summaryrefslogtreecommitdiffstats
path: root/src/lib/krb5
Commit message (Collapse)AuthorAgeFilesLines
* Factor out the address checks in krb5_rd_safe and krb5_rd_priv intoGreg Hudson2011-04-024-171/+105
| | | | | | a new function k5_privsafe_check_addrs. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24806 dc483132-0cff-0310-8789-dd5450dbe970
* In libkrb5, move krb5int_auth_con_chkseqnum to a new file privsafe.c,Greg Hudson2011-04-026-170/+203
| | | | | | | renamed to k5_privsafe_check_seqnum. Declare it in int-proto.h rather than k5-int.h. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24805 dc483132-0cff-0310-8789-dd5450dbe970
* When doing S4U2Self for the anon principal, use the server realmLuke Howard2011-04-021-4/+12
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24793 dc483132-0cff-0310-8789-dd5450dbe970
* s4u2proxy_set_attribute should only return EPERM for its own attributeLuke Howard2011-04-011-8/+2
| | | | | | Failure to do this breaks other attribute providers' set_attribute() git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24775 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_cc_move if something went wrong, free the dst credential cacheZhanna Tsitkov2011-03-291-2/+8
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24754 dc483132-0cff-0310-8789-dd5450dbe970
* If the new configuration data that is passed to krb5_cc_set_config is NULL, ↵Zhanna Tsitkov2011-03-291-45/+51
| | | | | | | | just remove the old configuration. Moved short krb5_cc_set_config usage example from krb5.hin into the separate file. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24753 dc483132-0cff-0310-8789-dd5450dbe970
* Static function names should not have krb5_ prefixZhanna Tsitkov2011-03-291-12/+14
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24751 dc483132-0cff-0310-8789-dd5450dbe970
* Use first principal in keytab when verifying credsGreg Hudson2011-03-284-25/+171
| | | | | | | | | | In krb5_verify_init_creds(), use the first principal in the keytab to verify the credentials instead of the result of krb5_sname_to_principal(). Also add tests. ticket: 6887 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24749 dc483132-0cff-0310-8789-dd5450dbe970
* Move doxygen comments from source to header. Updated comments and added some ↵Zhanna Tsitkov2011-03-181-42/+2
| | | | | | | | usage examples. Affected functions: krb5_cc_get_config, krb5_cc_set_config, krb5_is_config_principal git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24728 dc483132-0cff-0310-8789-dd5450dbe970
* Resolve a few miscellaneous warningsGreg Hudson2011-03-148-20/+17
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24703 dc483132-0cff-0310-8789-dd5450dbe970
* Remove ser_eblk.c, which has been unused since r11001 (October 1998)Greg Hudson2011-03-091-255/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24697 dc483132-0cff-0310-8789-dd5450dbe970
* Adjust most C source files to match the new standards for copyrightGreg Hudson2011-03-09226-1047/+532
| | | | | | and license comments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24695 dc483132-0cff-0310-8789-dd5450dbe970
* On make clean remove test programs and object files. In lib/krb5/krbEzra Peisach2011-03-062-1/+14
| | | | | | make depend as a test program was missed from the source list. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24687 dc483132-0cff-0310-8789-dd5450dbe970
* Make dependGreg Hudson2011-02-257-668/+575
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24662 dc483132-0cff-0310-8789-dd5450dbe970
* Remember to free the result of getaddrinfo() in the new sendto_kdcGreg Hudson2011-02-231-0/+1
| | | | | | | | code. ticket: 6868 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24651 dc483132-0cff-0310-8789-dd5450dbe970
* Fix memory leak in t_expire_warnEzra Peisach2011-02-231-0/+1
| | | | | | | | | Free context. Allows one to look for new leaks introduced in other pathways. ticket: 6872 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24650 dc483132-0cff-0310-8789-dd5450dbe970
* Don't reject AP-REQs based on PACsGreg Hudson2011-02-161-35/+11
| | | | | | | | | | | | | | | | | Experience has shown that it was a mistake to fail AP-REQ verification based on failure to verify the signature of PAC authdata contained in the ticket. We've had two rounds of interoperability issues with the hmac-md5 checksum code, an interoperability issue OSX generating unsigned PACs, and another problem where PACs are copied by older KDCs from a cross-realm TGT into the service ticket. If a PAC signature cannot be verified, just don't mark it as verified and continue on with the AP exchange. ticket: 6870 target_version: 1.9.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24640 dc483132-0cff-0310-8789-dd5450dbe970
* Untabify trace.c (tabs crept in when the file was created)Greg Hudson2011-02-131-14/+14
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24636 dc483132-0cff-0310-8789-dd5450dbe970
