summaryrefslogtreecommitdiffstats
path: root/src/tests/asn.1
Commit message (Collapse)AuthorAgeFilesLines
* Include autoconf.h before system headersGreg Hudson2014-07-083-6/+1
| | | | | | | | | Include autoconf.h (either directly or via proxy) before system headers, so that feature test macros defined there can affect the system namespace. Where include order was changed, eliminate some redundant or unnecessary includes. ticket: 7961
* Always include salt in LDAP KrbKey encodingGreg Hudson2014-06-051-0/+1
| | | | | | | | | | | | | | | | | | | In the LDAP KDB module, ensure that every krb5_key_data we pass to asn1_encode_sequence_of_keys includes a salt type, for compatibility with the decoder in unpatched krb5 1.11 and 1.12. This is not a behavior change by itself; since 1.7 the encoder has always included a KrbKey salt field because it erroneously treats that field as non-optional. (Luckily, the encoded salt always happens to have salt type 0 because krb5_key_data constructors start with zeroed memory.) The next commit will fix the encoder and decoder to properly treat the KrbKey salt field as optional, so we need this change to ensure that our encodings remain compatible. Also fix the ASN.1 tests to set key_data_ver correctly for the sample test key data. ticket: 7919
* Add ASN.1 codec for KKDCP's KDC-PROXY-MESSAGENathaniel McCallum2014-06-028-0/+107
| | | | | | | | | | | | | Handle encoding and decoding [MS-KKDCP] proxy messages, including handling of the additional length bytes. Early versions of [MS-KKDCP] incorrectly omit that the size of the proxied message is prepended to the proxied message, as it is when we're using plain TCP, before encoding the proxy-message structure. This is fixed at least as of version 2.1 of the spec. [nalin@redhat.com: add tests] ticket: 7929
* Reduce boilerplate in makefilesGreg Hudson2013-05-161-4/+0
| | | | | | | | | Provide default values in pre.in for PROG_LIBPATH, PROG_RPATH, SHLIB_DIRS, SHLIB_RDIRS, and STOBJLISTS so that they don't have to be specified in the common case. Rename KRB5_RUN_ENV and KRB5_RUN_VARS to RUN_SETUP (already the most commonly used name) and RUN_VARS. Make sure to use DEFINES for local defines (not DEFS). Remove some other unnecessary makefile content.
* Fix typo in ktest_make_sample_auth_packGreg Hudson2013-03-291-1/+1
|
* make dependGreg Hudson2013-03-241-23/+17
|
* make dependGreg Hudson2013-01-101-1/+1
| | | | | Mostly this gets rid of the trailing space on line 2 after bb76891f5386526bdf91bc790c614fc9296cb5fa.
* Separate clpreauth and kdcpreauth interfacesGreg Hudson2012-12-191-11/+11
| | | | | | | Since there is no overlap between the clpreauth and kdcpreauth interface declarations, there's no particular reason to combine them into one header. For backward compatibility and convenience, leave behind a preauth_plugin.h which includes both.
* Add asn1c test vectors for alg-agility typesGreg Hudson2012-09-064-2/+404
| | | | | | | | | For the test-vectors target in tests/asn.1, add ASN.1 modules from RFC 4556 and draft-ietf-krb-wg-pkinit-alg-agility-06.txt, and output test encodings for PrincipalName, KRB5PrincipalName, OtherInfo, and PkinitSuppPubInfo. In the alg-agility module, AuthPack and DHRepInfo are renamed, as asn1c otherwise rejects them as conflicting with the RFC 4556 definitions.
* Add ASN.1 support for OTPGreg Hudson2012-08-2313-26/+1834
| | | | | | | Add encoders and decoders for the OTP-TOKENINFO, PA-OTP-CHALLENGE, PA-OTP-REQUEST, and PA-OTP-ENC-REQUEST types from RFC 6560. For more thorough testing, add support for generating test encodings using asn1c for sample objects (currently only for the OTP types).
* Remove unused variableBen Kaduk2012-07-031-2/+0
|
* Restore some spaces in trvalTom Yu2012-06-254-790/+790
| | | | | | This is a cosmetic change to reintroduce some space characters that cff6ea939f061d17a5742a04b8eeb2905c1813dc removed, e.g. between the tag and the length or short value.
