Tom Yu [Thu, 8 Mar 2012 17:34:15 +0000 (17:34 +0000)]
Ian Abbott reported the bug where krb5_gss_get_name_attribute fails to
set display_value.
ticket: 7087
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25754
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 8 Mar 2012 17:34:12 +0000 (17:34 +0000)]
Mark Davies reported the password expiry message bug
ticket: 7098
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25753
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 8 Mar 2012 17:34:08 +0000 (17:34 +0000)]
Adam Bernstein reported this bug and helped with analysis
ticket: 7092
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25752
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 7 Mar 2012 23:44:36 +0000 (23:44 +0000)]
Pull up r25730 from trunk
------------------------------------------------------------------------
r25730 | ghudson | 2012-03-05 12:35:14 -0500 (Mon, 05 Mar 2012) | 15 lines
ticket: 7098
subject: Fix spurious password expiry warning
target_version: 1.9.4
tags: pullup
r24241 (#6755) introduced a bug where if the KDC sends a LastReq entry
containing an account expiry time, we send a prompter warning for
password expiry even if there was no entry containing a password
expiry time. Typically, this results in the message "Warning: Your
password will expire in less than one hour on Thu Jan 1 12:00:00
1970".
Fix this by explicitly checking for pw_exp == 0 in warn_pw_expiry()
after we've gotten past the conditional for invoking the callback.
ticket: 7098
version_fixed: 1.10.1
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25741
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 7 Mar 2012 23:44:32 +0000 (23:44 +0000)]
Pull up r25723 from trunk
------------------------------------------------------------------------
r25723 | ghudson | 2012-03-01 15:49:17 -0500 (Thu, 01 Mar 2012) | 16 lines
ticket: 7096
subject: Fix KDB iteration when callback does write calls
target_version: 1.10.1
tags: pullup
kdb_db2's ctx_iterate makes an convenience alias to dbc->db in order
to call more invoke call the DB's seq method. This alias may become
invalidated if the callback writes to the DB, since ctx_lock() may
re-open the DB in order to acquire a write lock. Fix the bug by
getting rid of the convenience alias.
Most KDB iteration operations in the code base do not write to the DB,
but kdb5_util update_princ_encryption does.
Bug discovered and diagnosed by will.fiveash@oracle.com.
ticket: 7096
version_fixed: 1.10.1
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25740
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 7 Mar 2012 23:44:28 +0000 (23:44 +0000)]
Pull up r25725 from trunk, along with backport of r25703
------------------------------------------------------------------------
r25725 | tlyu | 2012-03-02 17:24:38 -0500 (Fri, 02 Mar 2012) | 4 lines
ticket: 7092
Add test cases for Windows RODC kvno compatibility
------------------------------------------------------------------------
r25703 | ghudson | 2012-02-21 13:57:44 -0500 (Tue, 21 Feb 2012) | 15 lines
ticket: 7092
subject: kvno ASN.1 encoding interop with Windows RODCs
RFC 4120 defines the EncryptedData kvno field as an integer in the
range of unsigned 32-bit numbers. Windows encodes and decodes the
field as a signed 32-bit integer. Historically we do the same in our
encoder in 1.6 and prior, and in our decoder through 1.10. (Actually,
our decoder through 1.10 decoded the value as a long and then cast the
result to unsigned int, so it would accept positive values >= 2^31 on
64-bit platforms but not on 32-bit platforms.)
kvno values that large (or negative) are only likely to appear in the
context of Windows read-only domain controllers. So do what Windows
does instead of what RFC 4120 says.
ticket: 7092
status: resolved
version_fixed: 1.10.1
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25739
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 7 Mar 2012 23:44:20 +0000 (23:44 +0000)]
Pull up r25716 from trunk
------------------------------------------------------------------------
r25716 | tlyu | 2012-02-27 13:31:50 -0500 (Mon, 27 Feb 2012) | 6 lines
ticket: 7074
target_version: 1.10.1
tags: pullup
Patch from Richard Basch to work around Solaris 8 lacking isblank().
ticket: 7074
version_fixed: 1.10.1
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25738
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 22 Feb 2012 04:11:56 +0000 (04:11 +0000)]
Pull up r25704 from trunk
------------------------------------------------------------------------
r25704 | ghudson | 2012-02-21 14:14:47 -0500 (Tue, 21 Feb 2012) | 15 lines
ticket: 7093
subject: Access controls for string RPCs [CVE-2012-1012]
target_version: 1.10.1
tags: pullup
In the kadmin protocol, make the access controls for
get_strings/set_string mirror those of get_principal/modify_principal.
Previously, anyone with global list privileges could get or modify
string attributes on any principal. The impact of this depends on how
generous the kadmind acl is with list permission and whether string
attributes are used in a deployment (nothing in the core code uses
them yet).
CVSSv2 vector: AV:N/AC:M/Au:S/C:P/I:P/A:N/E:H/RL:O/RC:C
ticket: 7093
version_fixed: 1.10.1
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25709
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 22 Feb 2012 04:11:51 +0000 (04:11 +0000)]
Pull up r25700 from trunk
------------------------------------------------------------------------
r25700 | ghudson | 2012-02-14 13:26:50 -0500 (Tue, 14 Feb 2012) | 9 lines
ticket: 7089
subject: Initialize gss_get_name_attribute output buffers
target_version: 1.10.1
tags: pullup
GSS functions which accept gss_buffer_t output arguments should
initialize those buffers to empty on startup (see gss_wrap, for
instance). Do so for gss_get_name_attribute in the mechglue.
ticket: 7089
version_fixed: 1.10.1
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25708
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 22 Feb 2012 04:11:45 +0000 (04:11 +0000)]
Pull up r25674 from trunk
------------------------------------------------------------------------
r25674 | ghudson | 2012-02-06 18:19:08 -0500 (Mon, 06 Feb 2012) | 18 lines
ticket: 7087
status: open
target_version: 1.10.1
tags: pullup
Set display_value in krb5_gss_get_name_attribute
A backwards conditional in r25358 caused krb5_gss_get_name_attribute
not to set display_value on success. Fix the sense of the
conditional.
We still don't quite correctly handle the cases where data_to_gss()
fails, but those should be rare and the problem in those cases isn't
severe, so it can be fixed separately.