* Defer hostname lookups in krb5_sendto_kdcGreg Hudson2011-02-1310-767/+588
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Restructure the locate_kdc and sendto_kdc code to defer getaddrinfo calls until we need the answer. This requires many changes: * struct addrlist is now called struct serverlist, and is declared in os-proto.h instead of k5-int.h. It contains an array of struct server_entry structures which can hold either a name or an address. (Address entries are used for locate_kdc module results.) * The connection state list is now a linked list, and holds address information directly instead of using a struct addrinfo (this simplifies memory management). Each connection entry contains a callback buffer (previously stored in a separate array) and an index into the server list. * The {addrstate} trace formatting primitive is no longer needed, and has been replaced by {connstate}. There is also a new tracing event for resolving hostnames. * locate_server, locate_kdc, free_serverlist, and sendto get their prefixes changed from krb5int_ to k5_ as their prototypes were being adjusted anyway. The family argument is gone from the locate functions as it was never productively used. k5_sendto now receives the socket types of interest. * krb5_sendto_kdc will now pass a 0 socktype to k5_locate_kdc if both socket types are wanted. There were some allowances for this in locate but this was never previously done. In order to be conservative when invoking locate modules, we always pass an explicit socktype, thus calling lookup twice (as we did before, albeit with a separate init/fini cycle) in the common case. When creating hostname entries in serverlist from profile configuration, we preserve the 0 value of socktype, and later create both TCP and UDP addresses from the getaddrinfo results when the host is resolved. * Some accessor functions previously used by libkrb4 have been removed as they impinged upon this work. ticket: 6868 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24635 dc483132-0cff-0310-8789-dd5450dbe970
* Trace logging file descriptor leakGreg Hudson2011-02-131-0/+1
| | | | | | | | | | | | | File descriptors created for trace logging were never being closed. With short-lived contexts this leak would eventually overflow the process's file table. Correct this oversight by closing the file descriptor in file_trace_cb before freeing its container. ticket: 6867 target_version: 1.9.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24634 dc483132-0cff-0310-8789-dd5450dbe970
* Reposition a trace call which was dereferencing freed memory afterGreg Hudson2011-02-131-1/+2
| | | | | | | | r24616. ticket: 6855 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24633 dc483132-0cff-0310-8789-dd5450dbe970
* Add missing KRB5_USE_INET6 ifdefs around some bits of IPv6 code whichGreg Hudson2011-02-091-0/+2
| | | | | | | | didn't have them. From aberry@likewise.com. ticket: 6857 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24620 dc483132-0cff-0310-8789-dd5450dbe970
* Fix seg faulting trace log message for use of fallback realmGreg Hudson2011-02-081-1/+1
| | | | | | | | | | | The call to TRACE_TKT_CREDS_FALLBACK in get_creds.c was supplying the wrong argument, causing a crash. ticket: 6856 target_version: 1.9.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24618 dc483132-0cff-0310-8789-dd5450dbe970
* Improve acceptor name flexibilityGreg Hudson2011-02-075-92/+178
| | | | | | | | | | | | | | | | | | | | | | Be more flexible about the principal names we will accept for a given GSS acceptor name. Also add support for a new libdefaults profile variable ignore_acceptor_hostname, which causes the hostnames of host-based service principals to be ignored when passed by server applications as acceptor names. Note that we still always invoke krb5_sname_to_principal() when importing a gss-krb5 mechanism name, even though we won't always use the result. This is an unfortunate waste of getaddrinfo/getnameinfo queries in some situations, but the code surgery necessary to defer it appears too risky at this time. The project proposal for this change is at: http://k5wiki.kerberos.org/wiki/Projects/Acceptor_Names ticket: 6855 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24616 dc483132-0cff-0310-8789-dd5450dbe970
* Add a trace log event for unrecognized enctypes in a profile enctypeGreg Hudson2011-01-212-6/+9
| | | | | | list. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24602 dc483132-0cff-0310-8789-dd5450dbe970
* Renamed static function krb5_rd_safe_basic into rd_safe_basic to avoid ↵Zhanna Tsitkov2011-01-181-5/+5
| | | | | | confusion with API git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24599 dc483132-0cff-0310-8789-dd5450dbe970
* In t_expire_warn.py, put the hashbang line at the top, instead ofGreg Hudson2011-01-181-1/+2
