| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
|
| |
Include autoconf.h (either directly or via proxy) before system
headers, so that feature test macros defined there can affect the
system namespace. Where include order was changed, eliminate some
redundant or unnecessary includes.
ticket: 7961
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In create_identifiers_from_stack: check for allocation errors from
PKCS7_ISSUER_AND_SERIAL_new and M_ASN1_INTEGER_dup. Use
PKCS7_ISSUER_AND_SERIAL_free to more concisely clean up the OpenSSL
issuer variable, and make sure that any partially processed value is
cleaned up on error. Use calloc to allocate krb5_cas so that all of
its pointers are initially nulled, so that
free_krb5_external_principal_identifier can operate on it safely in
case of error. Eliminate the retval variable as it was not used
safely. Rename the error label from "cleanup" to "oom" and separate
it from the successful return path (which has nothing to clean up).
ticket: 7943 (new)
target_version: 1.12.2
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When constructing a draft9 PKINIT request, always include
KRB5_PADATA_AS_CHECKSUM padata to ask for an RFC 4556 ReplyKeyPack.
Do not accept a draft9 ReplyKeyPack in the KDC response.
For now, retain the krb5_reply_key_pack_draft9 ASN.1 codec and the KDC
support for generating a draft9 ReplyKeyPack when a draft9 PKINIT
request does not contain KRB5_PADATA_AS_CHECKSUM.
ticket: 7933
|
| |
|
|
|
|
|
|
| |
Remove the PKINIT Windows Server 2008 beta compatibility code
conditionalized under the "longhorn" variable. It is not required to
interoperate with any released version of Windows.
ticket: 7934 (new)
|
| |
|
|
|
|
| |
As contributed, the PKINIT module contained code to read the
pkinit_win2k variable, but never used it. Get rid of the structure
field and the code to populate it.
|
| |
|
|
|
|
| |
As contributed, the PKINIT code contained code to read a mapping
filename, but never used the resulting structure variable. Get rid of
the structure field and the code to populate it.
|
| |
|
|
|
|
|
|
|
|
|
| |
The CK_TOKEN_INFO label field is defined to be zero-filled, but it may
not be zero-terminated if all bytes of the field are used. Use only
length-counted operations to process it. Also avoid underrunning the
buffer pointer if the label is empty or contains only whitespace.
ticket: 7917
target_version: 1.12.2
tags: pullup
|
| |
|
|
|
|
|
|
|
|
|
| |
Passing invalid slot IDs to C_OpenSession can cause some PKCS #11
implementations (such as the Solaris one) to crash. If a PKINIT
identity specifies a slotid, use it to filter the result of
C_GetSlotList, but don't try it if it does not appear in the list.
ticket: 7916
target_version: 1.12.2
tags: pullup
|
| |
|
|
|
|
|
| |
Matching Subject Alternative Name from certificate with
pkinit_kdc_hostname value from krb5.conf should disregard case.
ticket: 7913 (new)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Use a library initializer to prevent multiple threads using PKINIT
from concurently initializing OpenSSL functions. For cases where
MT-safety is not assured by registering OpenSSL locking callbacks,
this significantly lowers the odds of crashes caused by races in
OpenSSL initialization. (If OpenSSL initialization functions are
called by some other thread directly, crashes are still possible.)
[ghudson@mit.edu: simplify code changes and commit message]
ticket: 6413
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Stop adding OIDs to the global OpenSSL table. It isn't thread-safe
(even with locking callbacks registered), and calling OBJ_cleanup
could break other uses of OpenSSL. Instead, use anonymous OIDs
created with OBJ_txt2oid. Anonymous OIDs need to be managed more
careful to avoid double-freeing, so create a copy before calling
PKCS7_add_signed_attribute, and don't free the result of
pkinit_pkcs7type2oid in cms_contentinfo_create.
ticket: 7889
|
| |
|
|
|
|
|
|
|
|
|
| |
pkinit_crypto_openssl.c currently creates a shadow entry for
id-pkcs7-data so that OpenSSL will expect to see the corresponding
octet string in d.other instead than d.data. This shadowing is very
unfriendly to other uses of OpenSSL and we should stop. Eliminate the
shadowing and rewrite create_contentinfo so that it sets up the PKCS7
object correctly if the OID is id-pkcs7-data.
ticket: 7889
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In pkinit_as_req_create, create and encode stack-allocated auth-pack
structures containing only alias pointers, instead of heap-allocated
structures containing a mix of alias pointers, owner pointers, and
appropriated caller memory. Keep everything we temporarily allocate
in separate local variables and free them through those variables.
In pa_pkinit_gen_req, use safer memory practices to avoid problems
like issue #7878. Free the checksum since pkinit_as_req_create no
longer takes ownership it. Remove a broken overly defensive check
after calling pkinit_as_req_create.
