summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Clean up a help string in k5testGreg Hudson2010-03-041-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23764 dc483132-0cff-0310-8789-dd5450dbe970
* Python test frameworkGreg Hudson2010-03-047-1/+1159
| | | | | | | | | | | | Add a framework for writing tests in Python. Documentation is in the initial docstring of util/k5test.py. Inaugurate the framework with two test scripts, t_general.py and t_anonypkinit.py, which together test the same operations as standalone.exp from the dejagnu test suite. ticket: 6672 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23763 dc483132-0cff-0310-8789-dd5450dbe970
* Remove some more test suite cruft:Greg Hudson2010-02-282-21/+7
| | | | | | | | | | | | | * localhostname from get_hostname was unused. * database_name is no longer used except (misleadingly) in kdb5_util output. * admin_database_name and admin_database_lockfile are no longer used. * default_domain is only used for v4->v5 principal conversion, which isn't tested. * libkadm5's init-v2.exp had a copy of get_hostname; domain and localhostname from it were unused. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23759 dc483132-0cff-0310-8789-dd5450dbe970
* On Linux platforms, use -Wl,--enable-new-dtags when linking sharedGreg Hudson2010-02-271-2/+2
| | | | | | | | | libraries and programs using them. The primary effect is to get ld to set DT_RUNPATH in addition to DT_RPATH, which in turn allows the LD_LIBRARY_PATH environment variable to override the compiled-in runpath, which is friendlier to the test framework. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23758 dc483132-0cff-0310-8789-dd5450dbe970
* doc updates for allow_weak_cryptoTom Yu2010-02-251-0/+8
| | | | | | | | | | Update documentation to be more helpful about allow_weak_crypto. ticket: 6669 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23750 dc483132-0cff-0310-8789-dd5450dbe970
* Two problems in kadm5_get_principal mask handlingGreg Hudson2010-02-241-6/+8
| | | | | | | | | | | | KADM5_MOD_NAME was being applied to entry->principal instead of entry->mod_name. KADM5_MKVNO was not being applied to entry->mkvno. Patch from Marcus Watts <mdw@umich.edu>. ticket: 6668 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23749 dc483132-0cff-0310-8789-dd5450dbe970
* Remove some more dejagnu test suite cruft:Greg Hudson2010-02-221-26/+0
| | | | | | | * check_date was only used by the application tests. * touch was never used. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23745 dc483132-0cff-0310-8789-dd5450dbe970
* Remove some unused cruft in the dejagnu test suite's default.exp:Greg Hudson2010-02-221-471/+3
| | | | | | | | | | | | | * RLOGIN, RLOGIN_FLAGS, ROOT_PROMPT, ROOT_SHELL, check_k5login, restore_kerberos_env, setup_root_shell, setup_root_shell_noremote, setup_wrapper: No longer used now that the applications are in a separate tree. * v4_compatible_enctype: No longer used with krb4 support gone. * tail1, krb_exit: Apparently never used. * KERBEROS_SERVER: Added long ago in r5686 and removed shortly after in r5695, but the test suite support for it never got excised. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23744 dc483132-0cff-0310-8789-dd5450dbe970
* Explain the current SPNEGO initiator/acceptor design in comments. NoGreg Hudson2010-02-221-11/+66
| | | | | | code changes. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23743 dc483132-0cff-0310-8789-dd5450dbe970
* Fix two unrelated problems in SPNEGO which don't crop up with the krb5Greg Hudson2010-02-221-10/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | mechanism. 1. The third call to spnego_init_accept_context uses faulty logic to determine if the exchange is complete, preventing a third mech token from being sent to the acceptor if no MIC exchange is required. Follow the logic used in the second call (in init_ctx_nego), which is correct. 2. If the acceptor selects a mech other than the optimistic mech, it sets sc->mic_reqd to 1 whether or not the selected mech supports MICs (which isn't known until the mech completes). Most code outside of handle_mic checks sc->mic_reqd along with (sc->ctx_flags & GSS_C_INTEG_FLAG), but the code in acc_ctx_call_acc neglected to do so, so it could improperly delegate responsibility for deciding when the negotiation was finished to handle_mic--which never gets called if (sc->ctx_flags & GSS_C_INTEG_FLAG) is false. Fix acc_ctx_call_acc to check sc->ctx_flags so that mechs which don't support integrity protection can complete if they are selected non-optimistically. ticket: 6603 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23742 dc483132-0cff-0310-8789-dd5450dbe970
* Use bswap16 and bswap32 on NetBSDKen Raeburn2010-02-201-2/+14
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23741 dc483132-0cff-0310-8789-dd5450dbe970
* Update dependenciesKen Raeburn2010-02-206-34/+55
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23740 dc483132-0cff-0310-8789-dd5450dbe970
