| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
| |
r24403 removed the old SAM support, but left behind the structures,
free functions, and ASN.1 encoders/decoders. Remove those now.
(SAM-2 support is still present.)
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25618 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
| |
Use data-driven encoders for all of the remaining types which still
used macros (primarily PKINIT types), and get rid of the macros. Do
not change any encoding behavior, but add some comments where behavior
differs from the spec.
DEFFNTYPE is now unused except for the kdc_req_body hack.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25617 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
| |
Add a new field type where the length offset indicates a distinguisher
and the data offset indicates a union address. The field's type is an
atype_choice containing a seq_info indexed by the distinguisher.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25616 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25615 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a field_info bit (the 32nd bit of the bitfields) indicating whether
the context tag is implicit, and support it in encode_a_field. Adjust
all field-generating macros and invocations to include the new bit
(always 0 for the moment).
For atype_tagged_thing, narrow the construction field to six bits and
add an implicit bit. We could remove the construction field if it
weren't for DEFOCTETWRAPPEDTYPE abusing atype_tagged_thing a little
bit, since (normal) explicit tags are always constructed and implicit
tag construction is computed from the base type.
Given how rarely implicit tagging is used, it might be nice to have
separate _IMPLICIT macros rather than an extra argument to every
field. But we already have separate _OPT macros for optional fields
and FIELDOF_STRING vs. FIELDOF_STRINGL, so we start to get a
combinatoric explosion in the number of macros.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25614 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In order to support implicit tagging, make it possible to ASN.1-encode
a value without its outer tag, instead remembering the construction
bit of the omitted tag.
A cleaner design would be to have separate functions for encoding a
value's contents and its tag. However, we can't do that for atype_fn
or atype_opaque, and the possible indirections between types and
fields mean we want to stay at the "encode everything" level for as
long as possible to allow implicit tagging of the largest possible
subset of types. If we can get rid of atype_fn, we may be able to
switch to the cleaner design with some adjustments to atype_opaque.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25613 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As part of implicit tag support, rework ASN.1 encoding primitives so
that they encode only content, not tags. Combine primitives which
become identical with this change. The new atype_primitive type
invokes a primitive encoder and adds a tag. atype_fn_len is split
into atype_string and atype_opaque, both of which are hardcoded to
use asn1_encode_bytestring.
For the encoders still using macros, create asn1_addprimitive,
asn1_addinteger, and asn1_addstring macros which call the primitive
encoder function and add a tag.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25612 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
Instead of including all of the possible type fields in struct
atype_info, use a pointer to a type-specific structure. This might
save a little space, but more importantly, if we get to the point of
exposing this stuff across plugin APIs, it allows ASN.1 type
information to be extensible via defining new atype_type values.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25611 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
| |
Add test cases for ASN.1 types which didn't previously have them.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25610 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
| |
r20923 inadvertently broke asn1_encode_subject_pk_info in the case
where algorithm.parameters.length == 0. Fortunately this case never
happens, but fix it anyway.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25607 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
| |
krb5_free_realm_string
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25606 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
| |
ticket: 6936
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25604 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Use the krb5_pa_data structure type when encoding or decoding
TYPED-DATA. Leave the krb5_typed_data structure definition in krb5.h
with a comment saying not to use it. Remove krb5_free_typed_data
(which was never declared in krb5.h). Remove some vestigial accessor
stuff related to PKINIT encoding and decoding TYPED-DATA, which was
unneeded since r25483. Bump the accessor structure version to 19
accordingly.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25601 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
| |
For consistency with the rest of the code base, make PKINIT use
krb5_data as a pointer/length container. Leave krb5_octet_data and
krb5_free_octet_data behind for API compatibility.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25600 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When producing the first SPNEGO security context token, if the first
mechanism's init_sec_context fails, fall back to a later mechanism.
This fixes a regression in 1.10 for SPNEGO initiators using non-krb5
credentials. The identity selection work causes errors to be deferred
from krb5's acquire_cred in some cases, which means SPNEGO doesn't see
an error until it tries the krb5 init_sec_context.
ticket: 6936
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25591 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
In spnego_gss_ctx_id_rec, store the set of negotiable mechanisms as
well as the currently selected internal_mech, which becomes an alias
into mech_set. In init_ctx_reselect, locate the acceptor's counter-
proposal in sc->mech_set and consider the token defective if it is not
found.
ticket: 7053
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25590 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If krb5_server_decrypt_ticket_keytab doesn't find a key of the
appropriate enctype in an iterable keytab, it returns 0 (without
decrypting the ticket) due to a misplaced initialization of retval.
This bug causes kinit -k to claim "keytab entry valid" when it
shouldn't. Reported by mark@mproehl.net.
ticket: 7051
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25584 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
| |
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7050
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25571 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
| |
If a get_credentials operation requires multiple TGS requests, we need
to free the subkey from previous requests before saving a new one.
ticket: 7049
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25536 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
krb5int_fast_prep_req remove tgs from request->padata and needs to
free it. get_creds.c needs to use a fresh FAST state for each TGS
request to avoid leaking armor keys.
ticket: 7026
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25535 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
| |
ticket: 7048
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25534 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
When the KDC verifies a PAC, it doesn't really need to check the
server signature, since it can't trust that anyway. Allow the caller
to pass only a TGT key.
ticket: 7048
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25532 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
Previous to this change, the GSS code avoids caching S4U2Proxy results
for fear of the memory cache growing without bound, but that seems
unlikely to be a serious problem. Allow these to be cached.
ticket: 7047
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25530 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The initial implementation of client-side S4U2Proxy support did not
allow delegated proxy credentials to be stored (gss_store_cred would
error out, and gss_krb5_copy_ccache would generate a non-working
cache). To make this work, we save the impersonator name in a cache
config variable and in a cred structure field (replacing the
proxy_cred flag), and make the default principal of the proxy cache
the subject principal as the caller would expect for a regular
delegated cred.
ticket: 7046
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25529 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25505 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the client application requests optimistic preauth for a preauth
type which uses the password, we don't have an etype-info2 to
interpret since we haven't talked to the KDC. So we need to guess an
enctype, salt, and s2k parameters. In 1.9 and prior, encrypted
timestamp contained code to use the first requested enctype in this
case, but encrypted challenge did not. In 1.10 prior to this change,
neither mechanism uses a reasonable default.
