krb5.git
15 years agoAdd test case omitted in last commit
Tom Yu [Fri, 26 Jun 2009 02:44:41 +0000 (02:44 +0000)]
Add test case omitted in last commit

ticket: 6428

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22423 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoCheck for principal expiration prior to checking for password
Tom Yu [Fri, 26 Jun 2009 02:43:21 +0000 (02:43 +0000)]
Check for principal expiration prior to checking for password
expiration.  Reported by Phil Pishioneri.

ticket: 6428
version_reported: 1.7
target_version: 1.7.1
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22422 dc483132-0cff-0310-8789-dd5450dbe970

15 years agosyms.c doesn't exist; update clean target and dependencies
Ken Raeburn [Tue, 23 Jun 2009 04:26:14 +0000 (04:26 +0000)]
syms.c doesn't exist; update clean target and dependencies

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22421 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoGSSAPI init/accept_sec_context performance testing program
Ken Raeburn [Tue, 23 Jun 2009 04:21:40 +0000 (04:21 +0000)]
GSSAPI init/accept_sec_context performance testing program

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22420 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoUpdate comments to reflect reality and the fact that this is not a file based
Ezra Peisach [Sun, 21 Jun 2009 11:43:18 +0000 (11:43 +0000)]
Update comments to reflect reality and the fact that this is not a file based
cache.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22419 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoreduce some mutex performance problems in profile library
Ken Raeburn [Thu, 18 Jun 2009 23:25:25 +0000 (23:25 +0000)]
reduce some mutex performance problems in profile library

In profile_node_iterator we unlock a mutex in order to call
profile_update_file_data, which wants to lock that mutex itself, and
then when it returns we re-lock the mutex.  (We don't use recursive
mutexes, and I would continue to argue that we shouldn't.)  On the
Mac, when running multiple threads, it appears that this results in
very poor peformance, and much system and user CPU time is spent
working with the locks.  (Linux doesn't seem to suffer as much.)

So: Split profile_update_file_data into a locking wrapper, and an
inner routine that does the real work but requires that the lock be
held on entry.  Call the latter from profile_node_iterator *without*
unlocking first, and only unlock if there's an error.  This doesn't
move any significant amount of work into the locking region; it pretty
much just joins locking regions that were disjoint for no good reason.

On my tests on an 8-core Mac, in a test program running
gss_init_sec_context in a loop in 6 threads, this brought CPU usage
per call down by 40%, and improved wall-clock time even more.
Single-threaded performance improved very slightly, probably in the
noise.

Linux showed modest improvement (5% or less) in CPU usage in a
3-thread test on a 4-core system.

Similar tests with gss_accept_sec_context showed similar contention
around the profile-library mutexes, but I haven't analyzed the
performance changes there from this patch.

More work is needed, but this will help.

ticket: 6515
tags: pullup
target_version: 1.7.1
version_reported: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22418 dc483132-0cff-0310-8789-dd5450dbe970

15 years agominor memory leak in 'none' replay cache type
Ken Raeburn [Thu, 18 Jun 2009 21:56:48 +0000 (21:56 +0000)]
minor memory leak in 'none' replay cache type

The replay cache type implementations are responsible for freeing the
main rcache structure when the cache handle is closed.  The 'none'
rcache type wasn't doing this, resulting in a small memory leak each
time such a cache was opened and closed.  Not a big deal for a server
process servicing a single client, but it could accumulate (very very
slowly) for a long-running server.

ticket: 6514
tags: pullup
target_version: 1.7.1
version_reported: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22417 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoRemove the new configure option --enable-static-only, and instead
Greg Hudson [Thu, 18 Jun 2009 17:34:17 +0000 (17:34 +0000)]
Remove the new configure option --enable-static-only, and instead
require --enable-static --disable-shared for the same effect.  Error
out if only one of those two is specified.

While here, remove an unnecessary clause in the --disable-rpath block,
and make the notices consistent when using shared and static
libraries.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22416 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn default.exp, revert an unintended part of the last commit
Greg Hudson [Thu, 18 Jun 2009 04:34:47 +0000 (04:34 +0000)]
In default.exp, revert an unintended part of the last commit

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22415 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn default.exp, import RLOGIN_FLAGS from the environment, as is
Greg Hudson [Thu, 18 Jun 2009 03:48:38 +0000 (03:48 +0000)]
In default.exp, import RLOGIN_FLAGS from the environment, as is
apparently intended.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22414 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn the previous patch - I neglected a potential NULL deref in the call
Ezra Peisach [Wed, 17 Jun 2009 17:51:31 +0000 (17:51 +0000)]
In the previous patch - I neglected a potential NULL deref in the call
to krb5int_yarrow_cipher_final.  Trivial fix.

