summaryrefslogtreecommitdiffstats
path: root/src/lib/krb5/krb
Commit message (Collapse)AuthorAgeFilesLines
...
* Get rid of periods in Python test success messagesGreg Hudson2011-11-032-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25432 dc483132-0cff-0310-8789-dd5450dbe970
* Make krb5_check_clockskew publicGreg Hudson2011-10-314-4/+4
| | | | | | | | | | | | Rename krb5int_check_clockskew to krb5_check_clockskew and make it public, in order to give kdcpreauth plugins a way to check timestamps against the configured clock skew. ticket: 6996 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25424 dc483132-0cff-0310-8789-dd5450dbe970
* Make krb5_find_authdata publicGreg Hudson2011-10-253-25/+17
| | | | | | | | | | Rename krb5int_find_authdata to krb5_find_authdata and make it public. ticket: 6992 target_version: 1.10 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25414 dc483132-0cff-0310-8789-dd5450dbe970
* Allow rd_priv/rd_safe without remote addressGreg Hudson2011-10-153-12/+18
| | | | | | | | | | | | | | Allow krb5_rd_priv and krb5_rd_safe to work when there is no remote address set in the auth context, unless the KRB5_AUTH_CONTEXT_DO_TIMES flag is set (in which case we need the remote address for the replay cache name). Note that failing to set the remote address can create a vulnerability to reflection attacks in some protocols, although it is fairly easy to defend against--either use sequence numbers, or make sure that requests don't look like replies, or both. ticket: 6978 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25355 dc483132-0cff-0310-8789-dd5450dbe970
* Rename PAC type constants to avoid conflictsGreg Hudson2011-10-152-29/+46
| | | | | | | | Since the PAC type constants are now exposed in krb5.h, give them a KRB5_ prefix so they don't conflict with similar PAC type constants in other packages, like Samba. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25352 dc483132-0cff-0310-8789-dd5450dbe970
* Hide gak_fct interface and arguments in clpreauthGreg Hudson2011-10-154-89/+69
| | | | | | | | | | | | | | | | | | | | | | Remove the gak_fct, gak_data, salt, s2kparams, and as_key arguments of krb5_clpreauth_process_fn and krb5_clpreauth_tryagain_fn. To replace them, add two callbacks: one which gets the AS key using the previously selected etype-info2 information, and a second which lets the module replace the AS key with one it has computed. This changes limits module flexibility in a few ways. Modules cannot check whether the AS key was already obtained before asking for it, and they cannot use the etype-info2 salt and s2kparams for purposes other than getting the password-based AS key. It is believed that of existing preauth mechanisms, only SAM-2 preauth needs more flexibility than the new interfaces provide, and as an internal legacy mechanism it can cheat. Future mechanisms should be okay since the current IETF philosophy is that etype-info2 information should not be used for other purposes. ticket: 6976 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25351 dc483132-0cff-0310-8789-dd5450dbe970
* make dependTom Yu2011-10-141-0/+11
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25344 dc483132-0cff-0310-8789-dd5450dbe970
* Make krb5_pac_sign publicGreg Hudson2011-10-122-16/+12
| | | | | | | | | | | | krb5int_pac_sign was created as a private API because it is only needed by the KDC. But it is actually used by DAL or authdata plugin modules, not the core KDC code. Since plugin modules should not need to consume internal libkrb5 functions, rename krb5int_pac_sign to krb5_pac_sign and make it public. ticket: 6974 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25325 dc483132-0cff-0310-8789-dd5450dbe970
* Minor cleanups to encrypted challengeGreg Hudson2011-10-071-34/+26
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25320 dc483132-0cff-0310-8789-dd5450dbe970
* Use built-in modules for encrypted timestampGreg Hudson2011-10-074-80/+147
| | | | | | | | Break out the encrypted timestamp code from kdc_preauth.c and preauth2.c into built-in modules, allowing admins to disable it and reducing the size of the framework code. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25319 dc483132-0cff-0310-8789-dd5450dbe970
* Ditch fast_factor.h since it contains only stubsGreg Hudson2011-10-062-5/+3
| | | | | | | | Leave a comment behind where we called fast_set_kdc_verified(). Remove the call to fast_kdc_replace_reply_key() since it's wrong (encrypted challenge doesn't replace the reply key in that sense). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25317 dc483132-0cff-0310-8789-dd5450dbe970