Also, value and display_value should probably be initialized to null
buffers on failure, as is common with GSS interfaces.
ticket: 7087
version_fixed: 1.10.1
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25707
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 10 Feb 2012 21:19:13 +0000 (21:19 +0000)]
Pull up r25679 from trunk
------------------------------------------------------------------------
r25679 | ghudson | 2012-02-07 10:45:59 -0500 (Tue, 07 Feb 2012) | 9 lines
ticket: 7088
subject: Fix uninitialized variable warning in trval.c
target_version: 1.10.1
tags: pullup
gcc -O3 is agressive enough to detect that do_cons() doesn't always
set the value of rlen2, so trval2() gets a maybe-uninitialized
warning. Squash it by initializing rlen2.
ticket: 7088
version_fixed: 1.10.1
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25683
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 10 Feb 2012 21:19:10 +0000 (21:19 +0000)]
Pull up r25666 from trunk
------------------------------------------------------------------------
r25666 | ghudson | 2012-01-31 16:35:34 -0500 (Tue, 31 Jan 2012) | 12 lines
ticket: 7084
subject: Don't check mech in krb5_gss_inquire_cred_by_mech
target_version: 1.10.1
tags: pullup
krb5_gss_inquire_cred_by_mech checks its mech argument against two of
the four mechs a krb5 cred might have (the krb5 mech and the old krb5
mech, but not the wrong Microsoft mech or the IAKERB mech), so would
spuriously fail for the other two mechs. There is no reason to check
the mechanism if we assume a reasonable mechglue is interpreting
application gss_inquire_cred_by_mech calls, so just remove the check.
ticket: 7084
version_fixed: 1.10.1
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25682
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 10 Feb 2012 21:19:07 +0000 (21:19 +0000)]
Pull up r25660 from trunk
------------------------------------------------------------------------
r25660 | ghudson | 2012-01-26 16:56:16 -0500 (Thu, 26 Jan 2012) | 22 lines
ticket: 7082
subject: Various lookaside cache fixes
target_version: 1.10
tags: pullup
Don't touch the lookaside cache if we're responding with a lookaside
cache entry. Also, leave the null entry behind if we're deliberately
dropping a request (a rare case) so that we don't have to process it
again. Fixes several lookaside problems in 1.10:
* When dropping a request because it was already being processed, we
were erroneously removing the null entry, causing us to process the
request again upon a second retransmit.
* When responding to a finished request with a lookaside entry, we
were removing and re-adding the entry to the cache, resetting its
time and performing unnecessary work.
* We were not caching responses we couldn't deliver because they were
too big for UDP, causing us to re-process the request when it came
in again via TCP instead of simply delivering the cached response.
ticket: 7082
version_fixed: 1.10.1
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25681
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 10 Feb 2012 21:19:01 +0000 (21:19 +0000)]
Pull up r25659 from trunk
------------------------------------------------------------------------
r25659 | ghudson | 2012-01-26 12:01:05 -0500 (Thu, 26 Jan 2012) | 10 lines
ticket: 7081
subject: Don't use stack variable address in as_req state
target_version: 1.10
tags: pullup
The KDC's process_as_req was storing the address of a stack variable
(client_princ), which fails if the request is not immediately
serviced. Move that variable to the state structure so its address
remains valid for the lifetime of the request.
ticket: 7081
version_fixed: 1.10.1
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25680
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 27 Jan 2012 20:16:21 +0000 (20:16 +0000)]
krb5-1.10-postrelease
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25664
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 27 Jan 2012 19:42:58 +0000 (19:42 +0000)]
README and patchlevel.h for krb5-1.10
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25662
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 18 Jan 2012 16:37:02 +0000 (16:37 +0000)]
Use INSTALL_DATA to install message catalogues
Pull up r25492 from trunk
------------------------------------------------------------------------
r25492 | hartmans | 2011-11-29 16:22:26 -0500 (Tue, 29 Nov 2011) | 4 lines
ticket: new target_version: 1.10 tags: pullup subject: Use INSTALL_DATA to install message catalogues
Use INSTALL_DATA to avoid marking .mo files executable
ticket: 7078
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25656
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 18 Jan 2012 16:36:57 +0000 (16:36 +0000)]
LIBS should not include PKINIT_CRYPTO_IMPL_LIBS
Pull up r25491 from trunk
------------------------------------------------------------------------
r25491 | hartmans | 2011-11-29 16:22:21 -0500 (Tue, 29 Nov 2011) | 6 lines
ticket: new Subject: LIBS should not include PKINIT_CRYPTO_IMPL_LIBS tags: pullup target_version: 1.10
AC_CHECK_LIB should put -lcrypto in PKINIT_CRYPTO_IMPL_LIBS not LIBS
for pkinit. A similar problem exists for crypto_impl and is not
addressed by this patch.
ticket: 7077
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25655
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 11 Jan 2012 23:46:42 +0000 (23:46 +0000)]
krb5-1.10-beta1-postrelease
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25647
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 11 Jan 2012 23:32:56 +0000 (23:32 +0000)]
README and patchlevel.h for krb5-1.10-beta1
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25645
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 11 Jan 2012 03:59:22 +0000 (03:59 +0000)]
Pull up r25584 from trunk
------------------------------------------------------------------------
r25584 | ghudson | 2011-12-12 19:53:56 -0500 (Mon, 12 Dec 2011) | 9 lines
ticket: 7051
subject: krb5_server_decrypt_ticket_keytab wrongly succeeds
If krb5_server_decrypt_ticket_keytab doesn't find a key of the
appropriate enctype in an iterable keytab, it returns 0 (without
decrypting the ticket) due to a misplaced initialization of retval.
This bug causes kinit -k to claim "keytab entry valid" when it
shouldn't. Reported by mark@mproehl.net.
ticket: 7051
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25641
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 10 Jan 2012 21:36:47 +0000 (21:36 +0000)]
Pull up r25605 from trunk
------------------------------------------------------------------------
r25605 | ghudson | 2011-12-27 20:31:59 -0500 (Tue, 27 Dec 2011) | 7 lines
ticket: 7057
Fix implicit declaration in ksu for some builds
ksu's setenv implementation needs to include <string.h> for memcpy.