ticket: 6512

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22413 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn ldap_create.c, remove four incorrect uses of krb5_set_error_message
Greg Hudson [Wed, 17 Jun 2009 15:08:25 +0000 (15:08 +0000)]
In ldap_create.c, remove four incorrect uses of krb5_set_error_message
which resulted in obscured and confusing error diagnostics.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22412 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoUse ticket forwarding in the GSSAPI test cases to exercise
Greg Hudson [Thu, 11 Jun 2009 17:27:45 +0000 (17:27 +0000)]
Use ticket forwarding in the GSSAPI test cases to exercise
mk_cred/rd_cred etc.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22411 dc483132-0cff-0310-8789-dd5450dbe970

15 years agokrb5int_yarrow_final could deref NULL if out of memory
Ezra Peisach [Thu, 11 Jun 2009 17:01:13 +0000 (17:01 +0000)]
krb5int_yarrow_final could deref NULL if out of memory

 krb5int_yarrow_final tests if the Yarrow_CTX* is valid (not NULL) -
 and if not - signals and error for return - but still invokes
 mem_zero (memset) with it as an argument.  This will only happen in
 an out-of-memory situation.

ticket: 6512

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22410 dc483132-0cff-0310-8789-dd5450dbe970

15 years agokrb5int_rd_chpw_rep could call krb5_free_error with random value
Ezra Peisach [Wed, 10 Jun 2009 02:55:22 +0000 (02:55 +0000)]
krb5int_rd_chpw_rep could call krb5_free_error with random value

clang picked up on a path in which krberror is not set and passed as
an argument to krb5_free_error(). Essentially if the clearresult
length < 2 but everything decodes - you can hit this path...

ticket: 6511

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22409 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoClean up and simplify kdb5.c; no functional changes
Greg Hudson [Mon, 8 Jun 2009 20:14:58 +0000 (20:14 +0000)]
Clean up and simplify kdb5.c; no functional changes

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22408 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn kdb5.c, remove calls to the locking macros which were stubbed out
Greg Hudson [Mon, 8 Jun 2009 19:11:35 +0000 (19:11 +0000)]
In kdb5.c, remove calls to the locking macros which were stubbed out
in r17612.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22407 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoRestore limited support for static linking
Greg Hudson [Mon, 8 Jun 2009 10:01:57 +0000 (10:01 +0000)]
Restore limited support for static linking

Add enough static linking support to run the test suite without shared
libraries, to facilitate gcov and other kinds of instrumentation.  The
necessary changes include:

* Undo some of the changes which removed static linking support,
  and cannibalize the defunct krb5_force_static conditional block
  in aclocal.m4.
* Add --enable-static-only configure option.
* For plugins, use a different symbol name for static and dynamic
  builds, via a macro in k5plugin.h.
* Add build machinery for building static libraries for plugins
  (somewhat grotty due to the difference in names).
* Move plugin subdirs earlier in SUBDIRS in src/Makefile.in.
* Make the in-tree KDB5 plugins dependencies of libkdb5 in a static
  build (aclocal.m4 has to know what they are).
* In kdb5.c, cannibalize the broken _KDB5_STATIC_LINK support to
  allow "loading" of statically linked plugin libraries.

Preauth, authdata, locate, and GSSAPI plugins are not handled by this
change, as they are not currently necessary to the test suite.
Supporting GSSAPI plugins may be a bit tricky but the others should be
straightforward if they become needed.

$(STLIBEXT) changes from .a-nobuild to .a in a normal shared build as
a result of these changes (except on AIX where aclocal.m4 changes it).
This does not seem to be important as we avoid selecting the static
library for building via other means.

ticket: 6510

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22406 dc483132-0cff-0310-8789-dd5450dbe970

15 years agolibkdb5 now depends on libgssrpc. So when linking kpropd, specify
Greg Hudson [Mon, 8 Jun 2009 09:43:45 +0000 (09:43 +0000)]
libkdb5 now depends on libgssrpc.  So when linking kpropd, specify
$(KDB5_LIB) before $(KADMCLNT_LIBS) to get the link order right.
Unimportant for dynamic linking in most environments, but relevant for
static linking.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22405 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoDon't build the kadm5/unit-test test programs during "make all"; build
Greg Hudson [Mon, 8 Jun 2009 09:41:55 +0000 (09:41 +0000)]
Don't build the kadm5/unit-test test programs during "make all"; build
them during "make check" via test dependencies for consistency with
the way we handle other test programs.  (Also means we don't need
libraries to be linkable until later in the build process.)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22404 dc483132-0cff-0310-8789-dd5450dbe970

15 years agokadmind is parsing acls good deref NULL pointer on error
Ezra Peisach [Sat, 6 Jun 2009 13:46:06 +0000 (13:46 +0000)]
kadmind is parsing acls good deref NULL pointer on error

In kadm5int_acl_parse_line, if you setup an acl w/ restrictions
(i.e. the four argument acl format) - but have an error parsing the
first few fields, acle is NULLed out, and is then derefed.

