptor if no MIC exchange is required. Follow the logic used in the second call (in init_ctx_nego), which is correct. 2. If the acceptor selects a mech other than the optimistic mech, it sets sc->mic_reqd to 1 whether or not the selected mech supports MICs (which isn't known until the mech completes). Most code outside of handle_mic checks sc->mic_reqd along with (sc->ctx_flags & GSS_C_INTEG_FLAG), but the code in acc_ctx_call_acc neglected to do so, so it could improperly delegate responsibility for deciding when the negotiation was finished to handle_mic--which never gets called if (sc->ctx_flags & GSS_C_INTEG_FLAG) is false. Fix acc_ctx_call_acc to check sc->ctx_flags so that mechs which don't support integrity protection can complete if they are selected non-optimistically. ticket: 6603 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23742 dc483132-0cff-0310-8789-dd5450dbe970
* Update dependenciesKen Raeburn2010-02-201-0/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23740 dc483132-0cff-0310-8789-dd5450dbe970
* Clarify the SPNEGO NegHints code and plug two cases where half-createdGreg Hudson2010-02-131-25/+19
| | | | | | context could be leaked. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23722 dc483132-0cff-0310-8789-dd5450dbe970
* Simplify the SPNEGO neg_mechs intersection logic a bit usingGreg Hudson2010-02-121-7/+6
| | | | | | gss_test_oid_set_member. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23717 dc483132-0cff-0310-8789-dd5450dbe970
* Implement gss_set_neg_mechsGreg Hudson2010-02-109-81/+301
| | | | | | | | | | | | | | | | | Implement gss_set_neg_mechs in SPNEGO by intersecting the provided mech set with the mechanisms available in the union credential. As we now need space to hold the mech set, the SPNEGO credential is now a structure and not just a mechglue credential. t_spnego.c is a test program which exercises the new logic. Like the other GSSAPI tests, it is not run as part of "make check" at this time. ticket: 6658 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23715 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Arlene Berry to handle the case where a mechanismTom Yu2010-02-051-2/+10
| | | | | | | | | | | implements set_cred_option but does not implement the requested option. ticket: 6601 tags: pullup target_version: 1.8 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23698 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Arlene Berry to avoid segfault if a mechTom Yu2010-02-051-0/+5
| | | | | | | | | | gss_inquire_context returns GSS_C_NO_NAME for the target name. ticket: 6600 tags: pullup target_version: 1.8 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23696 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Arlene Berry to return a comparable static OID objectTom Yu2010-02-051-0/+3
| | | | | | | | | | | instead of the application-passed (probably dynamically allocated) OID, to avoid use-after-free problems. ticket: 6598 tags: pullup target_version: 1.8 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23695 dc483132-0cff-0310-8789-dd5450dbe970
* define MIN() in lib/gssapi/krb5/prf.cTom Yu2010-01-261-0/+4
| | | | | | | | | | | | Apply patch from Doug Engert to define MIN(), which was causing prf.c to fail compilation on Solaris. (The definition was probably leaking from sys/param.h, included indirectly somehow.) ticket: 6648 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23673 dc483132-0cff-0310-8789-dd5450dbe970
* Update dependenciesKen Raeburn2010-01-032-0/+36
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23575 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_gss_acquire_cred will deref garbage pointer if actual_mechs is NULLEzra Peisach2010-01-031-3/+5
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23572 dc483132-0cff-0310-8789-dd5450dbe970
* Whitespace fixes for new anonymous supportGreg Hudson2009-12-281-1/+2
| | | | | | ticket: 6607 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23528 dc483132-0cff-0310-8789-dd5450dbe970
* Anonymous support for KerberosSam Hartman2009-12-282-2/+18
| | | | | | | | | | | | | | | | | | | | | | This ticket implements Project/Anonymous pkinit from k5wiki. Provides support for completely anonymous principals and untested client support for realm-exposed anonymous authentication. * Introduce kinit -n * Introduce kadmin -n * krb5_get_init_creds_opt_set_out_ccache aliases the supplied ccache * No longer generate ad-initial-verified-cas in pkinit * Fix pkinit interactions with non-TGT authentication Merge remote branch 'anonymous' into trunk Conflicts: src/lib/krb5/krb/gic_opt.c ticket: 6607 Tags: enhancement git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23527 dc483132-0cff-0310-8789-dd5450dbe970
* Add a set_cred_option handler for SPNEGO which forwards to theGreg Hudson2009-12-212-1/+25
| | | | | | | | | | | | underlying mechanism. Fixes SPNEGO credential delegation in 1.7 and copying of SPNEGO initiator creds in both 1.7 and trunk. Patch provided by nalin@redhat.com. ticket: 6594 target_version: 1.7.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23482 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a cleanup handler in the store_creds code; krb5_cc_close doesn'tGreg Hudson2009-12-171-2/+2
| | | | | | handle NULL arguments, so we have to check. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23480 dc483132-0cff-0310-8789-dd5450dbe970
* Add GSS extensions to store credentials, generate random bitsGreg Hudson2009-12-1715-2/+511
| | | | | | | | | Merge /users/lhoward/gssextras-no-cqa to trunk. Adds gss_pseudo_random and gss_store_cred. ticket: 6597 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23479 dc483132-0cff-0310-8789-dd5450dbe970
* Mark and reindent lib/gssapi, with some exceptionsTom Yu2009-12-0864-312/+312
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23457 dc483132-0cff-0310-8789-dd5450dbe970
* ReindentZhanna Tsitkov2009-11-301-35/+26
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23393 dc483132-0cff-0310-8789-dd5450dbe970
* Remove the non-iov entry point introduced in r23378, since it's easyGreg Hudson2009-11-291-5/+6
| | | | | | | | to use the iov entry point at both call sites. Rename the iov entry point to remove the "_iov" suffix since it's no longer needed to disambiguate. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23381 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-28 11:09:35 +0000