Patch from basch@alum.mit.edu.
ticket: 7057
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25639
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 10 Jan 2012 17:52:37 +0000 (17:52 +0000)]
Pull up r25633 from trunk
------------------------------------------------------------------------
r25633 | tlyu | 2012-01-09 23:23:56 -0500 (Mon, 09 Jan 2012) | 8 lines
ticket: 7067
subject: documentation license to CC-BY-SA 3.0 Unported
target_version: 1.10
tags: pullup
Update documentation license to Creative Commons
Attribution-ShareAlike 3.0 Unported.
ticket: 7067
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25637
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 10 Jan 2012 17:43:23 +0000 (17:43 +0000)]
Pull up r25631 from trunk
------------------------------------------------------------------------
r25631 | tlyu | 2012-01-09 16:35:30 -0500 (Mon, 09 Jan 2012) | 7 lines
ticket: 7065
subject: delete duplicate NOTICE file
status: open
Delete the duplicate NOTICE file, as it is checked into the tree and
relative include paths work for sphinx.
ticket: 7065
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25636
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 9 Jan 2012 21:23:48 +0000 (21:23 +0000)]
Pull up r25621 from trunk
------------------------------------------------------------------------
r25621 | ghudson | 2012-01-07 15:57:36 -0500 (Sat, 07 Jan 2012) | 9 lines
ticket: 7060
subject: Convert securid module edata method
target_version: 1.10
tags: pullup
r25348 made modified the edata method of the kdcpreauth interface to
be async-capable, but neglected to convert the securid_sam2 module's
edata function. Do that now.
ticket: 7060
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25630
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 9 Jan 2012 21:23:46 +0000 (21:23 +0000)]
Pull up r25598 from trunk
------------------------------------------------------------------------
r25598 | ghudson | 2011-12-20 13:08:07 -0500 (Tue, 20 Dec 2011) | 7 lines
Table of Contents.hhc -> Table_of_Contents.hhc
Avoid using spaces in filenames as it makes searching the source
tree less convenient on Unix.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7055
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25629
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 9 Jan 2012 21:23:43 +0000 (21:23 +0000)]
Pull up r25591, r25604 from trunk
------------------------------------------------------------------------
r25604 | ghudson | 2011-12-27 01:39:07 -0500 (Tue, 27 Dec 2011) | 4 lines
ticket: 6936
Fix an unlikely memory leak in r25591
------------------------------------------------------------------------
r25591 | ghudson | 2011-12-16 18:19:01 -0500 (Fri, 16 Dec 2011) | 14 lines
ticket: 6936
target_version: 1.10
tags: pullup
Do mech fallback for first SPNEGO context token
When producing the first SPNEGO security context token, if the first
mechanism's init_sec_context fails, fall back to a later mechanism.
This fixes a regression in 1.10 for SPNEGO initiators using non-krb5
credentials. The identity selection work causes errors to be deferred
from krb5's acquire_cred in some cases, which means SPNEGO doesn't see
an error until it tries the krb5 init_sec_context.
ticket: 6936
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25628
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 9 Jan 2012 21:23:40 +0000 (21:23 +0000)]
Pull up r25590 from trunk
------------------------------------------------------------------------
r25590 | ghudson | 2011-12-16 18:18:54 -0500 (Fri, 16 Dec 2011) | 11 lines
ticket: 7053
subject: Verify acceptor's mech in SPNEGO initiator
target_version: 1.10
tags: pullup
In spnego_gss_ctx_id_rec, store the set of negotiable mechanisms as
well as the currently selected internal_mech, which becomes an alias
into mech_set. In init_ctx_reselect, locate the acceptor's counter-
proposal in sc->mech_set and consider the token defective if it is not
found.
ticket: 7053
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25627
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 22 Dec 2011 21:27:16 +0000 (21:27 +0000)]
Update acknowledgments and some summary info
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25603
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 20 Dec 2011 04:01:28 +0000 (04:01 +0000)]
krb5-1.10-alpha2-postrelease
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25597
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 19 Dec 2011 21:21:58 +0000 (21:21 +0000)]
README and patchlevel.h for krb5-1.10-alpha2
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25595
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 14 Dec 2011 23:32:41 +0000 (23:32 +0000)]
pull up r25536 from trunk
------------------------------------------------------------------------
r25536 | ghudson | 2011-12-09 12:57:52 -0500 (Fri, 09 Dec 2011) | 8 lines
ticket: 7049
subject: Fix subkey memory leak in krb5_get_credentials
target_version: 1.10
tags: pullup
If a get_credentials operation requires multiple TGS requests, we need
to free the subkey from previous requests before saving a new one.
ticket: 7049
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25586
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 14 Dec 2011 00:07:54 +0000 (00:07 +0000)]
Squash commits for KfW updates
windows ccapiserver: replace Sleep with event wait
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
fix warning in test_cc_credentials_iterator_next.c
include test_ccapi_iterators.h for check_cc_credentials_iterator_next
Make ccapiserver exit if its receiveloop thread terminates for any reason.
This happens, for example, when the rpc endpoint is already registered
by another ccapiserver process. There's no reason to leave a zombie
process running that can't receive messages.
windows ccapi: launch server without console by default.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
windows ccapi: use a random challenge to authenticate ccapiserver.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
LeashView.cpp: only specify TVIF_TEXT if there is actually text.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw installer: add runtime.wxi WIXINCLUDES in Makefile to fix dependencies.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
Windows leash64 fixes: use proper names for leash and krb5 dlls
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
Windows leash fixes: 'make install' installs leash exes.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw installer: use MSVC 2010 merge modules
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw installer: install leash32.exe
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw: clean out unused #defines from Lglobals.h
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw: use correct message id to obtain tgt from leash
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw: update copyright notice in license.rtf
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw fixes: install xpprof32
TODO: xpprof64!
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw installer: purge support for old compilers
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw installer: don't build installer into installer
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw fixes: make leash ignore credentials that store config principals.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw fix: make Leash_kdestroy() actually destroy k5 tickets
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw fix: Add custom "Password incorrect" message to Leash_int_kinit_ex()
Overrides obscure KRB5KRB_AP_ERR_BAD_INTEGRITY message.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw fixes: define USE_MESSAGE_BOX in leashdll code for user feedback.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw fixes: krb5_get_init_creds_opt_init->krb5_get_init_creds_opt_alloc
Should enable leash to generate config credentials (needs verification!)
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw fix: int -> size_t to fix warning in krb5routines.c
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw fix: restructure low ticket warning popup code to workaround mfc bug
mfc bug causes assertions when dialog is generated from
within PreTranslateMessages() (MSG input param points to a global
variable which is corrupted in the dialog message loop). So we need
to instead PostMessage() to cause the popup later.
Also fixed logic to cause warning dialog to actually be modal as intended
when the leash window is not minimized.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw fixes: fix _snprintf usage; use full error code in leash_error_message
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw fixes: ccapiserver only quits after all clients detach.
Not sure if this is really a good idea or not...
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw: generate manifests
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw installer: generate leash shortcuts (desktop and start menu)
...also install xpprof64
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw: fix 'K5_ORIGINAL_NAME' for 64 bit dlls.