Remove init_krb5_auth_pack and init_krb5_auth_pack_draft9 as they are
no longer required.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In pa_pkinit_gen_req, if the cleanup handler is reached with non-zero
retval and non-null out_data, out_data is freed, then dereferenced,
then freed again. This can only happen if one of the small fixed-size
malloc requests fails after pkinit_as_req_create succeeds, so it is
unlikely to occur in practice.
ticket: 7878 (new)
target_version: 1.12.2
tags: pullup
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
If we fail to create a cert chain in cms_signeddata_create(), return
KRB5KDC_ERR_PREAUTH_FAILED, which corresponds to a protocol code,
rather than KRB5_PREAUTH_FAILED, which doesn't. This is also more
consistent with other error clauses in the same function.
ticket: 7718 (new)
target_version: 1.12
tags: pullup
|
| | |
|
| |
|
|
|
|
|
|
|
| |
When putting together the set of identity prompts for a responder
challenge, if we don't need a PIN or password of some kind, don't ask
an empty question.
[ghudson@mit.edu: squashed commits, modified commit message, merged
PKCS11 test with current Python script]
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a password to the set of things that we can pass to a PEM password
callback and the function we use for loading PKCS12 bundles. If we're
meant to defer identity prompts, just store the name of the identity
which we're loading. Otherwise, if we're passed a password, use it.
Otherwise, use the prompter callback.
Add a password to the set of things that we can pass to the function
that we use for logging in to PKCS11 tokens, too, but if we're deferring
identity prompts, just return the identity name without doing anything
else. If not, and we're passed a password, use that. Otherwise, try to
use the prompter callback to get one.
ticket: 7680
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The password callback which we usually supply to NSS already gets a
pointer to the pkinit_identity_crypto_context structure, but it needs to
be passed the name of the identity for which it's being called.
If it gets a name, and it's deferring prompting, just add the identity
to the list of deferred identity prompts (the password callback wouldn't
have been called if its result wasn't needed), and either return NULL
(as an indication that we couldn't get a password) or an empty string (a
value which we know is invalid) if that's handier.
Otherwise, check for a password that's been stashed for its use for that
identity, and return a copy of it if one's found. If none of that
works, try to use the prompter callback to ask for the password.
ticket: 7680
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use the list of deferred identity prompts and warnings, which we have
after calling pkinit_identity_initialize(), to build a list of questions
to supply to responder callbacks.
Before calling pkinit_identity_prompt() to actually load identities that
are protected, save any passwords and PINs which a responder callback
may have supplied.
Because pkinit_client_prep_questions() can be called multiple times, and
we don't want to try to load all of our identities each of those times,
take some steps to ensure that we only call pkinit_identity_initialize()
and pkinit_identity_prompt() once per request.
ticket: 7680
|
| |
|
|
|
| |
When called to free identity information, do what the OpenSSL-based
version does, and error out if the identity information is NULL.
|
| |
|
|
|
| |
Do what the OpenSSL-using code paths do, and load PKCS11_MODNAME if no
module is specified when we're told to use a PKCS11 identity.
|
| |
|
|
|
|
|
|
|
|
|
| |
Learn to manage a list of deferred identities, for which we want to
prompt for passwords or PINs, in pkinit_identity_crypto_context
structures, along with their associated token flags. These are opaque
outside of pkinit_crypto_openssl and pkinit_crypto_nss, so both
implementations need to provide wrapper functions that can be called
from elsewhere in the module to populate and query the lists.
ticket: 7680
|
| |
|
|
|
|
|
|
|
|
|
| |
Split part of pkinit_identity_initialize() into a second piece named
pkinit_identity_prompt(). Have each piece pass a new boolean flag to
crypto_load_certs() to indicate if it should defer prompting for a
password/PIN for client identities that require one. If the flag isn't
set, then crypto_load_certs() should attempt to use a responder-supplied
value, or call the prompter if there isn't one.
ticket: 7680
|
| |
|
|
|
| |
When retrieving the list of a certificate's subjectAltName values, we
weren't freeing some of the temporary memory we used.
|
| |
|
|
|
|
|
|
| |
The stacks of certificates and CRLs that we retrieve from CMS objects
include newly-owned references to the certificates and CRLs, so when we
go to free them, we need to remember to free those.
[ghudson@mit.edu: minor formatting change; removed unrelated style fix]
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Provide default values in pre.in for PROG_LIBPATH, PROG_RPATH,
SHLIB_DIRS, SHLIB_RDIRS, and STOBJLISTS so that they don't have to be
specified in the common case. Rename KRB5_RUN_ENV and KRB5_RUN_VARS
to RUN_SETUP (already the most commonly used name) and RUN_VARS. Make
sure to use DEFINES for local defines (not DEFS). Remove some other
unnecessary makefile content.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some fixes, some use of different APIs which seem to clean things up
better, with the goal of being able to cleanly shut down NSS when we're
done using it.
