summaryrefslogtreecommitdiffstats
path: root/src/lib/kadm5/srv
Commit message (Collapse)AuthorAgeFilesLines
* make dependGreg Hudson2014-07-081-15/+33
|
* Include autoconf.h before system headersGreg Hudson2014-07-083-8/+2
| | | | | | | | | Include autoconf.h (either directly or via proxy) before system headers, so that feature test macros defined there can affect the system namespace. Where include order was changed, eliminate some redundant or unnecessary includes. ticket: 7961
* Use k5_setmsgGreg Hudson2014-06-054-12/+11
| | | | | | Replace most calls to krb5_set_error_message with k5_setmsg for brevity. Leave alone plugin sources where we don't include k5-int.h (mostly PKINIT).
* Remove adb_policy_init and adb_policy_closeTomas Kuthan2014-04-043-24/+1
| | | | | | | | | | | Since f72c3ffa the policy is initialized as part of database. adb_policy_close is now a no-op, and adb_policy_init just makes sure the database is initialized. adb_policy_init is only called from kadm5_flush, and only if database initialization was successful beforehand, rendering this call redundant. Remove adb_policy_init and adb_policy_close and all their references in the code and documentation.
* Fix leak in kadm5_flush with LDAP KDBTomas Kuthan2014-04-041-1/+1
| | | | | | | | | | | | | Due to an inverted test in adb_policy_init, kadm5_flush calls krb5_db_open twice. With the DB2 KDB module, the second open is a no-op, but with the LDAP module, a new DB handle is allocated and the old one is leaked. [ghudson@mit.edu: rewrote commit message] ticket: 7897 (new) target_version: 1.12.2 tags: pullup
* Stop generating gssapi_krb5.hGreg Hudson2014-02-261-4/+4
| | | | | | | We started generating gssapi_krb5.h from gssapi_krb5.hin when we needed to use a 64-bit type for lucid contexts. Since we can now assume a standard name for 64-bit types, we can stop generating the header.
* Simplify ulog_mapGreg Hudson2014-02-201-4/+3
| | | | | | | | | | | | | | | | | | | | Get rid of the caller parameter. The kproplog semantics (without -R) for mapping the ulog are simple and almost completely different from other users of the ulog, so implement them as a static helper in kproplog. With hierarchical iprop, kpropd will need the same semantics as FKCOMMAND and FKADMIND, which were already identical. Get rid of the db_args parameter, since ulog_map no longer opens the database after #7552. Remove an inoperative lseek() call when creating a new ulog file. Rename ulog_filesize to filesize and compute it from scratch each time we use it, for easier analysis. If kdb_hmagic is zero, init the ulog header but don't skip the rest of the function; it's possible that we need to expand the ulog file. Remove an unneeded conditional before calling extend_file_to for an existing ulog. ticket: 7855
* Make salt defaulting work for keysaltsTom Yu2014-01-062-3/+3
| | | | | | | | | | Make krb5_string_to_keysalts() default to only ":" as a key:salt separator character. Change most of its callers to pass NULL so they get the default separators. Adapted from a patch proposed by Jon Looney. ticket: 884
* Don't cache active master key list in kadmindGreg Hudson2013-10-252-18/+23
| | | | | | | | | | | "kdb5_util use_mkey" should not require a kadmind restart to take effect. At the cost of fetching the K/M principal once for each key change operation, make kadmind use the current active master key list for each operation. ticket: 7685 target_version: 1.12 tags: pullup
* Add kadmin support for principals without keysGreg Hudson2013-07-151-3/+8
| | | | | | | | | Add kadmin support for "addprinc -nokey", which creates a principal with no keys, and "purgekeys -all", which deletes all keys from a principal. The KDC was modified by #7630 to support principals without keys. ticket: 7679 (new)
* Avoid allocating zero key_data structuresGreg Hudson2013-07-151-11/+13
| | | | | | | | When we allocate space for an array of key_data structures, make sure we allocate at least one, so we don't spuriously fail on platforms where malloc(0) returns NULL. Where we use malloc, use k5calloc instead. Where we use krb5_db_alloc or realloc, just allocate an extra entry.