...still need to actually to define _WIN64 for rc.exe though
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw installer: purge bufferoverflowu from custom.dll
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw: rename leash32/64.exe to simply leash.exe
Also install leash.exe in 64 bit installer.
Split cci_thread_init into per-process and per-thread portions
Call the per-thread code on thread attach and per-process once per
process. Previously, while the function was named 'thread', it was
only actually called once per process. Currently, the per-thread
code does nothing on non-windows platforms and is not even actually
invoked.
Fixes a windows bug when multiple non-main threads try to use ccapi
at the same time.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw leash: add -console option to create console for debug output
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw: use _WIN64 names where appropriate
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw leash: bracket krb.con code with #ifndef NO_KRB4
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw installer: install krb5.ini to CommonAppDataFolder, not WindowsFolder
...but only if there isn't already a krb5.ini in the WindowsFolder.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw: "make install" also installs pdbs
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw installer: leash32.pdb->leash.pdb
kfw installer: add site-local.wxi
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw: leash htmlhelp file source
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw: use html help in leash
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw: "make install" installs htmlhelp (leash.chm)
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw installer: install leash help file (leash.chm)
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw: remove line breaks from html to fix table of contents generation
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw leash help: fix/add aliases for command help
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
kfw leash: fix bad data in get tickets dialog when -autoinit specified
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7050
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25585
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Wed, 7 Dec 2011 05:26:47 +0000 (05:26 +0000)]
Make depend
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25528
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 6 Dec 2011 20:52:18 +0000 (20:52 +0000)]
pull up r25525 from trunk
------------------------------------------------------------------------
r25525 | tlyu | 2011-12-06 15:42:46 -0500 (Tue, 06 Dec 2011) | 8 lines
ticket: 7042
subject: SA-2011-007 KDC null pointer deref in TGS handling [CVE-2011-1530]
target_version: 1.10
tags: pullup
Fix a null pointer dereference condition that could cause a denial of
service.
ticket: 7042
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25526
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Tue, 6 Dec 2011 00:07:11 +0000 (00:07 +0000)]
pull up r25504 from trunk
------------------------------------------------------------------------
r25504 | ghudson | 2011-12-04 17:38:36 -0500 (Sun, 04 Dec 2011) | 20 lines
ticket: 7033
target_version: 1.10
tags: pullup
Set a default enctype for optimistic preauth
When the client application requests optimistic preauth for a preauth
type which uses the password, we don't have an etype-info2 to
interpret since we haven't talked to the KDC. So we need to guess an
enctype, salt, and s2k parameters. In 1.9 and prior, encrypted
timestamp contained code to use the first requested enctype in this
case, but encrypted challenge did not. In 1.10 prior to this change,
neither mechanism uses a reasonable default.
Set a default enctype in krb5_init_creds_init so that all
password-based preauth mechanisms will use a reasonable default in the
optimistic preauth case. The default salt and s2k parameters for this
case will be the principal-based default salt and the enctype-based
default parameters.
ticket: 7033
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25524
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 5 Dec 2011 23:43:31 +0000 (23:43 +0000)]
pull up r25500 from trunk
------------------------------------------------------------------------
r25500 | hartmans | 2011-12-02 14:42:12 -0500 (Fri, 02 Dec 2011) | 7 lines
ticket: 7038
subject: Added support for loading of Krb5.ini from Windows APPDATA
target_version: 1.10
tags: pullup
Signed-off-by: Alexey Melnikov <aamelnikov@gmail.com>
ticket: 7038
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25523
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 5 Dec 2011 23:43:28 +0000 (23:43 +0000)]
pull up r25499 from trunk
------------------------------------------------------------------------
r25499 | hartmans | 2011-12-02 14:20:54 -0500 (Fri, 02 Dec 2011) | 7 lines
ticket: 7037
subject: Use LsaDeregisterLogonProcess(), not CloseHandle()
target_version: 1.10
tags: pullup
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7037
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25522
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 5 Dec 2011 23:43:25 +0000 (23:43 +0000)]
pull up r25498 from trunk
------------------------------------------------------------------------
r25498 | hartmans | 2011-12-02 13:52:22 -0500 (Fri, 02 Dec 2011) | 8 lines
ticket: 7036
subject: Fix free ofuninitialized memory in sname_to_princ
tags: pullup
Target_Version: 1.10
Fix free of uninitialized memory in error case introduced in 1.10
development cycle.
ticket: 7036
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25521
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 5 Dec 2011 23:43:23 +0000 (23:43 +0000)]
pull up r25497 from trunk
------------------------------------------------------------------------
r25497 | hartmans | 2011-12-02 13:52:19 -0500 (Fri, 02 Dec 2011) | 7 lines
ticket: 7035
subject: krb5_lcc_store() now ignores config credentials
target_version: 1.10
tags: pullup
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7035
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25520
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 5 Dec 2011 23:43:17 +0000 (23:43 +0000)]
pull up r25496 from trunk
------------------------------------------------------------------------
r25496 | hartmans | 2011-12-02 13:52:12 -0500 (Fri, 02 Dec 2011) | 11 lines
ticket: 7034
subject: mk_cred: memory management
target_version: 1.10
tags: pullup
Fix for mk_cred.c: calloc() not malloc()
Avoid calling free() in cleanup on uninitialized sub-ptrs if error occurs.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7034
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25519
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 5 Dec 2011 23:43:14 +0000 (23:43 +0000)]
pull up r25494 from trunk
------------------------------------------------------------------------
r25494 | hartmans | 2011-11-29 18:11:13 -0500 (Tue, 29 Nov 2011) | 7 lines
ticket: 7030
subject: Ldap dependency for parallel builds
tags: pullup
target_version: 1.10
The ldap plugin needs to declare a dependency on the ldap library
ticket: 7030
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25518
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 5 Dec 2011 23:43:11 +0000 (23:43 +0000)]
pull up r25493 from trunk
------------------------------------------------------------------------
r25493 | ghudson | 2011-11-29 17:49:56 -0500 (Tue, 29 Nov 2011) | 9 lines
ticket: 7029
subject: Fix --with-system-verto without pkg-config
target_version: 1.10
tags: pullup
If we're using the system verto and pkg-config isn't found but
libverto is, set VERTO_LIBS to just -lverto as there won't be a k5ev
module.
ticket: 7029
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25517
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 5 Dec 2011 23:12:03 +0000 (23:12 +0000)]
pull up r25486 from trunk
------------------------------------------------------------------------
r25486 | hartmans | 2011-11-22 20:00:27 -0500 (Tue, 22 Nov 2011) | 14 lines
ticket: new
subject: FAST PKINIT
target_version: 1.10
tags: pullup
Per RFC 6113 fast should use the inner request body for the pkinit
checksum. We did that on the KDC; now do so on the client. Remove
code that explicitly blocked pkinit under FAST.