* Eliminate trailing whitespace in trval outputGreg Hudson2012-06-225-1254/+1259
| | | | | | | | Modify the trval output slightly so that the reference trval output files don't containing trailing whitespace, to make them friendlier to our git hooks. (The pkinit and ldap trval reference files now contain a leading blank line, which isn't very elegant, but avoiding that requires too much Makefile.in complexity.) Also correct a typo.
* Properly decode etype-info2 with no saltGreg Hudson2012-03-081-0/+40
| | | | | | | | | | | The data-driven decoder for etype-info2 was neglecting to call init_no_salt() when no salt is present in the encoding. Add in the missing call. Also add decode test cases for etype-info2, which would have caught this if they weren't missing. ticket: 7100 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25744 dc483132-0cff-0310-8789-dd5450dbe970
* Simplify some ASN.1 array encoder testsGreg Hudson2012-03-083-67/+19
| | | | | | Use encode_run() for pa_data and etype_info tests. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25743 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unused arg from encode_run in ASN.1 testsGreg Hudson2012-03-081-93/+91
| | | | | | | Reformat call sites according to current coding conventions, since we're touching them all anyway. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25742 dc483132-0cff-0310-8789-dd5450dbe970
* Add test cases for Windows RODC kvno compatibilityTom Yu2012-03-024-0/+26
| | | | | | ticket: 7092 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25725 dc483132-0cff-0310-8789-dd5450dbe970
* Convert utility functions to new decoderGreg Hudson2012-02-121-4/+14
| | | | | | | | | Create a special type to plug authdata types from authdata and make krb5int_get_authdata_containee_types use it. Add a test case for it as well. Move krb5_decode_ticket (a trivial wrapper) into asn1_k_encode.c so that krb5_decode.c is empty. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25694 dc483132-0cff-0310-8789-dd5450dbe970
* Data-driven ASN.1 decoderGreg Hudson2012-02-112-4/+2
| | | | | | | | | | | | | | | | | | Add a general ASN.1 decoder implementation in asn1_encode.c using the same data structures as the encoder (augmented where necessary), and use it to define decoder functions in asn1_k_encode.c. Add a boolean type to atype_info, as it is needed for the pa_pac_req decoder. For the moment, just #if out the old decoder functions; they and their support code can be cleaned up later after a a few remaining utility functions are addressed. Changes to encoder and decoder interfaces are minimized, but there are two small ones. ldap_seqof_key_data has a kvno field added, and some of the decoder logic is pushed up into the caller. The safe_with_body decoder now outputs an allocated krb5_data * instead of a krb5_data with aliases into the input buffer. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25693 dc483132-0cff-0310-8789-dd5450dbe970
* Minimize draft9 PKINIT code by removing dead codeGreg Hudson2012-02-116-139/+1
| | | | | | | | | | | | | | | | The PKINIT client code doesn't use decode_krb5_pa_pk_as_rep_draft9, which is fortunate because it doesn't work (see issue #7072). Instead, it passes both kinds of PKINIT replies through decode_krb5_pa_pk_as_rep, then decodes the un-enveloped CMS data in alternative 1 (encKeyPack) as either an RFC or draft9 ReplyKeyPack. So, remove the unused broken pa_pk_as_rep_draft9 decoder. For pa_pk_as_req_draft9, we only use two of the fields on encode and only one of those on decode. So, get rid of the unused fields and the krb5_trusted_ca structure, and reduce the encoder and decoder sequences to the minimum necessary fields. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25689 dc483132-0cff-0310-8789-dd5450dbe970
* Add ASN.1 decoder test for krb5_pa_pac_reqGreg Hudson2012-02-111-0/+30
| | | | | | | Also, if decode_krb5_ap_rep_enc_part doesn't return the expected error code in krb5_decode_test, exit with nonzero status. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25685 dc483132-0cff-0310-8789-dd5450dbe970
* Fix uninitialized variable warning in trval.cGreg Hudson2012-02-071-1/+1