Set a default enctype in krb5_init_creds_init so that all
password-based preauth mechanisms will use a reasonable default in the
optimistic preauth case. The default salt and s2k parameters for this
case will be the principal-based default salt and the enctype-based
default parameters.
ticket: 7033
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25504 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
Signed-off-by: Alexey Melnikov <aamelnikov@gmail.com>
ticket: 7038
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25500 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7037
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25499 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
| |
Fix free of uninitialized memory in error case introduced in 1.10
development cycle.
ticket: 7036
tags: pullup
Target_Version: 1.10
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25498 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7035
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25497 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix for mk_cred.c: calloc() not malloc()
Avoid calling free() in cleanup on uninitialized sub-ptrs if error occurs.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7034
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25496 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
| |
Use current practices for parameter naming and resource cleanup.
Avoid a leak of local_dec_rep (now named dec_rep) if we take a "goto
cleanup" path.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25490 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25489 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
Implement RFC 6113 FAST TGS support.
Includes library support for a varient of explicit TGS armor that has not yet been proposed within the IETF.
ticket: 7026
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25488 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
| |
krb5int_fast_process_error: Allow out_padata and retry to be null for
TGS case. Refactor function to do more frees in the exit handling and
to declare variables at the top.
krb5int_fast_reply_key: input keyblock arguments should be const
ticket: 7025
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25487 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
subject: FAST PKINIT
target_version: 1.10
tags: pullup
Per RFC 6113 fast should use the inner request body for the pkinit
checksum. We did that on the KDC; now do so on the client. Remove
code that explicitly blocked pkinit under FAST.
Also, use the reply key *before* the strengthen key is applied when
verifying the PADATA_PKINIT_KX.
Add FAST pkinit test.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25486 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
| |
S_IREAD and S_IWRITE are ancient names for S_IRUSR and S_IWUSR, and
are not defined on some modern platforms (such as Android). Use the
POSIX names instead.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25485 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
| |
A last-minute code editing mistake crept into the previous commit; fix
it.
ticket: 7023
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25484 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change the clpreauth tryagain method to accept a list of pa-data,
taken either from the FAST response or from decoding the e_data as
either pa-data or typed-data. Also change the in_padata argument to
contain just the type of the request padata rather than the whole
element, since modules generally shouldn't care about the contents of
their request padata (or they can remember it).
In krb5int_fast_process_error, no longer re-encode FAST pa-data as
typed-data for the inner error e_data, but decode traditional error
e_data for all error types, and try both pa-data and typed-data
encoding.
In PKINIT, try all elements of the new pa-data list, since it may
contain FAST elements as well as the actual PKINIT array. (Fixes an
outstanding bug in FAST PKINIT.)
ticket: 7023
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25483 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Minor status codes were not displaying properly when originated from
the IAKERB mech, because of a safety check on mech_type. From Ralf
Haferkamp <rhafer@suse.de>.
ticket: 7020
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25482 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add an event_context callback to kdcpreauth. Adjust the internal KDC
and main loop interfaces to pass around the event context, and expose
it to kdcpreauth modules via the rock.
ticket: 7019
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25475 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
krb5 1.6 through 1.8 contained a workaround for the Active Directory
behavior of returning a TGS referral to the same realm as the request.
1.9 responds to this behavior by caching the returned TGT, trying
again, and detecting a referral loop. This is a partial regression of
ticket #4955. Detect this case and fall back to a non-referreal
request.
ticket: 7016
target_version: 1.9.3
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25472 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
| |
Add an assertion to ensure that the interface_names table in plugin.c
is updated when a new pluggable interface is added.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25471 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When the ccselect pluggable interface was added, the interface_names
table wasn't updated, so configuring modules for it wouldn't work.
Add it now.
ticket: 7015
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25470 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If we receive a PREAUTH_REQUIRED error and fail to generate any real
preauthentication, error out immediately instead of continuing to
generate non-preauthenticated requests until we hit the loop count.
There is a lot of room to generate a more meaningful error about why
we failed to generate preauth (although in many cases the answer may
be too complicated to explain in an error message), but that requires
more radical restructuring of the preauth framework.
ticket: 6430
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25469 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25437 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
| |
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25432 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Rename krb5int_check_clockskew to krb5_check_clockskew and make it
public, in order to give kdcpreauth plugins a way to check timestamps
against the configured clock skew.
ticket: 6996
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25424 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When using hmac-md5, the intermediate key length is the output of the
hash function (128 bits), not the input key length. Relevant if the
input key is not an RC4 key.
ticket: 6994
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25418 dc483132-0cff-0310-8789-dd5450dbe970
|
| |
|
|
|
|
|
|
|
|
| |
Rename krb5int_find_authdata to krb5_find_authdata and make it public.
ticket: 6992
target_version: 1.10
tags: pullup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25414 dc483132-0cff-0310-8789-dd5450dbe970
|