Also, use the reply key *before* the strengthen key is applied when
verifying the PADATA_PKINIT_KX.
Add FAST pkinit test.
ticket: 7027
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25516
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 5 Dec 2011 23:11:57 +0000 (23:11 +0000)]
pull up r25483 and r25484 from trunk
------------------------------------------------------------------------
r25484 | ghudson | 2011-11-22 12:48:29 -0500 (Tue, 22 Nov 2011) | 7 lines
ticket: 7023
Fix compile error in previous change
A last-minute code editing mistake crept into the previous commit; fix
it.
------------------------------------------------------------------------
r25483 | ghudson | 2011-11-21 16:14:39 -0500 (Mon, 21 Nov 2011) | 21 lines
ticket: 7023
subject: Clean up client-side preauth error data handling
target_version: 1.10
tags: pullup
Change the clpreauth tryagain method to accept a list of pa-data,
taken either from the FAST response or from decoding the e_data as
either pa-data or typed-data. Also change the in_padata argument to
contain just the type of the request padata rather than the whole
element, since modules generally shouldn't care about the contents of
their request padata (or they can remember it).
In krb5int_fast_process_error, no longer re-encode FAST pa-data as
typed-data for the inner error e_data, but decode traditional error
e_data for all error types, and try both pa-data and typed-data
encoding.
In PKINIT, try all elements of the new pa-data list, since it may
contain FAST elements as well as the actual PKINIT array. (Fixes an
outstanding bug in FAST PKINIT.)
ticket: 7023
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25515
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 5 Dec 2011 20:53:52 +0000 (20:53 +0000)]
pull up r25480 from trunk
------------------------------------------------------------------------
r25480 | ghudson | 2011-11-20 00:19:45 -0500 (Sun, 20 Nov 2011) | 13 lines
ticket: 7021
subject: Fix failure interval of 0 in LDAP lockout code
target_version: 1.10
tags: pullup
A failure count interval of 0 caused krb5_ldap_lockout_check_policy to
pass the lockout check (but didn't cause a reset of the failure count
in krb5_ldap_lockout_audit). It should be treated as forever, as in
the DB2 back end.
This bug is the previously unknown cause of the assertion failure
fixed in CVE-2011-1528.
ticket: 7021
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25512
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 5 Dec 2011 20:32:57 +0000 (20:32 +0000)]
pull up r25482 from trunk
------------------------------------------------------------------------
r25482 | ghudson | 2011-11-21 12:30:41 -0500 (Mon, 21 Nov 2011) | 10 lines
ticket: 7020
target_version: 1.10
tags: pullup
Recognize IAKERB mech in krb5_gss_display_status
Minor status codes were not displaying properly when originated from
the IAKERB mech, because of a safety check on mech_type. From Ralf
Haferkamp <rhafer@suse.de>.
ticket: 7020
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25511
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 5 Dec 2011 20:16:05 +0000 (20:16 +0000)]
pull up r25475 and r25479 from trunk
------------------------------------------------------------------------
r25479 | ghudson | 2011-11-19 17:06:15 -0500 (Sat, 19 Nov 2011) | 8 lines
ticket: 7019
Improve documentation in preauth_plugin.h
Also declare the verto_context structure to ensure that it is has the
proper scope when used as the return type of the event_context
callback.
------------------------------------------------------------------------
r25475 | ghudson | 2011-11-14 21:42:58 -0500 (Mon, 14 Nov 2011) | 9 lines
ticket: 7019
subject: Make verto context available to kdcpreauth modules
target_version: 1.10
tags: pullup
Add an event_context callback to kdcpreauth. Adjust the internal KDC
and main loop interfaces to pass around the event context, and expose
it to kdcpreauth modules via the rock.
ticket: 7019
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25510
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 5 Dec 2011 19:44:11 +0000 (19:44 +0000)]
pull up r25474 from trunk
------------------------------------------------------------------------
r25474 | ghudson | 2011-11-14 20:59:01 -0500 (Mon, 14 Nov 2011) | 10 lines
ticket: 7018
subject: Update verto to 0.2.2 release
target_version: 1.10
tags: pullup
Update verto sources to 0.2.2 release versions. verto_reinitialize()
now has a return value; check it in kdc/main.c. Store verto-libev.c
alongside verto-k5ev.c to make it easy to diff corresponding versions
when updating.
ticket: 7018
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25509
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 5 Dec 2011 19:44:05 +0000 (19:44 +0000)]
pull up r25473 from trunk
------------------------------------------------------------------------
r25473 | ghudson | 2011-11-14 16:45:33 -0500 (Mon, 14 Nov 2011) | 16 lines
ticket: 7017
subject: Simplify and fix kdcpreauth request_body callback
target_version: 1.10
tags: pullup
Alter the contract for the kdcpreauth request_body callback so that it
returns an alias to the encoded body instead of a fresh copy. At the
beginning of AS request processing, save a copy of the encoded request
body, or the encoded inner request body for FAST requests. Previously
the request_body callback would re-encode the request structure, which
in some cases has been modified by the AS request code.
No kdcpreauth modules currently use the request_body callback, but
PKINIT will need to start using it in order to handle FAST requests
correctly.
ticket: 7017
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25508
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 5 Dec 2011 19:01:49 +0000 (19:01 +0000)]
Handle TGS referrals to the same realm
pull up r25472 from trunk
------------------------------------------------------------------------
r25472 | ghudson | 2011-11-14 13:02:52 -0500 (Mon, 14 Nov 2011) | 12 lines
ticket: 7016
subject: Handle TGS referrals to the same realm
target_version: 1.9.3
tags: pullup
krb5 1.6 through 1.8 contained a workaround for the Active Directory
behavior of returning a TGS referral to the same realm as the request.
1.9 responds to this behavior by caching the returned TGT, trying
again, and detecting a referral loop. This is a partial regression of
ticket #4955. Detect this case and fall back to a non-referreal
request.
ticket: 7039
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25507
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 2 Dec 2011 21:20:22 +0000 (21:20 +0000)]
pull up r25470 from trunk
------------------------------------------------------------------------
r25470 | ghudson | 2011-11-12 17:03:54 -0500 (Sat, 12 Nov 2011) | 9 lines
ticket: 7015
subject: Add plugin interface_names entry for ccselect
target_version: 1.10
tags: pullup
When the ccselect pluggable interface was added, the interface_names
table wasn't updated, so configuring modules for it wouldn't work.