* Use type-safe callbacks in preauth interfaceGreg Hudson2011-10-062-108/+27
| | | | | | | | | | | | | | | Replace the generic get_data functions in clpreauth and kdcpreauth with structures containing callback functions. Each structure has a minor version number to allow adding new callbacks. For simplicity, the new fast armor key callbacks return aliases, which is how we would supply the armor key as a function parameter. The new client keys callback is paired with a free_keys callback to reduce the amount of cleanup code needed in modules. ticket: 6971 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25315 dc483132-0cff-0310-8789-dd5450dbe970
* Use an opaque handle in the kdcpreauth callbackGreg Hudson2011-10-051-1/+0
| | | | | | | | | | | | | | Instead of passing a request and entry to the kdcpreauth get_data callback, pass an opaque handle. Remove DB entry and key data parameters from kdcpreauth methods (but keep the request, since that's transparent). The SecurID plugin links against libkdb5 and needs access to the client DB entry. Rather than continue to pass a DB entry to kdcpreauth methods, add a get_data callback to get the client DB entry for the few plugins which might need it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25300 dc483132-0cff-0310-8789-dd5450dbe970
* Eliminate domain-based client realm walkGreg Hudson2011-09-282-26/+50
| | | | | | | | | | | | | | | | | For a very long time, KDCs have known how to perform a domain-based realm walk when serving requests for TGTs. (So if a KDC for A.B.C receives a request for krbtgt/X.B.C and doesn't have that principal, it can return one for krbtgt/B.C instead.) Performing the same heuristic on the client is unnecessary and inefficient in common cases. Add a new function k5_client_realm_path to walk_rtree.c which uses capaths values only, and returns a list of realms (as desired by get_creds.c) instead of TGT names. ticket: 6966 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25241 dc483132-0cff-0310-8789-dd5450dbe970
* Fix an error case in encrypted timestamp preauthGreg Hudson2011-09-271-3/+1
| | | | | | | | | If krb5_encrypt_helper returns an error, it's not the caller's responsibility to free enc_data.ciphertext, and in one case (if krb5_c_encrypt_length returns an error) it won't have been initialized. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25239 dc483132-0cff-0310-8789-dd5450dbe970
* Update dependenciesEzra Peisach2011-09-261-0/+12
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25235 dc483132-0cff-0310-8789-dd5450dbe970
* Don't use accessor in encrypted challengeGreg Hudson2011-09-241-10/+7
| | | | | | | Now that the encrypted challenge code is linked into libkrb5 and the KDC, it's unnecessary to use the accessor there. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25229 dc483132-0cff-0310-8789-dd5450dbe970
* Recast encrypted challenge as linked built-insGreg Hudson2011-09-234-3/+200
| | | | | | | | Since it has no external dependencies, split up encrypted preauth into clpreauth and kdcpreauth chunks and link them directly into the consumers. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25227 dc483132-0cff-0310-8789-dd5450dbe970
* Improve mk_safe/mk_priv cleanup slightlyGreg Hudson2011-09-222-12/+16
| | | | | | | In both functions, initialize outbuf on error, and avoid putting pointers into it before we reach the successful return stage. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25225 dc483132-0cff-0310-8789-dd5450dbe970
* Add KRB5_CALLCONV to krb5_init_context_profile definition in init_ctx.c ↵Sam Hartman2011-09-191-1/+1
| | | | | | | | | Remove extraneous 'p' Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@debian.org> git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25203 dc483132-0cff-0310-8789-dd5450dbe970
* * Extend auth_packSam Hartman2011-09-191-0/+10
| | | | | | | | | | * extend dh_rep * add krb5_free_octet_data * extend pkinit free functions pkinit: add supportedKDFs and kdfID to structures git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25194 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a typo in r25026Greg Hudson2011-09-151-6/+6
| | | | | | | A stray "p" was added to krb5_init_context_profile() inside a _WIN32 block. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25180 dc483132-0cff-0310-8789-dd5450dbe970
* Newer GCCs optimizer catches a variable used without initializationEzra Peisach2011-09-062-463/+849
| | | | | | in the bison library code. Use a GCC pragma to suppress. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25163 dc483132-0cff-0310-8789-dd5450dbe970