* Move array decl from mixed within code down into the block where it'sKen Raeburn2010-02-201-8/+11
| | | | | | actually used, for C90 compliance. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23739 dc483132-0cff-0310-8789-dd5450dbe970
* Update export list for 2007 plugin interface changeKen Raeburn2010-02-201-2/+2
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23738 dc483132-0cff-0310-8789-dd5450dbe970
* Move array decl from mixed within code down into the block where it'sKen Raeburn2010-02-201-8/+11
| | | | | | actually used, for C90 compliance. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23737 dc483132-0cff-0310-8789-dd5450dbe970
* Make plugins/cksum_body more likely to build, and remove the empty srcGreg Hudson2010-02-191-2/+2
| | | | | | directory within. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23736 dc483132-0cff-0310-8789-dd5450dbe970
* The TGS code was not freeing authdata. This is an old leak which wasGreg Hudson2010-02-181-2/+3
| | | | | | | | | | | made more evident in 1.8 by the addition of ad-signedpath authdata appearing in most tickets issued through the TGS path. ticket: 6659 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23735 dc483132-0cff-0310-8789-dd5450dbe970
* Fix cipher state chaining in OpenSSL back endGreg Hudson2010-02-183-61/+90
| | | | | | | | | | | | | | | | | | | | Make cipher state chaining work in the OpenSSL back end for des, des3, and arcfour enc providers. Subtleties: * DES and DES3 have checks to avoid clobbering ivec with uninitialized data if there is no data to encrypt. * Arcfour saves the OpenSSL cipher context across calls. To protect against a caller improperly copying the state (which happens to work with other enc providers), a loopback pointer is used, as in GSSAPI. * EVP_EncryptFinal_ex is unnecessary with stream ciphers and would interfere with cipher state chaining if it did anything, so just remove it. ticket: 6665 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23734 dc483132-0cff-0310-8789-dd5450dbe970
* Add display statements for the encrypted tokens generated by t_encryptGreg Hudson2010-02-171-0/+24
| | | | | | so that its output can be compared between different back ends. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23733 dc483132-0cff-0310-8789-dd5450dbe970
* validator.py is a tool to validate kerb configuration files. Zhanna Tsitkov2010-02-175-0/+378
| | | | | | | | | First, the configuration file is parsed (confparser.py) and validated against formating errors (such as mismatching brackets) Then the list of the allowed configuration attributes is compiled from k5-int.h and rules.yml Finally, the kerb configuration file is validated against the list of the allowed strings. If the error, or something that validator does not understand, is found the warning is issued in the tree-like form indicating the layer where the problem has occurred. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23732 dc483132-0cff-0310-8789-dd5450dbe970
* update mkrel to deal with changed source layoutTom Yu2010-02-161-2/+8
| | | | | | | | | | | Update mkrel so it deals somewhat better with removed src/lib/des425, NOTICES, etc. ticket: 6663 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23726 dc483132-0cff-0310-8789-dd5450dbe970
* MITKRB5-SA-2010-001 CVE-2010-0283 KDC denial of serviceTom Yu2010-02-163-1/+8
| | | | | | | | | | | | | Code introduced in krb5-1.7 can cause an assertion failure if a KDC-REQ is internally inconsistent, specifically if the ASN.1 tag doesn't match the msg_type field. Thanks to Emmanuel Bouillon (NATO C3 Agency) for discovering and reporting this vulnerability. ticket: 6662 tags: pullup target_version: 1.8 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23724 dc483132-0cff-0310-8789-dd5450dbe970
* Remove another remnant of krb4Ken Raeburn2010-02-151-86/+0
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23723 dc483132-0cff-0310-8789-dd5450dbe970
* Clarify the SPNEGO NegHints code and plug two cases where half-createdGreg Hudson2010-02-131-25/+19
| | | | | | context could be leaked. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23722 dc483132-0cff-0310-8789-dd5450dbe970
* Simplify the SPNEGO neg_mechs intersection logic a bit usingGreg Hudson2010-02-121-7/+6
| | | | | | gss_test_oid_set_member. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23717 dc483132-0cff-0310-8789-dd5450dbe970
* Minimal support for updating history keyGreg Hudson2010-02-115-131/+113
| | | | | | | | | | | | | | | | | | Add minimal support for re-randomizing the history key: * cpw -randkey kadmin/history now works, but creates only one key. * cpw -randkey -keepold kadmin/history still fails. * libkadm5 no longer caches the history key. Performance impact is minimal since password changes are not common. * randkey no longer checks the newly randomized key against old keys, and the disabled code to do so in setkey/setv4key is gone, so now only kadm5_chpass_principal_3 accesses the password history. ticket: 6660 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23716 dc483132-0cff-0310-8789-dd5450dbe970
