summaryrefslogtreecommitdiffstats
path: root/src/lib
Commit message (Collapse)AuthorAgeFilesLines
...
* Add ASN.1 support for OTPGreg Hudson2012-08-234-17/+190
| | | | | | | Add encoders and decoders for the OTP-TOKENINFO, PA-OTP-CHALLENGE, PA-OTP-REQUEST, and PA-OTP-ENC-REQUEST types from RFC 6560. For more thorough testing, add support for generating test encodings using asn1c for sample objects (currently only for the OTP types).
* Clean up k5buf_to_gss helperGreg Hudson2012-08-232-5/+3
| | | | | | | k5buf_to_gss was used in only one place (generic_gss_oid_to_str), where we want to include the terminating null byte in the GSS buffer. Remove that assumption from the helper, and instead explicitly append the null byte to the buffer before translating.
* Fix apply_keysalt_policy bugGreg Hudson2012-08-151-1/+1
| | | | | | | | | If apply_keysalt_policy is called with null result arguments (as from kadm5_setkey_principal_3), we would dereference a null pointer if the principal has no policy or no policy allowed_keysalts field, due to an incorrect optimization. Reported by Nico. ticket: 7223
* Remove obsolete function krb5_secure_config_filesZhanna Tsitkov2012-08-143-27/+0
|
* Use gssalloc in krb5_gss_export_nameGreg Hudson2012-08-111-1/+1
| | | | | | | krb5_gss_export_name uses malloc to construct a gss_buffer_desc value, and should use gssalloc_malloc instead. ticket: 7233
* Stop misusing gss_release_buffer in libgssrpcGreg Hudson2012-08-113-15/+11
| | | | | | | Use free() instead of gss_release_buffer() when freeing buffers in libgssrpc which weren't constructed by GSSAPI. This mixing is harmless in normal configurations (since libgssrpc is only used on Unix), but fails with DEBUG_GSSALLOC.
* Use gssalloc in more parts of GSSAPIGreg Hudson2012-08-115-11/+13
| | | | | | | | | Fix some GSSAPI buffer allocations which were missed in 800358b1790ef82710af0b6021c6ff2dca2b0de7: gss_export_sec_context, gss_display_name, and IAKERB and SPNEGO token construction. ticket: 7233 (new) tags: pullup
* Add debug mode to gssapi_alloc.hGreg Hudson2012-08-113-23/+79
| | | | | | | | | | Because the gssalloc macros are normally equivalent to malloc and free on Unix, we cannot use the full test suite to find cases where we allocate with malloc and free with gssalloc_free or vice versa. Provide a way to test for this kind of bug (if only in a special build configuration) by supporting a DEBUG_GSSALLOC symbol, which causes the gssalloc wrappers to be deliberately incompatible with malloc and free.
* Remove gss_mechanism_extSimo Sorce2012-08-085-124/+26
| | | | | | | | This function did not serve any useful purpose. Remove it and the special case it creates; move the only function it contained to the main gss_mechanism structure where it belongs. Note that the function name is preserved so that loadable modules are not affected by this change.
* Fix memory leak parsing name with default realmGreg Hudson2012-08-071-0/+1
| | | | | | | After 74beb75bb07e3921d10c8eec05eacb1f393e5e44, allocate_princ() allocates a one-byte realm field even if the principal doesn't have one, so if we're replacing it with the default realm, we need to free that.
* Turn off replay cache in krb5_verify_init_creds()Nalin Dahyabhai2012-08-061-0/+9
| | | | | | | The library isn't attempting a replay attack on itself, so any detected replays are only going to be false-positives. ticket: 7229 (new)
* Pass the actual mech oid in creds functionsSimo Sorce2012-08-062-11/+34
| | | | | | This way the mechanism handler knows what mech type is intended. This allows plugin that implement multiple mechanisms or interposer plugins to know what they are being asked to do.
* Always consider desired_mechs empty in spnego (2)Simo Sorce2012-08-061-9/+7
| | | | | | | | Follow previous change to add_cred_from. The only case where the spnego gss_*_cred_* functions can be called with specific OIDs is if the mechglue calls spnego with the spengo oid, which we never want to loop on anyway. So always consider it as null, it's the correct behavior with current semantics.
* Reuse code to free gss_mech_info structureSimo Sorce2012-08-051-21/+4
|
* Always consider desired_mechs empty in spnegoSimo Sorce2012-08-031-18/+4
| | | | | | | The only case where the spnego gss_aquire_cred function can be called with specific OIDs is if the mechglue calls spenego with the spengo oid, which we never want to loop on anyway. So always consider it as null, it's the correct behavior with current semantics.