This adds a conditional and indents according to the krb5 c-style...

ticket: 6509

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22403 dc483132-0cff-0310-8789-dd5450dbe970

15 years agokadm5int_acl_parse_restrictions could ref uninitialized variable
Ezra Peisach [Sat, 6 Jun 2009 03:55:44 +0000 (03:55 +0000)]
kadm5int_acl_parse_restrictions could ref uninitialized variable

The variable sp is never initialized. If the first argument to the
function is null, the code falls through to freeing sp if valid.
However, sp is never set.

ticket: 6508

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22402 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoMake results of krb5_db_def_fetch_mkey more predictable
Greg Hudson [Mon, 1 Jun 2009 22:39:31 +0000 (22:39 +0000)]
Make results of krb5_db_def_fetch_mkey more predictable

krb5_db_def_fetch_mkey tries the stash file as a keytab, then falls
back to the old stash file format.  If the stash file was in keytab
format, but didn't contain the desired master key, we would try to
read a keytab file as a stash file.  This could succeed or fail
depending on byte order and other unpredictable factors.  The upshot
was that one of the libkadm5 unit tests (init 108) was getting a
different error code on different platforms.

To fix this, only try the stash file format if we get
KRB5_KEYTAB_BADVNO trying the keytab format.  This requires reworking
the error handling logic.

ticket: 6506
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22397 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix a typo in the admin guide (with not keyword -> with no keyword)
Greg Hudson [Mon, 1 Jun 2009 16:51:24 +0000 (16:51 +0000)]
Fix a typo in the admin guide (with not keyword -> with no keyword)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22396 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix minor bug in r21269 - wrong field name
Ken Raeburn [Sat, 30 May 2009 05:36:52 +0000 (05:36 +0000)]
Fix minor bug in r21269 - wrong field name

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22395 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoRevert last change
Ken Raeburn [Wed, 27 May 2009 21:21:29 +0000 (21:21 +0000)]
Revert last change

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22394 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoDon't re-run test programs to recreate output every time 'check' is built
Ken Raeburn [Wed, 27 May 2009 20:08:28 +0000 (20:08 +0000)]
Don't re-run test programs to recreate output every time 'check' is built

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22393 dc483132-0cff-0310-8789-dd5450dbe970

15 years agofix t_prf test code properly
Ken Raeburn [Wed, 27 May 2009 20:03:46 +0000 (20:03 +0000)]
fix t_prf test code properly

Correction to patch in r22364: "i" was used in two places, one of
which required an int-sized value and the other of which required a
size_t.  Instead of changing the type, split the two uses into
separate variables.

ticket: 6505
target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22392 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoOn error getting forwarded creds, actually print out the error
Ken Raeburn [Mon, 25 May 2009 21:48:49 +0000 (21:48 +0000)]
On error getting forwarded creds, actually print out the error

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22384 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoCheck for 'encoding ### bytes' message consistently, accepting full base64 encoding
Ken Raeburn [Mon, 25 May 2009 21:37:02 +0000 (21:37 +0000)]
Check for 'encoding ### bytes' message consistently, accepting full base64 encoding

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22383 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix up kinit -T documentation
Greg Hudson [Mon, 25 May 2009 16:47:40 +0000 (16:47 +0000)]
Fix up kinit -T documentation

ticket: 6497
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22382 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoTemporarily disable FAST PKINIT for 1.7 release
Greg Hudson [Mon, 25 May 2009 16:40:00 +0000 (16:40 +0000)]
Temporarily disable FAST PKINIT for 1.7 release

There are protocol issues and implementation defects surrounding the
combination of FAST an PKINIT currently.  To avoid impacting the 1.7
scheduled and to avoid creating interoperability problems later,
disable the combination until the problems are resolved.