* Implement gss_set_neg_mechsGreg Hudson2010-02-1011-83/+570
| | | | | | | | | | | | | | | | | Implement gss_set_neg_mechs in SPNEGO by intersecting the provided mech set with the mechanisms available in the union credential. As we now need space to hold the mech set, the SPNEGO credential is now a structure and not just a mechglue credential. t_spnego.c is a test program which exercises the new logic. Like the other GSSAPI tests, it is not run as part of "make check" at this time. ticket: 6658 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23715 dc483132-0cff-0310-8789-dd5450dbe970
* Followon fixes to r23712:Greg Hudson2010-02-105-9/+14
| | | | | | | | | | | | | | | | * A few formatting fixes. * Fix unlikely leak in kdc_handle_protected_negotiation: if add_pa_data_element with copy == FALSE fails, it's still the caller's responsibility to free pa.contents. * Fix pre-existing (since r23465) leak of reply_encpart.enc_padata in process_as_req. * Call add_pa_data_element with copy == TRUE in return_referral_enc_padata since we are passing memory owned by the database entry. ticket: 6656 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23714 dc483132-0cff-0310-8789-dd5450dbe970
* krb5int_fast_free_state segfaults if state is nullSam Hartman2010-02-091-0/+2
| | | | | | | | | | | | | krb5int_fast_free_state fails if state is null. INstead it should simply return Reorganization of the get_init_creds logic has created situations where the init_creds loop can fail between the time when the context is initialized and the fast state is initialized. ticket: 6657 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23713 dc483132-0cff-0310-8789-dd5450dbe970
* enc_padata can include empty sequenceSam Hartman2010-02-095-84/+61
| | | | | | | | | | | | | | | | | There are two issues with return_enc_padata. 1) It often will return an empty sequence of enc_padata rather than not including the field 2) FAST negotiation is double supported in the referral tgs path and not supported in the non-referral path Rewrite the return_enc_padata logic to: * Split out referral interactions with kdb into its own function * Use add_pa_data_element ticket: 6656 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23712 dc483132-0cff-0310-8789-dd5450dbe970
* Consistently place $(LDFLAGS) after $(SHLIB_EXPFLAGS) when buildingGreg Hudson2010-02-051-13/+12
| | | | | | | | | | | | | shared libraries. Previously we sometimes failing to use $(LDFLAGS) at all, and at other times were putting it before $(SHLIB_EXPFLAGS) where it could pick up tree-internal libraries from outside the build tree. ticket: 6643 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23699 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Arlene Berry to handle the case where a mechanismTom Yu2010-02-051-2/+10
| | | | | | | | | | | implements set_cred_option but does not implement the requested option. ticket: 6601 tags: pullup target_version: 1.8 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23698 dc483132-0cff-0310-8789-dd5450dbe970
* Fix cross-realm handling of AD-SIGNEDPATHGreg Hudson2010-02-053-7/+19
| | | | | | | | | | | | | | | Avoid setting AD-SIGNEDPATH when returning a cross-realm TGT. Previously we were avoiding it when answering a cross-realm client, which was wrong. Don't fail out on an invalid AD-SIGNEDPATH checksum; just don't trust the ticket for S4U2Proxy (as if AD-SIGNEDPATH weren't present). ticket: 6655 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23697 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Arlene Berry to avoid segfault if a mechTom Yu2010-02-051-0/+5
| | | | | | | | | | gss_inquire_context returns GSS_C_NO_NAME for the target name. ticket: 6600 tags: pullup target_version: 1.8 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23696 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Arlene Berry to return a comparable static OID objectTom Yu2010-02-051-0/+3
| | | | | | | | | | | instead of the application-passed (probably dynamically allocated) OID, to avoid use-after-free problems. ticket: 6598 tags: pullup target_version: 1.8 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23695 dc483132-0cff-0310-8789-dd5450dbe970
* Fix greet_server buildGreg Hudson2010-02-031-1/+1
| | | | | | | | | | Fix the export list for the greet_server plugin. ticket: 6654 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23694 dc483132-0cff-0310-8789-dd5450dbe970
* Clean up error handling in krb5int_make_tgs_request_ext, closing someGreg Hudson2010-02-021-60/+41
| | | | | | unlikely memory leaks. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23682 dc483132-0cff-0310-8789-dd5450dbe970
* set_default_enctype_var should filter not reject weak enctypesTom Yu2010-02-012-32/+105
