| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
a new function k5_privsafe_check_addrs.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24806 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
renamed to k5_privsafe_check_seqnum. Declare it in int-proto.h rather
than k5-int.h.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24805 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24793 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
Failure to do this breaks other attribute providers' set_attribute()
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24775 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24754 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
just remove the old configuration.
Moved short krb5_cc_set_config usage example from krb5.hin into the separate file.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24753 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24751 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
In krb5_verify_init_creds(), use the first principal in the keytab
to verify the credentials instead of the result of
krb5_sname_to_principal(). Also add tests.
ticket: 6887
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24749 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
usage examples.
Affected functions: krb5_cc_get_config, krb5_cc_set_config, krb5_is_config_principal
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24728 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24703 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24697 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
and license comments.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24695 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
make depend as a test program was missed from the source list.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24687 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24662 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
code.
ticket: 6868
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24651 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
Free context. Allows one to look for new leaks introduced in other
pathways.
ticket: 6872
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24650 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Experience has shown that it was a mistake to fail AP-REQ verification
based on failure to verify the signature of PAC authdata contained in
the ticket. We've had two rounds of interoperability issues with the
hmac-md5 checksum code, an interoperability issue OSX generating
unsigned PACs, and another problem where PACs are copied by older KDCs
from a cross-realm TGT into the service ticket. If a PAC signature
cannot be verified, just don't mark it as verified and continue on
with the AP exchange.
ticket: 6870
target_version: 1.9.1
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24640 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24636 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Restructure the locate_kdc and sendto_kdc code to defer getaddrinfo
calls until we need the answer. This requires many changes:
* struct addrlist is now called struct serverlist, and is declared in
os-proto.h instead of k5-int.h. It contains an array of struct
server_entry structures which can hold either a name or an address.
(Address entries are used for locate_kdc module results.)
* The connection state list is now a linked list, and holds address
information directly instead of using a struct addrinfo (this
simplifies memory management). Each connection entry contains a
callback buffer (previously stored in a separate array) and an index
into the server list.
* The {addrstate} trace formatting primitive is no longer needed, and
has been replaced by {connstate}. There is also a new tracing event
for resolving hostnames.
* locate_server, locate_kdc, free_serverlist, and sendto get their
prefixes changed from krb5int_ to k5_ as their prototypes were being
adjusted anyway. The family argument is gone from the locate
functions as it was never productively used. k5_sendto now receives
the socket types of interest.
* krb5_sendto_kdc will now pass a 0 socktype to k5_locate_kdc if both
socket types are wanted. There were some allowances for this in
locate but this was never previously done. In order to be
conservative when invoking locate modules, we always pass an
explicit socktype, thus calling lookup twice (as we did before,
albeit with a separate init/fini cycle) in the common case. When
creating hostname entries in serverlist from profile configuration,
we preserve the 0 value of socktype, and later create both TCP and
UDP addresses from the getaddrinfo results when the host is
resolved.
* Some accessor functions previously used by libkrb4 have been removed
as they impinged upon this work.
ticket: 6868
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24635 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
File descriptors created for trace logging were never being closed.
With short-lived contexts this leak would eventually overflow the
process's file table. Correct this oversight by closing the file
descriptor in file_trace_cb before freeing its container.
ticket: 6867
target_version: 1.9.1
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24634 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
r24616.
ticket: 6855
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24633 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
didn't have them. From aberry@likewise.com.
ticket: 6857
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24620 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
The call to TRACE_TKT_CREDS_FALLBACK in get_creds.c was supplying the
wrong argument, causing a crash.
ticket: 6856
target_version: 1.9.1
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24618 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Be more flexible about the principal names we will accept for a given
GSS acceptor name. Also add support for a new libdefaults profile
variable ignore_acceptor_hostname, which causes the hostnames of
host-based service principals to be ignored when passed by server
applications as acceptor names.
Note that we still always invoke krb5_sname_to_principal() when
importing a gss-krb5 mechanism name, even though we won't always use
the result. This is an unfortunate waste of getaddrinfo/getnameinfo
queries in some situations, but the code surgery necessary to defer
it appears too risky at this time.
The project proposal for this change is at:
http://k5wiki.kerberos.org/wiki/Projects/Acceptor_Names
ticket: 6855
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24616 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
list.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24602 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
confusion with API
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24599 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
after the copyright comments.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24598 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
* Return EINVAL and ENOMEM correctly.
* Accept an empty realm instead of returning EINVAL.
* Wrap a long line.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24595 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
criteria:
1. based on functionality (for example, kdc-only code)
2. Well defined clusters of functions (fast, sam).
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24593 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
to create a theoretical (but impossible in practice) memory leak.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24581 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
Apply patch from Marcus Watts to avoid a memory leak in changepw.c.
ticket: 6841
tags: pullup
target_version: 1.9
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24567 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
| |
options were not folded into the renewal request (most notably, the
KDC_OPT_RENEWABLE flag), so we didn't request renewable renewed
tickets. Add a simple test case for ticket renewal.
ticket: 6838
tags: pullups
target_version: 1.9
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24566 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
Apply patch from Marcus Watts to fix error message typo.
ticket: 6840
tags: pullup
target_version: 1.9
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24565 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
target_version 1.9
tags: pullup
Apple Mac OS X Server's Open Directory KDC issues MS PAC like
authorization data that lacks a server checksum. If this checksum is
missing, mark the PAC as unverfied, but allow
krb5int_authdata_verify() to succeed. Filter out the unverified PAC
in subsequent calls to krb5_authdata_get_attribute(). Add trace
points to indicate where this behavior occurs.