ticket: 6501
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22381 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIf --enable-pkinit is explicitly given, and OpenSSL is too old, error out instead of
Ken Raeburn [Sun, 24 May 2009 19:58:47 +0000 (19:58 +0000)]
If --enable-pkinit is explicitly given, and OpenSSL is too old, error out instead of
ignoring the option and disabling pkinit.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22370 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix vector initialization error in KDC preauth code
Greg Hudson [Sun, 24 May 2009 15:53:51 +0000 (15:53 +0000)]
Fix vector initialization error in KDC preauth code

In the KDC, get_preauth_hint_list had two bugs initializing the
preauth array.  It was allocating 21 extra entries instead of two due
to a typo (harmless), and it was only zeroing up through one extra
entry (harmful).  Adjust the code to use calloc to avoid further
disagreements of this nature.

ticket: 6496
target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22369 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix test rules for non-gmake make versions
Greg Hudson [Sun, 24 May 2009 00:48:31 +0000 (00:48 +0000)]
Fix test rules for non-gmake make versions

The build rules for the new t_ad_fx_armor and t_authdata test programs
used $<, which is only portable for implicit rules (but is valid in
gmake for all rules).  Stop using $< in those rules so that "make
check" works with System V make.

ticket: 6495
target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22368 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn krb5_ktfileint_write_entry, add a no-op fseek in between reading
Greg Hudson [Sat, 23 May 2009 00:09:58 +0000 (00:09 +0000)]
In krb5_ktfileint_write_entry, add a no-op fseek in between reading
EOF and writing the placeholder length field.  Otherwise we can run
into an apparent bug in the Solaris 10 stdio library which causes the
next no-op fseek after the fwrite to fail with EINVAL.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22367 dc483132-0cff-0310-8789-dd5450dbe970

15 years agowhitespace
Ken Raeburn [Fri, 22 May 2009 17:31:09 +0000 (17:31 +0000)]
whitespace

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22366 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoMake Sun cc error out on unknown attributes
Ken Raeburn [Fri, 22 May 2009 17:22:07 +0000 (17:22 +0000)]
Make Sun cc error out on unknown attributes

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22365 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoUse correct type for krb5_c_prf_length length arg
Ken Raeburn [Fri, 22 May 2009 17:20:15 +0000 (17:20 +0000)]
Use correct type for krb5_c_prf_length length arg

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22364 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoUse printf format attribute only with gcc
Ken Raeburn [Fri, 22 May 2009 17:19:37 +0000 (17:19 +0000)]
Use printf format attribute only with gcc

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22363 dc483132-0cff-0310-8789-dd5450dbe970

15 years agomake prompt string vars point to const
Ken Raeburn [Fri, 22 May 2009 14:31:28 +0000 (14:31 +0000)]
make prompt string vars point to const

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22362 dc483132-0cff-0310-8789-dd5450dbe970

15 years agofix minor syntax error
Ken Raeburn [Fri, 22 May 2009 14:12:17 +0000 (14:12 +0000)]
fix minor syntax error

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22361 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoRemove spurious assertion in handle_authdata
Greg Hudson [Fri, 22 May 2009 14:08:25 +0000 (14:08 +0000)]
Remove spurious assertion in handle_authdata

In handle_authdata in the KDC, remove a spurious assertion (added in
r21566 on the mskrb-integ branch) that authdata starts out empty.
authdata can be legitimately added by check_padata, which precedes
handle_authdata, and this happens with pkinit.

ticket: 6492
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22360 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoInclude regression test for krb-fx-cf2 for RC4 enctype
Sam Hartman [Wed, 20 May 2009 18:06:29 +0000 (18:06 +0000)]
Include regression test for krb-fx-cf2  for RC4 enctype

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22359 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoAdd a comment to the r22168 change since it's not obvious why we're
Greg Hudson [Wed, 20 May 2009 17:44:37 +0000 (17:44 +0000)]
Add a comment to the r22168 change since it's not obvious why we're
decrypting authdata that way.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22358 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoRestore compatibility with KDCs using key usage 8 to encrypt TGS
Greg Hudson [Wed, 20 May 2009 02:05:53 +0000 (02:05 +0000)]
Restore compatibility with KDCs using key usage 8 to encrypt TGS
replies in a subkey, by implementing a fallback in
krb5_arcfour_decrypt.

ticket: 6490

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22357 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoWhen using keyed checksum types with TGS subkeys, Microsoft AD 2003
Greg Hudson [Tue, 19 May 2009 23:17:49 +0000 (23:17 +0000)]
When using keyed checksum types with TGS subkeys, Microsoft AD 2003
verifies the checksum using the subkey, whereas MIT and Heimdal verify
it using the TGS session key.  (RFC 4120 is actually silent on which
is correct; RFC 4757 specifies the TGS session key.)  To sidestep this
interop issue, don't use keyed checksum types with RC4 keys without
explicit configuration in krb5.conf.  Using keyed checksum types with
AES is fine since, experimentally, AD 2008 accepts checksums keyed
with the TGS session key.