| | | | | | | | | | | | | | | | | | With allow_weak_crypto=false, set_default_enctype_var() (helper function for krb5_set_default_tgs_enctypes(), etc.) was rejecting any application-provided enctype list that contained any weak enctype even when valid strong enctypes were present. This broke some Samba things. Filter the weak enctypes instead. Add test cases. Reported to Debian by Holger Isenberg. (Debian bug #566977) http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566977 Thanks to Simo Sorce for testing. ticket: 6653 tags: pullup target_version: 1.8 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23681 dc483132-0cff-0310-8789-dd5450dbe970
* Correct the DAL documentation ofGreg Hudson2010-02-011-5/+9
| | | | | | | KRB5_KDB_METHOD_CHECK_ALLOWED_TO_DELEGATE; proxy is the target service, not the delegating service. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23680 dc483132-0cff-0310-8789-dd5450dbe970
* Fix minor error-handling bug in r23676Greg Hudson2010-01-311-1/+1
| | | | | | ticket: 6650 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23679 dc483132-0cff-0310-8789-dd5450dbe970
* Correct the DAL documentation for how modules should handle referralsGreg Hudson2010-01-291-17/+29
| | | | git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23678 dc483132-0cff-0310-8789-dd5450dbe970
* Make decryption of master key list more robustGreg Hudson2010-01-291-37/+13
| | | | | | | | | | | | | | | | | krb5_def_fetch_mkey_list was incorrectly filtering mkey_aux entries when searching the list for an entry which can be decrypted with the stashed master key. This bug was masked in most cases by the mkvno heuristic. Remove the mkvno heuristic, since performance is not an issue for this rarely-performed operation, and remove the incorrect enctype comparison in the brute-force search. ticket: 6652 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23677 dc483132-0cff-0310-8789-dd5450dbe970
* Handle migration from pre-1.7 databases with master key kvno != 1Greg Hudson2010-01-285-5/+53
| | | | | | | | | | | | | | | | | | | | krb5_dbe_lookup_mkvno assumes an mkvno of 1 for entries with no explicit tl_data. We've seen at least one pre-1.7 KDB with a master kvno of 0, violating this assumption. Fix this as follows: * krb5_dbe_lookup_mkvno outputs 0 instead of 1 if no tl_data exists. * A new function krb5_dbe_get_mkvno translates this 0 value to the minimum version number in the mkey_list. (krb5_dbe_lookup_mkvno cannot do this as it doesn't take the mkey_list as a parameter.) * Call sites to krb5_dbe_lookup_mkvno are converted to krb5_dbe_get_mkvno, except for an LDAP case where it is acceptable to store 0 if the mkvno is unknown. ticket: 6650 target_version: 1.7.1 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23676 dc483132-0cff-0310-8789-dd5450dbe970
* Update the LDAP dependencies for r23674Greg Hudson2010-01-272-132/+161
| | | | | | ticket: 6649 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23675 dc483132-0cff-0310-8789-dd5450dbe970
* Get rid of kdb_ext.h and allow out-of-tree KDB pluginsGreg Hudson2010-01-2714-285/+281
| | | | | | | | | | | | | Move the contents of kdb_ext.h into kdb.h, since there is no meaningful "extensions" category of DB interfaces now that this stuff is in our tree. Allows out-of-tree KDB plugins to be built since we install kdb.h. ticket: 6649 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23674 dc483132-0cff-0310-8789-dd5450dbe970
* define MIN() in lib/gssapi/krb5/prf.cTom Yu2010-01-261-0/+4
| | | | | | | | | | | | Apply patch from Doug Engert to define MIN(), which was causing prf.c to fail compilation on Solaris. (The definition was probably leaking from sys/param.h, included indirectly somehow.) ticket: 6648 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23673 dc483132-0cff-0310-8789-dd5450dbe970
* Apply patch from Arlene Berry to plug a memory leakTom Yu2010-01-261-1/+3
| | | | | | | | ticket: 6599 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23672 dc483132-0cff-0310-8789-dd5450dbe970
* In the DAL comments, document KRB5_KDB_INCLUDE_PAC, and correct theGreg Hudson2010-01-251-7/+14
| | | | | | | documentation of the S4U flags to indicate that they affect PAC generation. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23667 dc483132-0cff-0310-8789-dd5450dbe970
* Document the DAL interface in comments, as an aid to moduleGreg Hudson2010-01-251-184/+546
| | | | | | implementors. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23666 dc483132-0cff-0310-8789-dd5450dbe970
* Add krb5_allow_weak_crypto APIGreg Hudson2010-01-194-0/+45
| | | | | | | | | | | | Add an API to allow apps to override the profile setting of allow_weak_crypto, so that aklog can work with krb5 1.8 out of the box until OpenAFS finishes migrating away from DES. ticket: 6645 target_version: 1.8 tags: pullup git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23663 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit (git 2.34.1) at 2025-10-05 14:01:51 +0000