* Add krb5_cc_select() API and pluggable interfaceGreg Hudson2011-09-052-0/+4
| | | | | | | | | | | The interface has two built-in modules. The realm module guesses a cache based on the server realm if it is known. The k5identity module (Unix only) chooses a client principal based on rules in a .k5identity file in the user's homedir. ticket: 6957 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25158 dc483132-0cff-0310-8789-dd5450dbe970
* Add new cache collection APIsGreg Hudson2011-09-051-0/+6
| | | | | | | | | | | | | | | * krb5_cc_get_full_name retrieves the full type:name of a cache. * krb5_cc_switch makes a cache the primary cache. * krb5_cc_cache_match searches the collection for a client principal. * krb5_free_string releases a string (for the krb5_cc_get_full_name result). All of these are from Heimdal except for krb5_free_string (Heimdal uses krb5_xfree). ticket: 6954 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25155 dc483132-0cff-0310-8789-dd5450dbe970
* Silence various "may be used uninitialized" warnings from GCC causedKen Raeburn2011-09-052-2/+2
| | | | | | | | | by it not figuring out the control flow (initialization and use both tied to some other variable). DB2 code not included. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25146 dc483132-0cff-0310-8789-dd5450dbe970
* Reindent per krb5-batch-reindent.el.Ken Raeburn2011-09-0413-80/+79
| | | | | | | Some minor reformatting added in places to avoid exceeding 80 columns. Used Emacs 22.1 built-in C mode. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25144 dc483132-0cff-0310-8789-dd5450dbe970
* Fix cross-realm traversal TGT requestsGreg Hudson2011-09-011-1/+1
| | | | | | | | | | | | When requesting a cross-realm TGT, use the KDC instance of the current TGT (the second data component), not the realm which the TGT came from. ticket: 6952 target_version: 1.9.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25121 dc483132-0cff-0310-8789-dd5450dbe970
* Fix signed/unsigned warnings in testsEzra Peisach2011-08-241-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25113 dc483132-0cff-0310-8789-dd5450dbe970
* Use portable path functions when loading pluginsGreg Hudson2011-08-071-30/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25075 dc483132-0cff-0310-8789-dd5450dbe970
* Remove t_vfyincreds on make cleanEzra Peisach2011-07-261-2/+3
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25053 dc483132-0cff-0310-8789-dd5450dbe970
* Remove declaration of static function that no longer existsEzra Peisach2011-07-251-3/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25052 dc483132-0cff-0310-8789-dd5450dbe970
* PAC_CLIENT_INFO principal names do not contain a realm, so parse themGreg Hudson2011-07-251-1/+2
| | | | | | | | | | with the KRB5_PRINCIPAL_PARSE_NO_REALM flag. Otherwise we'll wind up using the default realm (and then ignoring it) which fails if one isn't configured. ticket: 6934 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25050 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up a number of variables set but not used warningsEzra Peisach2011-07-242-8/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25041 dc483132-0cff-0310-8789-dd5450dbe970
* Add krb5_init_context_profile APIGreg Hudson2011-07-201-19/+20
| | | | | | ticket: 6929 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25026 dc483132-0cff-0310-8789-dd5450dbe970
* make dependEzra Peisach2011-07-011-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25007 dc483132-0cff-0310-8789-dd5450dbe970
* Fix memory leak introduced in r24969Greg Hudson2011-06-231-0/+1
| | | | | | | The new context field plugin_base_dir wasn't being freed on context deletion. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24985 dc483132-0cff-0310-8789-dd5450dbe970
* Convert preauth_plugin.h to new plugin frameworkGreg Hudson2011-06-176-240/+219
| | | | | | | | | | | | | | | | | | | | | | | | The preauth plugin interface was introduced in 1.6 but was never made a public API. In preparation for making it public in 1.10, convert it to use the new plugin framework. This will require changes to any existing preauth plugins. A number of symbols were renamed for namespace cleanliness, and abstract types were introduced for module data and module per-request data for better type safety. On the consumer end (preauth2.c and kdc_preauth.c), this is a pretty rough conversion. Eventually we should create proper consumer APIs with module handles, and the flat lists of preauth types should hold pointers to module handles rather than copies of the vtables. The built-in preauth type handlers should then be converted to built-in module providers linked into the consumer code (as should encrypted challenge, since it has no external dependencies). None of this will impact the provider API for preauth plugins, so it can wait. ticket: 6921 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24970 dc483132-0cff-0310-8789-dd5450dbe970