* Make gss_ctx_id_t truly opaqueSimo Sorce2012-08-035-6/+6
| | | | | | This allows us to still use it for type safety in the APIs while at the same time prevent code from trying to dereference internal_ctx_id by mistake.
* Fix oid set construction in gss_inquire_cred()Kevin Wasserman2012-08-021-22/+10
| | | | | | | | | | | Use gssapi calls to construct the oid sets. It is not safe on windows to use malloc to hand-construct the set and then call gss_release_oid_set() to clean it up. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7227 (new) tags: pullup
* Explain memory allocation policy in oid_ops.cGreg Hudson2012-08-011-0/+7
|
* Add %{username} token to path expansionGreg Hudson2012-08-012-2/+26
| | | | | | | | For Unix-like platforms, add %{username} to the path expansion facility, expanding to the result of getpwuid on the euid. Also, for manual testing convenience, make t_expand_path print the result if no second argument is given.
* Fix KDC heap corruption vuln [CVE-2012-1015]Tom Yu2012-08-011-0/+3
| | | | | | | | | | | | | | | | | | | | Fix KDC heap corruption vulnerability [MITKRB5-SA-2012-001 CVE-2012-1015]. The cleanup code in kdc_handle_protected_negotiation() in kdc_util.c could free an uninitialized pointer in some error conditions involving "similar" enctypes and a failure in krb5_c_make_checksum(). Additionally, adjust the handling of "similar" enctypes to avoid advertising enctypes that could lead to inadvertent triggering of this vulnerability (possibly in unpatched KDCs). Note that CVE-2012-1014 (also described in MITKRB5-SA-2012-001) only applies to the krb5-1.10 branch and doesn't affect the master branch or releases prior to krb5-1.10. ticket: 7225 (new) target_version: 1.9.5 tags: pullup
* Constify krb5_string_to_keysalts()'s string argNicolas Williams2012-07-303-12/+14
|
* Policy extensions + new policy: allowed ks typesNicolas Williams2012-07-3018-83/+504
| | | | | | | | | | | | | | | | | This simply adds KADM5_API_VERSION_4 and various fields to the policy structures: - attributes (policy-ish principal attributes) - max_life (max ticket life) - max_renewable_life (max ticket renewable life) - allowed_keysalts (allowed key/salt types) - TL data (future policy extensions) Of these only allowed_keysalts is currently implemented. Some refactoring of TL data handling is also done. ticket: 7223 (new)
* Minor fixes to expand_path.cGreg Hudson2012-07-251-35/+24
| | | | | | | Corrections to stuff noticed by kaduk: * Eliminate a space before paren in a call to free(). * Use %lu for unsigned long in format strings. * Simplify the tokens table definition.
* Support changing the built-in ccache/keytab namesGreg Hudson2012-07-244-12/+4
| | | | | | | | | | | | | | * Add DEFCCNAME, DEFKTNAME, and DEFCKTNAME configure variables to change the built-in ccache and keytab names. * Add krb5-config options to display the built-in ccache and keytab names. * In the default build, use krb5-config to discover the system's built-in ccache and keytab names and use them (if not overridden). This can be controlled with the --with-krb5-config=PATH or --without-krb5-config configure options. * Make the built-in ccache name subject to parameter expansion. ticket: 7221 (new)
* Add default_ccache_name profile variableGreg Hudson2012-07-241-1/+10
| | | | | | | Like default_keytab_name and default_client_keytab_name, default_ccache_name is subject to parameter expansion. ticket: 7220 (new)
* Rearrange ccdefname.c slightlyGreg Hudson2012-07-241-91/+53
| | | | | | | | Eliminate the USE_CCAPI variant of get_from_os() which was only used in KfM. Make get_from_os() allocate its result (wrapping the Windows implementation so it can continue to use a fixed-size buffer). Simplify krb5_cc_set_default_name() and krb5_cc_default_name(). Make some minor style adjustments.
* Add token expansion for keytab namesGreg Hudson2012-07-241-56/+44
| | | | | | | Make the default_keytab_name and default_client_keytab_name variables subject to parameter expansion. ticket: 7219 (new)
* Add internal path expansion functionsGreg Hudson2012-07-245-4/+577
| | | | | | | | Add an adapted version of Heimdal's expand_path.c, defining k5_expand_path_tokens() and k5_expand_path_tokens_extra(). These functions allow template paths like %{TEMP}/krb5cc_%{uid} to be resolved. Also add a test program to exercise the path expansion code.