* Use k5calloc instead of k5alloc where appropriateGreg Hudson2013-07-113-3/+3
| | | | | Wherever we use k5alloc with a multiplication in the size parameter,, use the new k5calloc helper function instead.
* Fix various warningsGreg Hudson2013-06-073-8/+11
|
* Reduce boilerplate in makefilesGreg Hudson2013-05-161-3/+0
| | | | | | | | | Provide default values in pre.in for PROG_LIBPATH, PROG_RPATH, SHLIB_DIRS, SHLIB_RDIRS, and STOBJLISTS so that they don't have to be specified in the common case. Rename KRB5_RUN_ENV and KRB5_RUN_VARS to RUN_SETUP (already the most commonly used name) and RUN_VARS. Make sure to use DEFINES for local defines (not DEFS). Remove some other unnecessary makefile content.
* make dependGreg Hudson2013-03-241-23/+19
|
* Add and use k5memdup, k5memdup0 helpersGreg Hudson2013-02-091-5/+3
| | | | | | Add k5-int.h static functions to duplicate byte ranges, optionally with a trailing zero byte, and set an error code like k5alloc does. Use them where they would shorten existing code.
* Get rid of krb5_read_realm_paramsGreg Hudson2013-01-161-2/+0
| | | | | | | Read realm parameters directly from the profile in the KDC's init_realm(), getting rid of the intermediate krb5_realm_params structure. Then get rid of krb5_realm_params and krb5_read_realm_params, since nothing else uses it.
* Simplify KDC host referral codeGreg Hudson2013-01-111-1/+0
| | | | | | | | | | | Remove some unnecessary optimizations to reduce code complexity. Get rid of krb5_match_config_pattern in favor of a simpler helper function in do_tgs_req_c. Get rid of KRB5_CONF_ASTERISK and just use "*" instead. Use a helper function to combine [kdcdefaults] and realm subsection values of variables, and don't bother adding leading and trailing spaces. Consistently use the names "hostbased" and "no_referral" to refer to variable values (with a "realm_" prefix for structures which currently use it).
* make dependGreg Hudson2013-01-101-1/+1
| | | | | Mostly this gets rid of the trailing space on line 2 after bb76891f5386526bdf91bc790c614fc9296cb5fa.
* Fold kadm5 internal policy functions into callersGreg Hudson2013-01-093-57/+8
| | | | | | | | | kadm5_create_policy and kadm5_modify_policy had _internal variants in libkadm5srv (but not libkadm5clnt) which only existed to protect the policy_refcnt field from modification over the wire. Now that policy_refcnt is no longer used, we don't need the separation. Bump the library soname since this is technically an ABI change.
* Allow principals to refer to nonexistent policiesGreg Hudson2013-01-092-175/+65
| | | | | | | | | | | | | | Stop using and maintaining the policy_refcnt field, and do not try to prevent deletion of a policy which is still referenced by principals. Instead, allow principals to refer to policy names which do not exist as policy objects; treat those principals as having no associated policy. In the kadmin client, warn if addprinc or modprinc tries to reference a policy which doesn't exist, since the server will no longer error out in this case. ticket: 7385
* Fix various result checksNickolai Zeldovich2013-01-071-1/+1
| | | | | | | | | | | Correct three cases where the wrong expression was checked to see if an allocation function returned null. [ghudson@mit.edu: commit message, patch splitting] ticket: 7534 target_version: 1.11.1 tags: pullup
* Separate clpreauth and kdcpreauth interfacesGreg Hudson2012-12-191-12/+12
| | | | | | | Since there is no overlap between the clpreauth and kdcpreauth interface declarations, there's no particular reason to combine them into one header. For backward compatibility and convenience, leave behind a preauth_plugin.h which includes both.