ticket: 6490
status: open
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22356 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn practice, key usage 9 requires no translation
Sam Hartman [Mon, 18 May 2009 23:28:53 +0000 (23:28 +0000)]
In practice, key usage 9 requires no translation

ticket: 6490
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22355 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoCopy the sequence key rather than the subkey for lucid contexts in RFC
Sam Hartman [Mon, 18 May 2009 19:08:48 +0000 (19:08 +0000)]
Copy the sequence key rather than the subkey for lucid contexts in RFC
1964 mode, so that we map to raw des enctypes rather than say
des-cbc-crc.

ticket: 6488
target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22354 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoDocument use of key fields in GSS context
Sam Hartman [Mon, 18 May 2009 19:08:29 +0000 (19:08 +0000)]
Document use of key fields in GSS context

The addition of etype negotiation has made the meanings of the various
keys in the GSS-API context structure more complicated.  Document them
to aid in code understanding.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22353 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoAdd IOV_SHIM_EXERCISE_WRAP and IOV_SHIM_EXERCISE_UNWRAP conditionals
Tom Yu [Thu, 14 May 2009 21:04:57 +0000 (21:04 +0000)]
Add IOV_SHIM_EXERCISE_WRAP and IOV_SHIM_EXERCISE_UNWRAP conditionals
to allow finer-grained testing.

ticket: 6487
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22352 dc483132-0cff-0310-8789-dd5450dbe970

15 years agogss_krb5int_export_lucid_sec_context was erroneously copying the first
Greg Hudson [Thu, 14 May 2009 16:50:52 +0000 (16:50 +0000)]
gss_krb5int_export_lucid_sec_context was erroneously copying the first
sizeof(void *) bytes of the context into data_set, instead of the
pointer to the context.

ticket: 6488
status: open
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22351 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoUCS2 support doesn't handle upper half of BMP
Greg Hudson [Thu, 14 May 2009 16:16:32 +0000 (16:16 +0000)]
UCS2 support doesn't handle upper half of BMP

Make krb5_ucs2 an unsigned type.  Eliminate the need for distinguished
values for ucs2 and ucs4 characters by changing the API of the single-
character conversion routines.

ticket: 6489
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22350 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoremove some old code for debugging the debugging code
Ken Raeburn [Thu, 14 May 2009 01:18:43 +0000 (01:18 +0000)]
remove some old code for debugging the debugging code

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22349 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn util/support/utf8_conv.c, the SWAP16 macro is invoked with an
Tom Yu [Wed, 13 May 2009 20:41:37 +0000 (20:41 +0000)]
In util/support/utf8_conv.c, the SWAP16 macro is invoked with an
argument that has side effects.  On platforms where SWAP16 can
evaluate its argument twice (including platforms where utf8_conv.c
creates a fallback definition for the SWAP16 macro), this can cause a
read overrun by a factor of two.

Rearrange the data flow to avoid calling SWAP16 with an argument that
has side effects.

ticket: 6486
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22348 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoreduce character-class table entry size (40%) based on limited data ranges; make...
Ken Raeburn [Mon, 11 May 2009 23:34:56 +0000 (23:34 +0000)]
reduce character-class table entry size (40%) based on limited data ranges; make table const

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22344 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn recvauth_common, convert a use of strcpy to strdup
Greg Hudson [Mon, 11 May 2009 22:46:56 +0000 (22:46 +0000)]
In recvauth_common, convert a use of strcpy to strdup

ticket: 6200
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22343 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoRefactor rule_an_to_ln, creating a new helper function to handle the
Greg Hudson [Mon, 11 May 2009 16:57:45 +0000 (16:57 +0000)]
Refactor rule_an_to_ln, creating a new helper function to handle the
selection string specifier.  Eliminate two (safe) uses of sscanf in
the process.  Add a test case including literal text in the selection
string specifier.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22326 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoTry decrypting using session key if subkey fails in tgs rep handling
Sam Hartman [Thu, 7 May 2009 20:35:28 +0000 (20:35 +0000)]
Try decrypting using session key if subkey fails in tgs rep handling

Heimdal at least up through 1.2 incorrectly encrypts the TGS response
in the session key not the subkey when a subkey is supplied.  See RFC
4120 page 35.  Work around this by trying decryption using the session
key after the subkey fails.