| | | | | | after the copyright comments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24598 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_set_realm():Greg Hudson2011-01-121-4/+5
| | | | | | | | * Return EINVAL and ENOMEM correctly. * Accept an empty realm instead of returning EINVAL. * Wrap a long line. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24595 dc483132-0cff-0310-8789-dd5450dbe970
* Asn.1 decode related file rearrangement. It was made based on the following ↵Zhanna Tsitkov2011-01-1110-1292/+1560
| | | | | | | | | | criteria: 1. based on functionality (for example, kdc-only code) 2. Well defined clusters of functions (fast, sam). git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24593 dc483132-0cff-0310-8789-dd5450dbe970
* Remove an unnecessary clause from safe_cksumtype() which served onlyGreg Hudson2010-12-161-1/+1
| | | | | | to create a theoretical (but impossible in practice) memory leak. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24581 dc483132-0cff-0310-8789-dd5450dbe970
* memory leak in changepw.cTom Yu2010-12-141-0/+1
| | | | | | | | | | Apply patch from Marcus Watts to avoid a memory leak in changepw.c. ticket: 6841 tags: pullup target_version: 1.9 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24567 dc483132-0cff-0310-8789-dd5450dbe970
* Fix a regression in the client-side ticket renewal code where KDCGreg Hudson2010-12-141-1/+4
| | | | | | | | | | | | options were not folded into the renewal request (most notably, the KDC_OPT_RENEWABLE flag), so we didn't request renewable renewed tickets. Add a simple test case for ticket renewal. ticket: 6838 tags: pullups target_version: 1.9 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24566 dc483132-0cff-0310-8789-dd5450dbe970
* typo in plugin-related error messageTom Yu2010-12-141-1/+1
| | | | | | | | | | Apply patch from Marcus Watts to fix error message typo. ticket: 6840 tags: pullup target_version: 1.9 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24565 dc483132-0cff-0310-8789-dd5450dbe970
* handle MS PACs that lack server checksumTom Yu2010-12-101-1/+26
| | | | | | | | | | | | | | | | | | | | | | target_version 1.9 tags: pullup Apple Mac OS X Server's Open Directory KDC issues MS PAC like authorization data that lacks a server checksum. If this checksum is missing, mark the PAC as unverfied, but allow krb5int_authdata_verify() to succeed. Filter out the unverified PAC in subsequent calls to krb5_authdata_get_attribute(). Add trace points to indicate where this behavior occurs. Thanks to Helmut Grohne for help with analysis. This bug is also Debian Bug #604925: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=604925 This change should also get backported to krb5-1.8.x. ticket: 6839 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24564 dc483132-0cff-0310-8789-dd5450dbe970
* SA-2010-007 Checksum vulnerabilities (CVE-2010-1324 and others)Greg Hudson2010-11-305-46/+67
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix multiple checksum handling bugs, as described in: CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021 * Return the correct (keyed) checksums as the mandatory checksum type for DES enctypes. * Restrict simplified-profile checksums to their corresponding etypes. * Add internal checks to reduce the risk of stream ciphers being used with simplified-profile key derivation or other algorithms relying on the block encryption primitive. * Use the mandatory checksum type for the PKINIT KDC signature, instead of the first-listed keyed checksum. * Use the mandatory checksum type when sending KRB-SAFE messages by default, instead of the first-listed keyed checksum. * Use the mandatory checksum type for the t_kperf test program. * Use the mandatory checksum type (without additional logic) for the FAST request checksum. * Preserve the existing checksum choices (unkeyed checksums for DES enctypes) for the authenticator checksum, using explicit logic. * Ensure that SAM checksums received from the KDC are keyed. * Ensure that PAC checksums are keyed. ticket: 6827 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24538 dc483132-0cff-0310-8789-dd5450dbe970
* Use for loops for recursion in the Windows build, cutting down on theGreg Hudson2010-11-2810-71/+11
| | | | | | | | | verbiage in Makefile.in files. For correctness of output, every Makefile.in mydir= definition is changed to use $(S) instead of /. ticket: 6826 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24536 dc483132-0cff-0310-8789-dd5450dbe970