* Fix apply_keysalt_policy bugGreg Hudson2012-08-151-1/+1
| | | | | | | | | If apply_keysalt_policy is called with null result arguments (as from kadm5_setkey_principal_3), we would dereference a null pointer if the principal has no policy or no policy allowed_keysalts field, due to an incorrect optimization. Reported by Nico. ticket: 7223
* Constify krb5_string_to_keysalts()'s string argNicolas Williams2012-07-301-1/+1
|
* Policy extensions + new policy: allowed ks typesNicolas Williams2012-07-303-52/+398
| | | | | | | | | | | | | | | | | This simply adds KADM5_API_VERSION_4 and various fields to the policy structures: - attributes (policy-ish principal attributes) - max_life (max ticket life) - max_renewable_life (max ticket renewable life) - allowed_keysalts (allowed key/salt types) - TL data (future policy extensions) Of these only allowed_keysalts is currently implemented. Some refactoring of TL data handling is also done. ticket: 7223 (new)
* Fix -DDEBUG compilation errorsHenry B. Hotz2012-06-042-3/+3
| | | | ticket: 7150
* Null pointer deref in kadmind [CVE-2012-1013]Richard Basch2012-05-291-1/+1
| | | | | | | | | | | | | | | | The fix for #6626 could cause kadmind to dereference a null pointer if a create-principal request contains no password but does contain the KRB5_KDB_DISALLOW_ALL_TIX flag (e.g. "addprinc -randkey -allow_tix name"). Only clients authorized to create principals can trigger the bug. Fix the bug by testing for a null password in check_1_6_dummy. CVSSv2 vector: AV:N/AC:M/Au:S/C:N/I:N/A:P/E:H/RL:O/RC:C [ghudson@mit.edu: Minor style change and commit message] ticket: 7152 target_version: 1.10.2 tags: pullup
* Add missing $(LIBS) to some shared librariesTom Yu2012-05-171-1/+1
| | | | | | | | | | Add $(LIBS) to the $(SHLIB_EXPLIBS) for some shared libraries which did not previously include it, which prevented gcov from working properly in some cases. Patch from W. Trevor King. ticket: 7138
* Allow clearpolicy restriction for kadmin addprincGreg Hudson2012-04-261-4/+5
| | | | | | | | | | Although the kadmin client never generates a KADM5_POLICY_CLR mask bit with addprinc, the bit will be set if a kadm5.acl line imposes the -clearpolicy restriction. Relax the sanity checking in kadm5_create_principal_3 to allow KADM5_POLICY_CLR as long as KADM5_POLICY is not also set. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25827 dc483132-0cff-0310-8789-dd5450dbe970
* Try all history keys to decrypt password historyGreg Hudson2012-04-242-43/+58
| | | | | | | | | | | | | A database created prior to 1.3 will have multiple password history keys, and kadmin prior to 1.8 won't necessarily choose the first one. So if there are multiple keys, we have to try them all. If none of the keys can decrypt a password history entry, don't fail the password change operation; it's not worth it without positive evidence of password reuse. ticket: 7099 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25819 dc483132-0cff-0310-8789-dd5450dbe970
* Fix password reuse check with cpw -keepoldGreg Hudson2012-04-041-0/+3
| | | | | | | | | | | | | | | | | When we check for password reuse, only compare keys with the most recent kvno against history entries, or else we will always fail with -keepold. This bug primarily affects rollover of cross-realm TGT principals, which typically use password-derived keys and may have an associated password policy such as "default". Bug report and candidate fix (taken with a slight modification) by Nicolas Williams. ticket: 7110 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25801 dc483132-0cff-0310-8789-dd5450dbe970
* Suppress some gcc uninitialized variable warningsGreg Hudson2012-03-221-1/+1
| | | | | | | | ticket: 7107 gcc 4.6.2 reportedly finds some spurious maybe-uninitialized warnings. Suppress them. Patch from Eray Aslan with some adjustment. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25783 dc483132-0cff-0310-8789-dd5450dbe970
* Only store master mey list in DAL handleGreg Hudson2012-03-213-25/+17
| | | | | | | | | | | | | | r24314 (#6778) created a hybrid owernship model for the master key list, with one virtual copy stored in the DAL handle and one provided to the caller of krb5_db_fetch_mkey_list. Replace this with a model where only the DAL handle owns the list, and a caller can get access to an alias pointer with a new function krb5_db_mkey_list_alias(). Functions which previously accepted the master key list as an input parameter now expect to find it in the DAL handle. Patch by Will Fiveash <will.fiveash@oracle.com>. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25781 dc483132-0cff-0310-8789-dd5450dbe970