Add it now.
ticket: 7015
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25503
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 2 Dec 2011 21:20:18 +0000 (21:20 +0000)]
pull up r25468 from trunk
------------------------------------------------------------------------
r25468 | ghudson | 2011-11-10 23:04:58 -0500 (Thu, 10 Nov 2011) | 12 lines
ticket: 7014
subject: Fix com_err.h dependencies in gss-kernel-lib
target_version: 1.10
tags: pullup
make check was failing in util/gss-kernel-lib due to dependencies
when the build is configured with --with-system-et, because depfix.pl
wasn't smart enough to substitute the dependency on com_err.h in the
current directory. Make depfix.pl smarter, and adjust COM_ERR_DEPS
to be com_err.h in gss-kernel-lib when building with the bundled
com_err.
ticket: 7014
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25502
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 2 Dec 2011 21:20:13 +0000 (21:20 +0000)]
pull up r25469 from trunk
------------------------------------------------------------------------
r25469 | ghudson | 2011-11-11 12:01:12 -0500 (Fri, 11 Nov 2011) | 14 lines
ticket: 6430
subject: Avoid looping when preauth can't be generated
target_version: 1.10
tags: pullup
If we receive a PREAUTH_REQUIRED error and fail to generate any real
preauthentication, error out immediately instead of continuing to
generate non-preauthenticated requests until we hit the loop count.
There is a lot of room to generate a more meaningful error about why
we failed to generate preauth (although in many cases the answer may
be too complicated to explain in an error message), but that requires
more radical restructuring of the preauth framework.
ticket: 6430
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25501
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 7 Nov 2011 22:51:36 +0000 (22:51 +0000)]
pull up r25424 from trunk
------------------------------------------------------------------------
r25424 | ghudson | 2011-10-31 12:43:40 -0400 (Mon, 31 Oct 2011) | 9 lines
ticket: 6996
subject: Make krb5_check_clockskew public
target_version: 1.10
tags: pullup
Rename krb5int_check_clockskew to krb5_check_clockskew and make it
public, in order to give kdcpreauth plugins a way to check timestamps
against the configured clock skew.
ticket: 6996
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25456
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 7 Nov 2011 22:35:54 +0000 (22:35 +0000)]
pull up r25444 from trunk
------------------------------------------------------------------------
r25444 | ghudson | 2011-11-06 00:32:34 -0500 (Sun, 06 Nov 2011) | 10 lines
ticket: 7003
subject: Fix month/year units in getdate
target_version: 1.10
tags: pullup
getdate strings like "1 month" or "next year" would fail some of the
time, depending on the value of stack garbage, because DSTcorrect()
doesn't set *error on success and RelativeMonth() doesn't initialize
error. Make DSTcorrect() responsible for setting *error in all cases.
ticket: 7003
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25455
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 7 Nov 2011 22:35:51 +0000 (22:35 +0000)]
pull up r25443 from trunk
------------------------------------------------------------------------
r25443 | ghudson | 2011-11-05 15:55:34 -0400 (Sat, 05 Nov 2011) | 11 lines
ticket: 7002
target_version: 1.10
tags: pullup
Improve verto and libev documentation
NOTICE was missing the copyright statement for verto (it's not quite
the same as other Red Hat licenses). util/verto had no README file,
and neither the verto nor k5ev README contained pointers to the
upstream project pages.
ticket: 7002
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25454
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 7 Nov 2011 22:35:48 +0000 (22:35 +0000)]
pull up r25433 from trunk
------------------------------------------------------------------------
r25433 | ghudson | 2011-11-04 01:53:23 -0400 (Fri, 04 Nov 2011) | 9 lines
ticket: 7000
subject: Exit on error in kadmind kprop child
target_version: 1.10
tags: pullup
When we fork from kadmind to dump the database and kprop to an iprop
slave, if we encounter an error in the child process we should exit
rather than returning to the main loop.
ticket: 7000
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25453
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 7 Nov 2011 22:35:45 +0000 (22:35 +0000)]
pull up r25445 from trunk
------------------------------------------------------------------------
r25445 | ghudson | 2011-11-06 19:47:20 -0500 (Sun, 06 Nov 2011) | 8 lines
ticket: 6999
target_version: 1.10
tags: pullup
Fix warnings and version check for NSS pkinit
From nalin@redhat.com.
ticket: 6999
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25452
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 7 Nov 2011 22:35:41 +0000 (22:35 +0000)]
pull up r25425 from trunk
------------------------------------------------------------------------
r25425 | ghudson | 2011-10-31 23:49:16 -0400 (Mon, 31 Oct 2011) | 10 lines
ticket: 6997
target_version: 1.10
tags: pullup
Conditionalize po subdir on msgfmt, not dgetext
The presence of dgettext in libc or libintl doesn't imply that msgfmt
is installed, so conditionalize building the po subdir on whether
msgfmt is installed.
ticket: 6997
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25451
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 7 Nov 2011 22:35:39 +0000 (22:35 +0000)]
pull up r25419 from trunk
------------------------------------------------------------------------
r25419 | ghudson | 2011-10-28 11:53:50 -0400 (Fri, 28 Oct 2011) | 11 lines
ticket: 6995
subject: Initialize typed_e_data in as_req_state
target_version: 1.10
tags: pullup
The typed_e_data field in struct as_req_state was not properly
initialized, causing the KDC to sometimes respond with typed-data
e_data for a preauth-required error when the client sends no padata.