* decode_kdc_rep.c: rename to krb5int_decode_tgs_rep; only used for
  TGS and now needs to take keyusage
* gc_via_tkt: pass in session key and appropriate usage if subkey
  fails.

Note that the dead code to process AS responses in decode_kdc_rep is
not removed by this commit.  That will be removed as FAST TGS client
support is integrated post 1.7.

ticket: 6484
Tags: pullup
Target_Version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22325 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoman1 in title header for man1 manpages
Sam Hartman [Thu, 7 May 2009 20:35:19 +0000 (20:35 +0000)]
man1 in title header for man1 manpages

A previous ticket moved kadmin, kadmin.local, ktutil and k5srvutil man
pages to man1 from man8.  This updates the section within the man
page.

ticket: 6483
Target_Version: 1.7
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22324 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoAllow more than 10 past keys to be stored by a policy
Greg Hudson [Thu, 7 May 2009 19:51:46 +0000 (19:51 +0000)]
Allow more than 10 past keys to be stored by a policy

Remove the arbitrary limit of 10 past keys in policies.  We were not
taking advantage of that limit in any other code.

ticket: 6482
target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22323 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoAfter consultation with kenh, remove a comment and if statement which
Greg Hudson [Thu, 7 May 2009 19:42:57 +0000 (19:42 +0000)]
After consultation with kenh, remove a comment and if statement which
should no longer apply to the pa_sam_2 code, fixing a memory leak.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22322 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix yet another memory leak in pa_sam
Greg Hudson [Wed, 6 May 2009 18:54:47 +0000 (18:54 +0000)]
Fix yet another memory leak in pa_sam

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22321 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix multiple memory leaks in obtain_sam_padata
Greg Hudson [Wed, 6 May 2009 18:53:03 +0000 (18:53 +0000)]
Fix multiple memory leaks in obtain_sam_padata

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22320 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn pa_sam, use the correct function to free sam_challenge in the
Greg Hudson [Wed, 6 May 2009 18:52:44 +0000 (18:52 +0000)]
In pa_sam, use the correct function to free sam_challenge in the
success path.

ticket: 6210

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22319 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix a memory leak in pa_sam_2 where an outer data structure wasn't
Greg Hudson [Wed, 6 May 2009 15:56:21 +0000 (15:56 +0000)]
Fix a memory leak in pa_sam_2 where an outer data structure wasn't
freed after the contents are coopted.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22318 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix a memory leak in pa_sam
Greg Hudson [Tue, 5 May 2009 17:11:48 +0000 (17:11 +0000)]
Fix a memory leak in pa_sam

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22317 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix a memory leak in krb5_obtain_padata
Greg Hudson [Tue, 5 May 2009 17:08:54 +0000 (17:08 +0000)]
Fix a memory leak in krb5_obtain_padata

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22316 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn pa_sam_2, free sc2 in an error-handling case where it was leaked
Greg Hudson [Tue, 5 May 2009 16:57:42 +0000 (16:57 +0000)]
In pa_sam_2, free sc2 in an error-handling case where it was leaked

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22315 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn pa_sam_2, free scratch in a couple of error-handling blocks where
Greg Hudson [Tue, 5 May 2009 16:55:58 +0000 (16:55 +0000)]
In pa_sam_2, free scratch in a couple of error-handling blocks where
it was live and not freed.  The function should be reorganized to use
a cleanup handler, but (I believe) is not covered by the test suite
and should not undergo such major surgery until it is.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22314 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn krb5int_rd_setpw_rep, if we get an error result, set ap_rep.length
Greg Hudson [Tue, 5 May 2009 16:46:29 +0000 (16:46 +0000)]
In krb5int_rd_setpw_rep, if we get an error result, set ap_rep.length
to 0 so that it is initialized for a check later in the function.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22313 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoRemove some unnecessary null checks in krb5_get_in_tkt_with_password
Greg Hudson [Tue, 5 May 2009 16:39:54 +0000 (16:39 +0000)]
Remove some unnecessary null checks in krb5_get_in_tkt_with_password

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22312 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoRemove some unnecessary null checks in krb5_get_in_tkt_with_keytab
Greg Hudson [Tue, 5 May 2009 16:35:31 +0000 (16:35 +0000)]
Remove some unnecessary null checks in krb5_get_in_tkt_with_keytab

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22311 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn krb5_get_in_tkt, free the whole encoded request (since the
Greg Hudson [Tue, 5 May 2009 16:30:19 +0000 (16:30 +0000)]
In krb5_get_in_tkt, free the whole encoded request (since the
structure was allocated by encode_krb5_as_req), not just the contents.