| | | | | | | | | | | | gcc -O3 is agressive enough to detect that do_cons() doesn't always set the value of rlen2, so trval2() gets a maybe-uninitialized warning. Squash it by initializing rlen2. ticket: 7088 target_version: 1.10.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25679 dc483132-0cff-0310-8789-dd5450dbe970
* Add PKINIT decoder testsGreg Hudson2012-01-134-0/+475
| | | | | | | | | | | Add tests to krb5_decode_test.c for PKINIT types. Where the decoders do not match the encoders, include comments and hand-generated encodings which work with the decoder. Add a comment to asn1_k_encode.c documenting inconsistencies between the draft 9 PA-PK-AS-REQ spec and our encoder results. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25650 dc483132-0cff-0310-8789-dd5450dbe970
* Fix an allocation size bug in ASN.1 testsGreg Hudson2012-01-101-6/+3
| | | | | | | ktest_make_sample_pa_pk_as_req_draft9 was allocating the wrong size of objects for the trustedCertifiers array. Fix it. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25638 dc483132-0cff-0310-8789-dd5450dbe970
* Remove unneeded kdcRealm field in PKINIT structureGreg Hudson2012-01-081-2/+0
| | | | | | | | krb5_pk_authenticator_draft9 had a kdcRealm field which was set by the client code but never encoded or decoded. Remove it. Eliminating this field exposed a bug in auth_pack_draft9_optional; fix that. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25624 dc483132-0cff-0310-8789-dd5450dbe970
* Fix PKINIT serverDHNonce encodingGreg Hudson2012-01-082-3/+2
| | | | | | | | | | | Use an explicit tag for serverDHNonce, as specified in RFC 4556, rather than the implicit tag we historically used. This bug had no practical effect (and creates no interoperability issues) because we never generate a serverDHNonce. ticket: 7061 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25623 dc483132-0cff-0310-8789-dd5450dbe970
* Remove some unneeded accessor fieldsGreg Hudson2012-01-071-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25620 dc483132-0cff-0310-8789-dd5450dbe970
* Remove some unused structures and encodersGreg Hudson2012-01-079-260/+0
| | | | | | | | | | | krb5_alt_method was added in r6604 but never supported. krb5_pwd_data became unused when the Sandia kadmin system was replaced. krb5_pa_server_referral_data and krb5_pa_svr_referral_data were added in r21690 with internally-visible encoders which nothing uses. Leave behind structure declarations in krb5.hin for API compatibility. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25619 dc483132-0cff-0310-8789-dd5450dbe970
* Remove SAM encoders and structuresGreg Hudson2012-01-079-330/+0
| | | | | | | | r24403 removed the old SAM support, but left behind the structures, free functions, and ASN.1 encoders/decoders. Remove those now. (SAM-2 support is still present.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25618 dc483132-0cff-0310-8789-dd5450dbe970
* Add missing test cases for ASN.1 typesGreg Hudson2012-01-069-3/+441
| | | | | | Add test cases for ASN.1 types which didn't previously have them. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25610 dc483132-0cff-0310-8789-dd5450dbe970
* Add test cases for PKINIT ASN.1 encodersGreg Hudson2012-01-067-15/+748
| | | | | | | | | | | | Do not add decode tests, because those would trip some bugs in the decoders, and we can't safely fix some of those bugs without interop testing. Encode tests are sufficient to detect when we unintentionally change the output of the encoders. Fix trval2() not to use the context shortcut on primitive context tags. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25609 dc483132-0cff-0310-8789-dd5450dbe970
* Simplify and reformat ASN.1 test codeGreg Hudson2012-01-069-1754/+1191
| | | | | | Use abort-on-error memory allocation to reduce failure handling. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25608 dc483132-0cff-0310-8789-dd5450dbe970
* Adjust most C source files to match the new standards for copyrightGreg Hudson2011-03-0912-3/+252
| | | | | | and license comments. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24695 dc483132-0cff-0310-8789-dd5450dbe970
* Make dependGreg Hudson2011-02-251-23/+23
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24662 dc483132-0cff-0310-8789-dd5450dbe970
* Use for loops for recursion in the Windows build, cutting down on theGreg Hudson2010-11-281-1/+1