This bug was masked with recent clients, which send a
KRB5_ENCPADATA_REQ_ENC_PA_REP padata.
ticket: 6995
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25450
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 7 Nov 2011 22:35:35 +0000 (22:35 +0000)]
pull up r25418 from trunk
------------------------------------------------------------------------
r25418 | ghudson | 2011-10-28 11:45:03 -0400 (Fri, 28 Oct 2011) | 9 lines
ticket: 6994
subject: Fix intermediate key length in hmac-md5 checksum
target_version: 1.10
tags: pullup
When using hmac-md5, the intermediate key length is the output of the
hash function (128 bits), not the input key length. Relevant if the
input key is not an RC4 key.
ticket: 6994
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25449
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 7 Nov 2011 22:35:32 +0000 (22:35 +0000)]
Fix format string for TRACE_INIT_CREDS_SERVICE
pull up r25417 from trunk
------------------------------------------------------------------------
r25417 | ghudson | 2011-10-26 18:34:21 -0400 (Wed, 26 Oct 2011) | 7 lines
ticket: 6993
subject: Fix format string for TRACE_INIT_CREDS_SERVICE
tags: pullup
target_version: 1.9.2
This should also be pulled up to 1.10.
ticket: 7006
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25448
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 7 Nov 2011 22:35:24 +0000 (22:35 +0000)]
pull up r25414 from trunk
------------------------------------------------------------------------
r25414 | ghudson | 2011-10-25 14:30:14 -0400 (Tue, 25 Oct 2011) | 7 lines
ticket: 6992
subject: Make krb5_find_authdata public
target_version: 1.10
tags: pullup
Rename krb5int_find_authdata to krb5_find_authdata and make it public.
ticket: 6992
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25447
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Sat, 5 Nov 2011 00:03:44 +0000 (00:03 +0000)]
Update acknowledgments
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25442
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 21 Oct 2011 18:03:54 +0000 (18:03 +0000)]
krb5-1.10-alpha1-postrelease
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25402
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 21 Oct 2011 18:02:10 +0000 (18:02 +0000)]
README and patchlevel.h for krb5-1.10-alpha1
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25400
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 21 Oct 2011 17:58:47 +0000 (17:58 +0000)]
pull up r25395 from trunk
------------------------------------------------------------------------
r25395 | tlyu | 2011-10-21 13:35:49 -0400 (Fri, 21 Oct 2011) | 10 lines
ticket: 6989
subject: fix tar invocation in mkrel
target_version: 1.10
tags: pullup
Fix the tar invocation in mkrel so that it defaults to using "tar" as
the tar program rather than "gtar".
This should probably be pulled up to at least 1.9 and 1.8 as well.
ticket: 6989
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25399
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 20 Oct 2011 22:19:39 +0000 (22:19 +0000)]
Fix patchlevel.h for krb5-1.10 branch
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25392
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 20 Oct 2011 22:13:09 +0000 (22:13 +0000)]
Update README for 1.10 branch
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25391
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 20 Oct 2011 19:27:46 +0000 (19:27 +0000)]
pull up r25385 from trunk
------------------------------------------------------------------------
r25385 | ghudson | 2011-10-20 11:16:03 -0400 (Thu, 20 Oct 2011) | 9 lines
ticket: 6988
subject: Fix handling of null edata method in KDC preauth
target_version: 1.10
tags: pullup
Correctly include an empty padata value if a KDC preauth system has no
get_edata method. This bug prevented the KDC from indicating FAST
support in preauth-required errors.
ticket: 6988
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25389
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 20 Oct 2011 19:27:43 +0000 (19:27 +0000)]
pull up r25384 from trunk
------------------------------------------------------------------------
r25384 | ghudson | 2011-10-19 23:45:12 -0400 (Wed, 19 Oct 2011) | 12 lines
ticket: 6987
subject: Fix krb5_cc_set_config
target_version: 1.10
tags: pullup
krb5_cc_set_config has been non-functional since r24753 on cache types
which don't support removal of credential entries. Fix it by only
calling krb5_cc_remove_cred if data is NULL, since krb5_cc_store_cred
will do it anyway in the positive case.
Also fix an old memory leak in an uncommon error case.
ticket: 6987
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25388
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 20 Oct 2011 19:27:38 +0000 (19:27 +0000)]
pull up r25368 from trunk
------------------------------------------------------------------------
r25368 | tlyu | 2011-10-18 14:51:35 -0400 (Tue, 18 Oct 2011) | 8 lines
ticket: 6981
subject: SA-2011-006 KDC denial of service [CVE-2011-1527 CVE-2011-1528 CVE-2011-1529]
target_version: 1.10
tags: pullup
Fix null pointer dereference and assertion failure conditions that
could cause a denial of service.
ticket: 6981
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25387
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Thu, 20 Oct 2011 19:27:32 +0000 (19:27 +0000)]
pull up r25367 from trunk
------------------------------------------------------------------------
r25367 | ghudson | 2011-10-18 12:32:28 -0400 (Tue, 18 Oct 2011) | 12 lines
ticket: 6980
subject: Ensure termination in Windows vsnprintf wrapper
target_version: 1.10
tags: pullup
The Windows _vsnprintf does not terminate its output buffer in the
overflow case. Make sure we do that in the wrapper. Reported by
Chris Hecker.
(Not an issue for KfW 3.2 since we weren't using snprintf in 1.6.x
except in Unix-specific code.)
ticket: 6980
version_fixed: 1.10
status: resolved
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25386
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 17 Oct 2011 22:55:44 +0000 (22:55 +0000)]
branch for krb5-1.10 release
git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-10@25366
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 17 Oct 2011 22:54:12 +0000 (22:54 +0000)]
Bump release numbers in definitions.texinfo
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25365
dc483132-0cff-0310-8789-
dd5450dbe970
Zhanna Tsitkov [Mon, 17 Oct 2011 20:17:08 +0000 (20:17 +0000)]
Noted that kadmind should be restarted if its acl file has been changed
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25364
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 17 Oct 2011 19:34:08 +0000 (19:34 +0000)]
Delete Network Identity Manager
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25363
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 17 Oct 2011 19:11:01 +0000 (19:11 +0000)]
Make reindent
Also fix pkinit_crypto_nss.c struct initializers and add parens to a
ternary operator in do_as_req.c for better indentation.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25362
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Mon, 17 Oct 2011 19:10:52 +0000 (19:10 +0000)]
Exclude util/wshelper from reindent
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25361
dc483132-0cff-0310-8789-
dd5450dbe970
Greg Hudson [Mon, 17 Oct 2011 17:15:31 +0000 (17:15 +0000)]
Add AC_LANG_SOURCE to PKINIT NSS version check
The configure.in code for the PKINIT NSS back end version check was
copied from the k5crypto NSS back end version check, but from before
r25181 which added AC_LANG_SOURCE wrappers.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25360
dc483132-0cff-0310-8789-
dd5450dbe970
Greg Hudson [Mon, 17 Oct 2011 04:05:56 +0000 (04:05 +0000)]
Style police
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25359
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Mon, 17 Oct 2011 00:45:30 +0000 (00:45 +0000)]
gssalloc-related fixes to naming_exts.c
renamed kg_data_list_to_buffer_set_nocopy to data_list_buffer_set
(since nocopy is no longer guaranteed).