* Use PK11_FreeSlot() instead of SECMOD_CloseUserDB() to close a
database opened with SECMOD_OpenUserDB().
* Fix a typo and use PK11_DestroyGenericObject() instead of
PK11_DestroyGenericObjects() to destroy one object.
* Use SECMOD_DestroyModule() instead of SECMOD_UnloadUserModule()
to close a module loaded with SECMOD_LoadUserModule().
* crypto_check_for_revocation_information(): don't leak a reference
to the CRL, or to intermediate issuers.
* Don't leak a reference to a PEM private key.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When the PEM module is given an encrypted key, it changes its token
flags to indicate that a password is required (by setting needs-login)
to signal the application that we need to supply a password to decrypt
it. Attempts to load any other items will fail until the flag is
cleared.
If we detect that the flag is set after we've attempted to load a
private key, attempt to "log in" to the "token" using a password. Even
if we fail, the token will reset its needs-login flag, which is
necessary before we can import anything else.
|
| |
|
|
|
|
| |
When loading certificates using the PEM module, use a better method for
finding the just-loaded certificate that will still work if we've
already got a copy of the certificate loaded somewhere else.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When using NSS's CMS API to generate signed-data messages, we identify
the key that we want to use for signing by specifying a certificate.
The library then looks up the corresponding private key when it needs to
generate the signature. This lookup fails if a certificate and a its
corresponding private key were loaded key-first, but succeeds if they
were loaded certificate-first (RHBZ#859535). To work around this,
switch to loading the certificate first. (We switch to using different
_pkinit_identity_crypto_file pointers for each instead of reusing just
one, so the diff is messier than it might have been.)
|
| |
|
|
|
|
| |
Use PORT_ErrorToName() to let us print an error name instead of an error
code in a couple of debug messages, since in practice we just end up
looking up the code in <secerr.h> anyway.
|
| |
|
|
|
|
|
|
| |
When PKINIT is built with NSS, change how it traverses tokens to match
the way it's done when built using OpenSSL: ignore slot names (we used
to treat the token label as a possible slot label, too), and either only
look at the token with the specified label, or the first token if a no
token label was specified.
|
| |
|
|
|
| |
We already call SEC_PKCS12DecoderFinish() before entering the switch()
statement, so don't call it again.
|
| |
|
|
|
|
|
|
| |
When PKINIT is built with NSS, make the text of prompts that we issue to
the user better match the text we use when we build with OpenSSL: ask
for a pass phrase when we're asking about a hardware token, ask for a
password the rest of the time, and take advantage of translations for
requests for a password.
|
| |
|
|
|
|
|
|
| |
When we're doing certificate matching and we're asked for the list of
SAN values for a certifiate, and it contains none, don't return an
error, as that will eventually cause the module to just return an error.
Instead, just return an empty list of SAN values so that processing will
continue on to check if other certificates match.
|
| |
|
|
|
|
| |
The reassembled names used "," as a separator between attributes, when
passed-in values use ":". This was due to the original submitter being
confused - they weren't intended to be different.
|
| |
|
|
|
|
| |
When attempting to clean the files out from our temporary directory,
correct the test which was supposed to let us skip over "." and ".." so
that we actually don't try to remove them with remove().
|
| | |
|
| |
|
|
|
| |
Replace numeric value '132' by the macro KRB5_PADATA_AS_CHECKSUM
in preauth plugin.
|
| |
|
|
|
|
|
|
|
|
| |
Allow configuration to override the default dh_min_bits of 2048 to
1024. Disallow configuration of dh_min_bits < 1024, but continue to
default to 2048.
ticket: 7602
target_version: 1.11.3
tags: pullup
|
| |
|
|
|
|
|
|
|
|
| |
Change pkinit_check_dh_params() to take two DH* parameters, and only
compare p and g, because q is fully determined by them and might be
missing.
Also refactor some parameter checks into check_dh_wellknown() that
were previously done separately in the pkinit_process_td_dh_params()
and server_check_dh().
|
| |
|
|
|
|
|
|
|
| |
Some implementations don't send the required Q value in dh_params, so
allow it to be absent.
ticket: 7596
target_version: 1.11.3
tags: pullup
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Supply a callack to PEM_read_bio_PrivateKey() using the prompter to
request a password for encrypted PEM data. Otherwise OpenSSL will use
the controlling terminal.
[ghudson@mit.edu: minor style cleanup, commit message]
ticket: 7590
|