* Implement credential store support in spnegoSimo Sorce2012-07-202-15/+55
|
* Implement credential store support for krb5 mechSimo Sorce2012-07-206-27/+263
|
* Introduce credential store extensionsSimo Sorce2012-07-205-32/+269
| | | | | | | | | Add new APIs gss_acquire_cred_from, gss_add_cred_from, and gss_store_cred_into, which take additional argments to specify the location of the credential storage using a key-value map, where keys are interpreted by the mechanisms. ticket: 7217 (new)
* Use internal release function in oid_ops.cSimo Sorce2012-07-181-1/+1
| | | | | In the end the internal one is called in all cases, but it seem cleaner to use the internal one instead of relying on the redirection.
* In g_oid_ops.c, remove an unneeded declarationSimo Sorce2012-07-181-3/+0
| | | | The code that used it is no longer in this file.
* krb5_stdccv3_get_principal error handling fixupKevin Wasserman2012-07-161-1/+3
| | | | | | | | | Don't treat an error returned by krb5_parse_name as a cc-internal error. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7214 (new) tags: pullup
* fix leak in cc_mslsa.cKevin Wasserman2012-07-161-0/+2
| | | | | | | | cc_name needs to be freed in krb5_lcc_close(). Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7213
* Fix macro redefinition warnings in cc_mslsa.cKevin Wasserman2012-07-161-1/+2
| | | | | | | | Include ntstatus.h and define WIN32_NO_STATUS before including winnt.h Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7213
* Implement cccol iterators for mslsaKevin Wasserman2012-07-161-7/+61
| | | | | | | | | Also implement switch_to stub Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7213 (new) tags: pullup
* MSLSA Don't use lstrcpy on ANSI stringsKevin Wasserman2012-07-161-11/+3
| | | | | | | | | Also change parameter types to eliminate casts. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7212 (new) tags: pullup
* define USE_HEAPALLOC in gssapi_alloc.hKevin Wasserman2012-07-161-4/+7
| | | | | | | | Easier to disable for testing. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7211 (new)
* Build lib/krb5/ccache/ccapi on Windows onlyKevin Wasserman2012-07-161-0/+1
| | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7209
* Define USE_CCAPI_V3 in krb5/ccache on windowsKevin Wasserman2012-07-162-1/+1
| | | | | | | | | USE_CCAPI_V3 provides cccol iteration support for ccapi. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7209 (new) tags: pullup
* __func__ -> __FUNCTION__ in disp_status.cKevin Wasserman2012-07-161-4/+4
| | | | | | | | | For MSVC compatibility Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7208 (new) tags: pullup
* Don't use syslog / LOG_DEBUG when they don't existKevin Wasserman2012-07-161-1/+1
| | | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7207 (new) tags: pullup
* Rename 'free' -> 'free_func' in asn1_encode.c/.hKevin Wasserman2012-07-162-3/+3
| | | | | | | | | MSVC memory tracking tools do '#define free(p) _dbg_free(...)'. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7205 (new) tags: pullup
* kfw add preauth_sam2 to OBJS for windows buildKevin Wasserman2012-07-161-0/+1
| | | | | | Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7203 (new) tags: pullup
* Fix error handling in allocate_princ()Greg Hudson2012-07-131-2/+4
| | | | | The most recent change could leak memory when trying to parse an invalid principal because of a failure to use the cleanup handler.
* Replace // comment in ccdefname.cGreg Hudson2012-07-131-1/+1
|
* Add krb5int_cc_user_set_default_nameKevin Wasserman2012-07-112-4/+55
| | | | | | | | | | | | | Set the default credential cache name for all processes for the current user. Currently implemented, for windows only, by setting HKEY_CURRENT_USER\Software\MIT\Kerberos5:ccname to the specified ccache name. This will not override the environment variable 'KRB5CCNAME'. It will override HKEY_LOCAL_MACHINE and 'indirect' registry values. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7199 (new) tags: pullup
* Implement switch_to for ccapiv3Kevin Wasserman2012-07-112-0/+27
| | | | | | | | | | | krb5_stdccv3_switch_to() calls cc_ccache_set_default(). krb5_stdccv3_resolve() checks for NULL or empty residual and calls cc_context_get_default_ccache_name() in those cases. Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> ticket: 7198 (new) tags: pullup
* Automatically create DIR ccache directoriesGreg Hudson2012-07-112-2/+3
| | | | | | | | If the directory for a DIR ccache doesn't exist yet, try to create it (but not its parents) with mode 700. Exercise this in test scripts by not pre-creating directories. ticket: 7196 (new)
generated by cgit (git 2.34.1) at 2025-09-26 08:28:41 +0000