* Refactor salt computation into libkdb5Greg Hudson2011-10-241-47/+15
| | | | | | | Add a new API krb5_dbe_compute_salt() to determine the salt for a key data entry, and use it in the three places we currently compute salts. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25410 dc483132-0cff-0310-8789-dd5450dbe970
* make dependTom Yu2011-10-141-6/+6
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25344 dc483132-0cff-0310-8789-dd5450dbe970
* Add kadmin functionality for string attributesGreg Hudson2011-09-212-0/+59
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25215 dc483132-0cff-0310-8789-dd5450dbe970
* Reindent per krb5-batch-reindent.el.Ken Raeburn2011-09-041-1/+1
| | | | | | | Some minor reformatting added in places to avoid exceeding 80 columns. Used Emacs 22.1 built-in C mode. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25144 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of variables triggering gcc's "defined but not used"Ken Raeburn2011-09-045-20/+0
| | | | | | complaints, almost entirely "rcsid" variables. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25141 dc483132-0cff-0310-8789-dd5450dbe970
* Make fewer db lookups in kadm5_create_principal_3Greg Hudson2011-06-241-19/+10
| | | | | | | | By creating the password history entry earlier in the function, we can avoid the need to look up the principal entry twice just to save a copy of the key data. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24990 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a minor memory leak in the pwqual loaderGreg Hudson2011-06-231-0/+1
| | | | | | | k5_pwqual_free_handles() wasn't freeing the container structure for each handle. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24986 dc483132-0cff-0310-8789-dd5450dbe970
* Mark up strings for translationGreg Hudson2011-06-108-19/+25
| | | | | | ticket: 6918 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24961 dc483132-0cff-0310-8789-dd5450dbe970
* Adjust most C source files to match the new standards for copyrightGreg Hudson2011-03-099-42/+24
| | | | | | and license comments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24695 dc483132-0cff-0310-8789-dd5450dbe970
* Make dependGreg Hudson2011-02-251-26/+31
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24662 dc483132-0cff-0310-8789-dd5450dbe970
* In kadm5_rename_principal, fix an oversight which would cause errorsGreg Hudson2011-02-131-1/+2
| | | | | | from krb5_principal2salt_norealm to be ignored. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24637 dc483132-0cff-0310-8789-dd5450dbe970
* Make principal renaming work in libkadm5srv by converting to explicitGreg Hudson2011-01-251-15/+49
| | | | | | | | | | | salts as necessary. Add a principal rename command to the client. (The RPC infrastructure was already present.) Adapted from patches submitted by mdw@umich.edu and lha@apple.com. ticket: 6323 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24604 dc483132-0cff-0310-8789-dd5450dbe970
* update dependenciesKen Raeburn2010-12-051-15/+15
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24561 dc483132-0cff-0310-8789-dd5450dbe970
* Use for loops for recursion in the Windows build, cutting down on theGreg Hudson2010-11-281-1/+1
| | | | | | | | | verbiage in Makefile.in files. For correctness of output, every Makefile.in mydir= definition is changed to use $(S) instead of /. ticket: 6826 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24536 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_get_error_message cannot return NULL, and returns "Success" onGreg Hudson2010-11-011-4/+2
| | | | | | error code 0. Simplify some overly paranoid code accordingly. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24489 dc483132-0cff-0310-8789-dd5450dbe970
* Add a kadm5 RPC for purging old keys from the KDB (e.g., fromTom Yu2010-10-082-0/+64
| | | | | | | | | | | | | | | change_password -keepold), and add a kadmin CLI command for it. Keeping ticket open because an automated test needs to be added. Long-term future work includes start/expire dates on keys, or not-yet-valid flags. ticket: 1219 status: open target_version: 1.9 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24442 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2024-10-05 09:22:33 +0000