ticket: 6401

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22310 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix a case in the krb5_rd_rep error handler (introduced in the last
Greg Hudson [Tue, 5 May 2009 16:00:40 +0000 (16:00 +0000)]
Fix a case in the krb5_rd_rep error handler (introduced in the last
commit) where scratch.data could be indirected through even if it
wasn't allocated successfully.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22309 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoSimplify cleanup in obtain_sam_padata slightly
Greg Hudson [Mon, 4 May 2009 19:43:36 +0000 (19:43 +0000)]
Simplify cleanup in obtain_sam_padata slightly

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22308 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix an error message memory leak in krb5_preauth_supply_preauth_data
Greg Hudson [Mon, 4 May 2009 17:16:38 +0000 (17:16 +0000)]
Fix an error message memory leak in krb5_preauth_supply_preauth_data

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22307 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix some direct returns in krb5_get_cred_from_kdc_opt which would leak
Greg Hudson [Mon, 4 May 2009 17:06:43 +0000 (17:06 +0000)]
Fix some direct returns in krb5_get_cred_from_kdc_opt which would leak
memory.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22306 dc483132-0cff-0310-8789-dd5450dbe970

15 years agokrb5_rd_rep could leak memory through its output parameter on error.
Greg Hudson [Mon, 4 May 2009 16:08:03 +0000 (16:08 +0000)]
krb5_rd_rep could leak memory through its output parameter on error.
Adjust the flow control so that *repl is NULL on error and the memory
allocated by decode_krb5_ap_rep_enc_part is freed.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22305 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix formatting of ok_as_delegate documentation in admin guide
Greg Hudson [Sun, 3 May 2009 18:47:27 +0000 (18:47 +0000)]
Fix formatting of ok_as_delegate documentation in admin guide

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22304 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix a memory leak in krb5int_rd_chpw_rep in a block of code handling
Greg Hudson [Sat, 2 May 2009 04:58:19 +0000 (04:58 +0000)]
Fix a memory leak in krb5int_rd_chpw_rep in a block of code handling
buggy MS KDC behavior.  It's not entirely clear what should happen in
the case where memory was leaked (error packet received containing
e_data) so pick a conservative option.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22303 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix a memory leak by reorganizing krb5_principal_internalize to use
Greg Hudson [Fri, 1 May 2009 20:19:43 +0000 (20:19 +0000)]
Fix a memory leak by reorganizing krb5_principal_internalize to use
the recommended flow control for error handling.  Also initialize the
output parameter so that it is set in case of error.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22302 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoCheck return value of ftell() in krb5_ktfileint_find_slot
Greg Hudson [Fri, 1 May 2009 20:11:01 +0000 (20:11 +0000)]
Check return value of ftell() in krb5_ktfileint_find_slot

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22301 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoMove an error check to an earlier location in krb5_524_conv_principal
Greg Hudson [Fri, 1 May 2009 20:07:13 +0000 (20:07 +0000)]
Move an error check to an earlier location in krb5_524_conv_principal
to fix a memory leak.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22300 dc483132-0cff-0310-8789-dd5450dbe970

15 years agomake depend
Sam Hartman [Thu, 30 Apr 2009 20:48:36 +0000 (20:48 +0000)]
make depend

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22299 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoImplement DES and 3DES PRF. Patch fromKAMADA Ken'ichi
Sam Hartman [Thu, 30 Apr 2009 20:17:42 +0000 (20:17 +0000)]
Implement DES and 3DES PRF. Patch fromKAMADA Ken'ichi

Currently the DES and 3DES PRF output 16-byte results.  This is
consistent with RFC 3961, but we need to confirm it is consistent with
Heimdal and WG decisions.  See IETF 74 minutes for some discussion of
the concern as it applies to AES and thus possibly all simplified
profile enctypes.

ticket: 5587
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22298 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn krb5_kt_resolve, ensure that the output parameter is set to NULL on
Greg Hudson [Thu, 30 Apr 2009 17:49:28 +0000 (17:49 +0000)]
In krb5_kt_resolve, ensure that the output parameter is set to NULL on
failure even if the underlying resolver doesn't do that properly.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22297 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn ktfile_common_resolve, set the output pointer to NULL on error, and
Greg Hudson [Thu, 30 Apr 2009 17:28:55 +0000 (17:28 +0000)]
In ktfile_common_resolve, set the output pointer to NULL on error, and
use a cleanup label instead of freeing the same resources in multiple
error handling blocks.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22296 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix a memory leak by reorganizing krb5_ktf_keytab_internalize to use
Greg Hudson [Thu, 30 Apr 2009 17:16:20 +0000 (17:16 +0000)]
Fix a memory leak by reorganizing krb5_ktf_keytab_internalize to use
the recommended exception-handling flow control.  Eliminate the check
for ktdata being null after resolution because that's not possible.
Add a check for the resolved keytab being of a different type, since
that would result in data structure corruption.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22295 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoUninitialized variable may cause unpredictable behavior in kdc_verify_preauth
Zhanna Tsitkov [Thu, 30 Apr 2009 16:27:08 +0000 (16:27 +0000)]
Uninitialized variable may cause unpredictable behavior in kdc_verify_preauth