* Add k5_plugin_register_dyn internal APIGreg Hudson2011-06-173-27/+68
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24969 dc483132-0cff-0310-8789-dd5450dbe970
* Mark up strings for translationGreg Hudson2011-06-1011-56/+61
| | | | | | ticket: 6918 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24961 dc483132-0cff-0310-8789-dd5450dbe970
* Restore fallback non-referral TGS request to same realmGreg Hudson2011-06-031-12/+10
| | | | | | | | | | | | | | | MIT krb5 1.2 and earlier KDCs reject TGS requests if the canonicalize bit is set. Prior to 1.9, we used to handle this by making a non-referral fallback request on any error, but the rewrite in 1.9 mistakenly changed the behavior so that fallback requests are only made if the original request used the referral realm and the fallback realm is different from the default realm. Restore the old behavior. ticket: 6917 target_version: 1.9.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24946 dc483132-0cff-0310-8789-dd5450dbe970
* Restore krb5_get_credentials caching for referral requestsGreg Hudson2011-05-261-0/+5
| | | | | | | | | | | | | | | The krb5_get_credentials() rewrite for IAKERB accidentally omitted the final step of restoring the requested realm in the output credentials. As a result, referral entries are not cached, and the caller sees the actual realm in (*out_creds)->server instead of the referral realm as before. Fix this in complete() by swapping ctx->req_server into ctx->reply_creds->server. ticket: 6916 target_version: 1.9.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24945 dc483132-0cff-0310-8789-dd5450dbe970
* In mk_rd_cred if recv_subkey in the authentication context is NULL and the ↵Zhanna Tsitkov2011-05-161-23/+42
| | | | | | decryption with the session key fails, do not try to decrypt the message with the session key again. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24934 dc483132-0cff-0310-8789-dd5450dbe970
* Use hmac-md5 checksum for PA-FOR-USER padataGreg Hudson2011-05-141-8/+2
| | | | | | | | | | | | | | The MS-S4U documentation specifies that hmac-md5 be used for PA-FOR-USER checksums; we were using the mandatory checksum type for the key. Although some other checksum types appear to be allowed by Active Directory KDCs, Richard Silverman reports that md5-des is not one of them, causing S4U2Self requests to fail for DES keys. ticket: 6912 target_version: 1.9.2 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24929 dc483132-0cff-0310-8789-dd5450dbe970
* Updated documentation for PAC API. Moved PAC type definitions into krb5.hinZhanna Tsitkov2011-05-131-8/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24928 dc483132-0cff-0310-8789-dd5450dbe970
* fix regression in r24853: PAC no longer exposedLuke Howard2011-05-091-1/+1
| | | | | | | | Windows PAC is not AD-KDCIssued, rather it is signed with the long-term service session key (or user-to-user key). Advertise this correctly in the internal authorization data SPI. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24922 dc483132-0cff-0310-8789-dd5450dbe970
* Properly release resources in krb5_copy_authenticator()Zhanna Tsitkov2011-04-281-3/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24904 dc483132-0cff-0310-8789-dd5450dbe970
* Refactor krb5int_rd_chpw_rep() and make it properly handle both framedGreg Hudson2011-04-252-328/+156
| | | | | | | | | | and unframed KRB-ERROR messages. Eliminate krb5int_rd_setpw_rep() and krb5int_setpw_result_code_string() by making the chpw versions of those functions handle RFC 3244 replies. ticket: 6893 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24899 dc483132-0cff-0310-8789-dd5450dbe970
* Documentation updates. Mostly GIC relatedZhanna Tsitkov2011-04-121-9/+4
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24875 dc483132-0cff-0310-8789-dd5450dbe970
* Add k5_kt_get_principal, an internal krb5 interface to try to get aGreg Hudson2011-04-081-23/+2
| | | | | | | | principal name from a keytab. Used currently by vfy_increds.c (in place of its static helper); will also be used when querying the name of the default gss-krb5 acceptor cred. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24859 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-09-29 05:17:52 +0000