removed extra indirection to input krb5_data list.
ensured input krb5_data list is always completely freed.
no longer returns EINVAL when output buffer set is NULL.
fixed krb5_gss_get_name_attribute to use data_to_gss.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25358
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Mon, 17 Oct 2011 00:45:23 +0000 (00:45 +0000)]
RFC 4120 says that we should not canonicalize using DNS. We cannot get
that far today, but there's no reason we should fail to use a
perfectly good principal name just because DNS is failing. For some
services there isn't even a requirement they be in DNS. With
AI_ADDRCONFIG there's no reason that Kerberos canonicalization should
fail simply because a v6 address is not present, for example. So, if
getaddrinfo fails in krb5_sname_to_principal simply use the input
hostname uncanonicalized.
sn2princ: On getaddrinfo failure use the input
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25357
dc483132-0cff-0310-8789-
dd5450dbe970
Greg Hudson [Sat, 15 Oct 2011 16:56:30 +0000 (16:56 +0000)]
Allow password changes over NATs
In the kpasswd server code, don't set a remote address in the auth
context before calling krb5_rd_priv, since the kpasswd protocol is
well-protected against reflection attacks. This allows password
changes to work in cases where a NAT has changed the client IP address
as it is seen by the server.
ticket: 6979
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25356
dc483132-0cff-0310-8789-
dd5450dbe970
Greg Hudson [Sat, 15 Oct 2011 16:56:26 +0000 (16:56 +0000)]
Allow rd_priv/rd_safe without remote address
Allow krb5_rd_priv and krb5_rd_safe to work when there is no remote
address set in the auth context, unless the KRB5_AUTH_CONTEXT_DO_TIMES
flag is set (in which case we need the remote address for the replay
cache name). Note that failing to set the remote address can create a
vulnerability to reflection attacks in some protocols, although it is
fairly easy to defend against--either use sequence numbers, or make
sure that requests don't look like replies, or both.
ticket: 6978
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25355
dc483132-0cff-0310-8789-
dd5450dbe970
Greg Hudson [Sat, 15 Oct 2011 16:31:00 +0000 (16:31 +0000)]
Update mit-krb5.pot
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25354
dc483132-0cff-0310-8789-
dd5450dbe970
Greg Hudson [Sat, 15 Oct 2011 16:29:28 +0000 (16:29 +0000)]
Install krb5/preauth_plugin.h
The clpreauth and kdcpreauth pluggable interfaces are public as of
krb5 1.10. Install the header so that preauth modules can be built
outside of the krb5 source tree.
ticket: 6977
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25353
dc483132-0cff-0310-8789-
dd5450dbe970
Greg Hudson [Sat, 15 Oct 2011 16:26:27 +0000 (16:26 +0000)]
Rename PAC type constants to avoid conflicts
Since the PAC type constants are now exposed in krb5.h, give them a
KRB5_ prefix so they don't conflict with similar PAC type constants
in other packages, like Samba.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25352
dc483132-0cff-0310-8789-
dd5450dbe970
Greg Hudson [Sat, 15 Oct 2011 16:06:03 +0000 (16:06 +0000)]
Hide gak_fct interface and arguments in clpreauth
Remove the gak_fct, gak_data, salt, s2kparams, and as_key arguments
of krb5_clpreauth_process_fn and krb5_clpreauth_tryagain_fn. To
replace them, add two callbacks: one which gets the AS key using the
previously selected etype-info2 information, and a second which lets
the module replace the AS key with one it has computed.
This changes limits module flexibility in a few ways. Modules cannot
check whether the AS key was already obtained before asking for it,
and they cannot use the etype-info2 salt and s2kparams for purposes
other than getting the password-based AS key. It is believed that
of existing preauth mechanisms, only SAM-2 preauth needs more
flexibility than the new interfaces provide, and as an internal legacy
mechanism it can cheat. Future mechanisms should be okay since the
current IETF philosophy is that etype-info2 information should not be
used for other purposes.
ticket: 6976
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25351
dc483132-0cff-0310-8789-
dd5450dbe970
Greg Hudson [Sat, 15 Oct 2011 15:35:46 +0000 (15:35 +0000)]
Drop retransmits while processing requests
Supporting asynchronous preauth modules means that the KDC can receive
a retransmitted request before it finishes processing the initial
request. Ignore those retransmits instead of processing them.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25350
dc483132-0cff-0310-8789-
dd5450dbe970
Greg Hudson [Sat, 15 Oct 2011 15:08:02 +0000 (15:08 +0000)]
Untabify kdc_preauth_encts.c
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25349
dc483132-0cff-0310-8789-
dd5450dbe970
Greg Hudson [Sat, 15 Oct 2011 15:06:37 +0000 (15:06 +0000)]
Make kdcpreauth edata method respond via callback
From npmccallum@redhat.com with changes.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25348
dc483132-0cff-0310-8789-
dd5450dbe970
Greg Hudson [Sat, 15 Oct 2011 15:03:17 +0000 (15:03 +0000)]
Make get_preauth_hint_list respond via callback
From npmccallum@redhat.com with changes.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25347
dc483132-0cff-0310-8789-
dd5450dbe970
Greg Hudson [Sat, 15 Oct 2011 15:03:10 +0000 (15:03 +0000)]
Remove enc-timestamp code from kdc_preauth.c
This code should have been removed in r25319 but was not.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25346
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 14 Oct 2011 23:14:53 +0000 (23:14 +0000)]
Exclude more stuff from make reindent
Apply exclusions to "make reindent" as well, to fully exclude some
files from whitespace cleanups. Add fnmatch.c to exclusions.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25345
dc483132-0cff-0310-8789-
dd5450dbe970
Tom Yu [Fri, 14 Oct 2011 18:19:36 +0000 (18:19 +0000)]
make depend
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25344
dc483132-0cff-0310-8789-
dd5450dbe970
Greg Hudson [Fri, 14 Oct 2011 15:14:57 +0000 (15:14 +0000)]
Untabify a recent gssapi_alloc.h change
Also mark the file as using the krb5 C style.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25343
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 14 Oct 2011 15:07:01 +0000 (15:07 +0000)]
Fix gssapi_strdup
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25342
dc483132-0cff-0310-8789-
dd5450dbe970
Sam Hartman [Fri, 14 Oct 2011 14:46:57 +0000 (14:46 +0000)]
gssalloc memory management for gss_buffer_set
compiles, but untested
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25341
dc483132-0cff-0310-8789-
dd5450dbe970