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22294 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoDocument ok_as_delegate in the admin guide
Greg Hudson [Thu, 30 Apr 2009 15:08:50 +0000 (15:08 +0000)]
Document ok_as_delegate in the admin guide

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22293 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoDo not return PREAUTH_FAILED on unknown preauth
Sam Hartman [Thu, 30 Apr 2009 00:38:48 +0000 (00:38 +0000)]
Do not return PREAUTH_FAILED on unknown preauth

If the KDC receives unknown pre-authentication data then ignore it.
Do not get into a case where PREAUTH_FAILED is returned because of
unknown pre-authentication.  The main AS loop will cause
PREAUTH_REQUIRED to be returned if the preauth_required flag is set
and no valid preauth is found.

ticket: 6480
Target_Version: 1.7
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22292 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoAdd DEBUG_ERROR_LOCATIONS support
Greg Hudson [Wed, 29 Apr 2009 23:21:21 +0000 (23:21 +0000)]
Add DEBUG_ERROR_LOCATIONS support

If DEBUG_ERROR_LOCATIONS is defined, replace uses of
krb5_set_error_message and krb5int_set_error with calls to the new
_fl variants of those functions, and include filename and line number
information in the calls.  Requires C99-style variadic macros if
defined.

ticket: 6479

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22291 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix typo in error message reported by Marek Mahut (Red Hat)
Tom Yu [Wed, 29 Apr 2009 00:31:50 +0000 (00:31 +0000)]
Fix typo in error message reported by Marek Mahut (Red Hat)

ticket: 6472
target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22290 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix handling of RET_SEQUENCE flag in mk_priv/mk_ncred
Greg Hudson [Tue, 28 Apr 2009 18:00:13 +0000 (18:00 +0000)]
Fix handling of RET_SEQUENCE flag in mk_priv/mk_ncred

Regularize the handling of KRB5_AUTH_CONTEXT_RET_SEQUENCE in
krb5_mk_safe, krb5_mk_priv, and krb5_mk_ncred, using krb5_mk_safe as
a baseline.  RET_SEQUENCE now implies DO_SEQUENCE for all three
functions, the sequence number is always incremented if it is used,
and outdata->seq is always set if RET_SEQUENCE is passed.

Note that in the corresponding rd_ functions, RET_SEQUENCE and
DO_SEQUENCE are independent flags, which is not consistent with the
above.  This compromise is intended to preserve compatibility with
any working code which might exist using the RET_SEQUENCE flag.

ticket: 6478

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22288 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix typo
Greg Hudson [Tue, 28 Apr 2009 17:54:13 +0000 (17:54 +0000)]
Fix typo

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22287 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix a couple of memory leaks in krb5int_sendto, reworking the error
Greg Hudson [Tue, 28 Apr 2009 15:45:31 +0000 (15:45 +0000)]
Fix a couple of memory leaks in krb5int_sendto, reworking the error
handling a bit for cleanliness in the process.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22286 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix a memory leak in aname_replacer using the recommended flow control
Greg Hudson [Tue, 28 Apr 2009 04:46:10 +0000 (04:46 +0000)]
Fix a memory leak in aname_replacer using the recommended flow control
for exception handling.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22285 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix a memory leak in module_locate_server
Greg Hudson [Tue, 28 Apr 2009 04:30:03 +0000 (04:30 +0000)]
Fix a memory leak in module_locate_server

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22284 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix a few memory leaks in krb5_mk_ncred. Also tighten up the error
Greg Hudson [Mon, 27 Apr 2009 23:48:22 +0000 (23:48 +0000)]
Fix a few memory leaks in krb5_mk_ncred.  Also tighten up the error
handling of the sequence number, only decreasing it if it was
increased.  The handling of DO_SEQUENCE and RET_SEQUENCE may still be
flawed in some cases.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22283 dc483132-0cff-0310-8789-dd5450dbe970