| | | | | | | | | verbiage in Makefile.in files. For correctness of output, every Makefile.in mydir= definition is changed to use $(S) instead of /. ticket: 6826 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24536 dc483132-0cff-0310-8789-dd5450dbe970
* Make dependGreg Hudson2010-09-081-18/+18
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24298 dc483132-0cff-0310-8789-dd5450dbe970
* make dependGreg Hudson2010-06-071-29/+35
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@24119 dc483132-0cff-0310-8789-dd5450dbe970
* Add IAKERB mechanism and gss_acquire_cred_with_passwordGreg Hudson2010-04-309-0/+143
| | | | | | | | | | | | | | Merge branches/iakerb to trunk. Includes the following: * New IAKERB mechanism. * New gss_acquire_cred_with_password mechglue function. * ASN.1 encoders and decoders for IAKERB structures (with tests). * New shortcuts in gss-sample client and server. * Tests to exercise SPNEGO and IAKERB using gss-sample application. ticket: 6712 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23960 dc483132-0cff-0310-8789-dd5450dbe970
* (memory leak)Ezra Peisach2010-01-101-2/+0
| | | | | | ktest_make_sample_ad_signedpath_data: Do not initialize client field twice. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23624 dc483132-0cff-0310-8789-dd5450dbe970
* Mark and reindent tests, with some exclusionsTom Yu2009-11-309-1507/+1515
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23394 dc483132-0cff-0310-8789-dd5450dbe970
* Consolidate Makefile variables now that we have only a single globalGreg Hudson2009-11-222-59/+57
| | | | | | | | | | | | | configure script: $(SRCTOP) --> $(top_srcdir) $(srcdir)/$(thisconfigdir) --> $(top_srcdir) $(thisconfigdir) --> $(BUILDTOP) $(myfulldir) --> $(mydir) ticket: 6583 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23308 dc483132-0cff-0310-8789-dd5450dbe970
* Constrained delegation without PAC supportGreg Hudson2009-11-149-0/+220
| | | | | | | | | | | Merge Luke's users/lhoward/s4u2proxy branch to trunk. Implements a Heimdal-compatible mechanism for allowing constrained delegation without back-end support for PACs. Back-end support exists in LDAP only (via a new krbAllowedToDelegateTo attribute), not DB2. ticket: 6580 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23160 dc483132-0cff-0310-8789-dd5450dbe970
* make mark-cstyleTom Yu2009-10-317-199/+198
| | | | | | make reindent git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23100 dc483132-0cff-0310-8789-dd5450dbe970
* Move destest to builtin/des, because it depends on overriding someTom Yu2009-10-101-27/+28
| | | | | | | | internals. Make depend. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22877 dc483132-0cff-0310-8789-dd5450dbe970
* Implement GSS naming extensions and authdata verificationGreg Hudson2009-10-099-2/+94
| | | | | | | | | Merge Luke's users/lhoward/authdata branch to trunk. Implements GSS naming extensions and verification of authorization data. ticket: 6572 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22875 dc483132-0cff-0310-8789-dd5450dbe970
* Remove krb5_decode_leak test program on "make clean"Greg Hudson2009-09-161-1/+1
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22777 dc483132-0cff-0310-8789-dd5450dbe970
* Implement s4u extensionsGreg Hudson2009-09-139-2/+93
| | | | | | | | | Merge Luke's users/lhoward/s4u branch to trunk. Implements S4U2Self and S4U2Proxy extensions. ticket: 6563 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22736 dc483132-0cff-0310-8789-dd5450dbe970
* CVE-2009-0846 asn1_decode_generaltime can free uninitialized pointerTom Yu2009-04-071-0/+16
| | | | | | | | | | | The asn1_decode_generaltime() function can free an uninitialized pointer if asn1buf_remove_charstring() fails. ticket: 6445 tags: pullup target_version: 1.7 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22176 dc483132-0cff-0310-8789-dd5450dbe970
* In krb5_decode_leak.c, work around the oddity thatGreg Hudson2009-02-131-2/+16
| | | | | | krb5_free_cred_enc_part is a contents-only free function. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22003 dc483132-0cff-0310-8789-dd5450dbe970
* Add a new test harness to facilitate memory leak detection in theGreg Hudson2009-02-113-3/+678
| | | | | | ASN.1 decoder routines. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21970 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2026-01-09 23:25:29 +0000