* Fix Windows buildGreg Hudson2010-11-257-14/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Repair the Windows build. Tested with the prepare-on-Unix method. Some specific changes include: * Removed the IPC finalizer (no longer used after r20787) from ccapi/lib/ccapi_ipc.c, as it was creating a difficult dependency chain for the pingtest build in ccapi/test. Also updated pingtest to use the k5_ipc_stream interfaces since cci_stream is gone. * Reverted the apparently non-functional r20277. * klist -V prints just "Kerberos for Windows", since it has no access to PACKAGE_NAME and PACKAGE_VERSION from autoconf. This should be addressed correctly. * krb5, telnet, gssftp, and NIM are removed from the build. * Some files had CRLFs; these were replaced with LFs and the svn:eol-style property set on the files. Otherwise the CRLFs became CRCRLFs after the zip transfer. * Windows does not have opendir/readdir, so added Windows code to prof_parse.c for includedir. Probable fodder for a libkrb5support portability shim. ticket: 6826 target_version: 1.9 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24533 dc483132-0cff-0310-8789-dd5450dbe970
* Update krb5_gic_opt_private and related code to reflect the change ofTom Yu2010-11-231-1/+1
| | | | | | | | | krb5_expire_callback_func from a function typedef to a function pointer typedef. This was causing segfaults. ticket: 6825 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24532 dc483132-0cff-0310-8789-dd5450dbe970
* Export krb5_tkt_creds_getGreg Hudson2010-11-231-0/+1
| | | | | | | | | | krb5_tkt_creds_get was overlooked in the export list; add it. ticket: 6824 target_version: 1.9 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24528 dc483132-0cff-0310-8789-dd5450dbe970
* Implement Camellia-CTS-CMAC instead of Camellia-CCMGreg Hudson2010-11-202-7/+7
| | | | | | | | | | | Replace the Camellia-CCM enctypes with Camellia-CTS-CMAC. Still not compiled in by default since we don't have enctype assignments yet. ticket: 6822 target_verion: 1.9 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24524 dc483132-0cff-0310-8789-dd5450dbe970
* krb5_get_error_message cannot return NULL, and returns "Success" onGreg Hudson2010-11-012-7/+4
| | | | | | error code 0. Simplify some overly paranoid code accordingly. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24489 dc483132-0cff-0310-8789-dd5450dbe970
* Don't fail out from krb5_get_credentials() if we can't store a ticketGreg Hudson2010-10-271-10/+4
| | | | | | | | into the ccache. ticket: 6812 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24488 dc483132-0cff-0310-8789-dd5450dbe970
* FILE keytabs have been able to handle write operations since krb5 1.7,Greg Hudson2010-10-261-31/+12
| | | | | | | | | | as an apparently unintended side effect of r20594. Clean up the code by combining the identical resolve functions for FILE and WRFILE, and removing the code to set up a WRFILE default keytab name in kadmin.c. Also fixes a slight display bug; k5test.py needs to be adjusted to expect the correct output. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24487 dc483132-0cff-0310-8789-dd5450dbe970
* WhitespaceGreg Hudson2010-10-241-1/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24479 dc483132-0cff-0310-8789-dd5450dbe970
* Try harder to retain the "brand" string in the shared libraryKen Raeburn2010-10-232-5/+14
| | | | | | | Make the brand array non-static, and actually use the value in (the infrequently-called) krb5_init_secure_context. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24471 dc483132-0cff-0310-8789-dd5450dbe970
* WhitespaceGreg Hudson2010-10-131-5/+7
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24454 dc483132-0cff-0310-8789-dd5450dbe970
* Fix leaks in get_init_creds interfaceSam Hartman2010-10-131-3/+9
| | | | | | | | | | | | | | | | | In Debian Bug 598032, Bastian Blank points out that there are two leaks in the get_init_creds interface: * Free ctx->request->padata after sending the KDC request so it is not overwritten the next time around the loop. * If options is NULL passed into krb5_get_init_creds_init, then set up a non-extended options structure so that krb5_get_init_creds_free will free the options. ticket: 6801 target_version: 1.9 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24452 dc483132-0cff-0310-8789-dd5450dbe970
* When returning KRB5_KT_NOTFOUND from krb5_ktfile_get_entry, set anGreg Hudson2010-10-111-1/+8
| | | | | | extended error message indicating which principal was not found. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24448 dc483132-0cff-0310-8789-dd5450dbe970
* Performance issue in LDAP policy fetchGreg Hudson2010-10-071-0/+1
| | | | | | | | | | Instead of performing a tree search to fill in the refcnt field of a policy object whenever a policy is fetched, set the refcnt to 0 and perform a check when policies are deleted. ticket: 6799 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24440 dc483132-0cff-0310-8789-dd5450dbe970
* set NT-SRV-INST on TGS principal namesTom Yu2010-10-061-1/+12
| | | | | | | | | | | | | | Set NT-SRV-INST on TGS principal names in get_in_tkt.c:build_in_tkt_name because Windows Server 2008 R2 RODC insists on it. Thanks to Bill Fellows for reporting this problem. ticket: 6798 tags: pullup target_version: 1.8.4 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24438 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2024-10-06 16:20:51 +0000