Thanks to Helmut Grohne for help with analysis. This bug is also
Debian Bug #604925:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=604925
This change should also get backported to krb5-1.8.x.
ticket: 6839
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24564 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix multiple checksum handling bugs, as described in:
CVE-2010-1324
CVE-2010-1323
CVE-2010-4020
CVE-2010-4021
* Return the correct (keyed) checksums as the mandatory checksum type
for DES enctypes.
* Restrict simplified-profile checksums to their corresponding etypes.
* Add internal checks to reduce the risk of stream ciphers being used
with simplified-profile key derivation or other algorithms relying
on the block encryption primitive.
* Use the mandatory checksum type for the PKINIT KDC signature,
instead of the first-listed keyed checksum.
* Use the mandatory checksum type when sending KRB-SAFE messages by
default, instead of the first-listed keyed checksum.
* Use the mandatory checksum type for the t_kperf test program.
* Use the mandatory checksum type (without additional logic) for the
FAST request checksum.
* Preserve the existing checksum choices (unkeyed checksums for DES
enctypes) for the authenticator checksum, using explicit logic.
* Ensure that SAM checksums received from the KDC are keyed.
* Ensure that PAC checksums are keyed.
ticket: 6827
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24538 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
verbiage in Makefile.in files. For correctness of output, every
Makefile.in mydir= definition is changed to use $(S) instead of /.
ticket: 6826
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24536 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Repair the Windows build. Tested with the prepare-on-Unix method.
Some specific changes include:
* Removed the IPC finalizer (no longer used after r20787) from
ccapi/lib/ccapi_ipc.c, as it was creating a difficult dependency
chain for the pingtest build in ccapi/test. Also updated pingtest
to use the k5_ipc_stream interfaces since cci_stream is gone.
* Reverted the apparently non-functional r20277.
* klist -V prints just "Kerberos for Windows", since it has no access
to PACKAGE_NAME and PACKAGE_VERSION from autoconf. This should be
addressed correctly.
* krb5, telnet, gssftp, and NIM are removed from the build.
* Some files had CRLFs; these were replaced with LFs and the
svn:eol-style property set on the files. Otherwise the CRLFs became
CRCRLFs after the zip transfer.
* Windows does not have opendir/readdir, so added Windows code to
prof_parse.c for includedir. Probable fodder for a libkrb5support
portability shim.
ticket: 6826
target_version: 1.9
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24533 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
| |
krb5_expire_callback_func from a function typedef to a function
pointer typedef. This was causing segfaults.
ticket: 6825
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24532 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
krb5_tkt_creds_get was overlooked in the export list; add it.
ticket: 6824
target_version: 1.9
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24528 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
| |
Replace the Camellia-CCM enctypes with Camellia-CTS-CMAC. Still not
compiled in by default since we don't have enctype assignments yet.
ticket: 6822
target_verion: 1.9
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24524 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
error code 0. Simplify some overly paranoid code accordingly.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24489 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
| |
into the ccache.
ticket: 6812
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24488 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
as an apparently unintended side effect of r20594. Clean up the code
by combining the identical resolve functions for FILE and WRFILE, and
removing the code to set up a WRFILE default keytab name in kadmin.c.
Also fixes a slight display bug; k5test.py needs to be adjusted to
expect the correct output.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24487 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24479 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
| |
Make the brand array non-static, and actually use the value in (the
infrequently-called) krb5_init_secure_context.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24471 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24454 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In Debian Bug 598032, Bastian Blank points out that there are two
leaks in the get_init_creds interface:
* Free ctx->request->padata after sending the KDC request so it is not
overwritten the next time around the loop.
* If options is NULL passed into krb5_get_init_creds_init, then set up
a non-extended options structure so that krb5_get_init_creds_free will
free the options.
ticket: 6801
target_version: 1.9
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24452 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
| |
extended error message indicating which principal was not found.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24448 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
| |
Instead of performing a tree search to fill in the refcnt field of a
policy object whenever a policy is fetched, set the refcnt to 0 and
perform a check when policies are deleted.
ticket: 6799
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24440 dc483132-0cff-0310-8789-dd5450dbe970
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Set NT-SRV-INST on TGS principal names in
get_in_tkt.c:build_in_tkt_name because Windows Server 2008 R2 RODC
insists on it.
Thanks to Bill Fellows for reporting this problem.
ticket: 6798
tags: pullup
target_version: 1.8.4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24438 dc483132-0cff-0310-8789-dd5450dbe970
|