krb5.git
14 years agopull up r23912 from trunk
Tom Yu [Tue, 20 Apr 2010 22:37:22 +0000 (22:37 +0000)]
pull up r23912 from trunk

 ------------------------------------------------------------------------
 r23912 | tlyu | 2010-04-20 17:12:10 -0400 (Tue, 20 Apr 2010) | 11 lines

 ticket: 6702
 target_version: 1.8.2
 tags: pullup

 Fix CVE-2010-1230 (MITKRB5-SA-2010-004) double-free in KDC triggered
 by ticket renewal.  Add a test case.

 See also http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577490

 Thanks to Joel Johnson and Brian Almeida for the reports.

ticket: 6702
version_fixed: 1.8.2
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23914 dc483132-0cff-0310-8789-dd5450dbe970

14 years agokrb5-1.8.1-postrelease
Tom Yu [Thu, 8 Apr 2010 20:35:03 +0000 (20:35 +0000)]
krb5-1.8.1-postrelease

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23880 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoREADME and patchlevel.h for krb5-1.8.1 final
Tom Yu [Thu, 8 Apr 2010 20:33:32 +0000 (20:33 +0000)]
README and patchlevel.h for krb5-1.8.1 final

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23878 dc483132-0cff-0310-8789-dd5450dbe970

14 years agokrb5-1.8.1-beta2-postrelease
Tom Yu [Tue, 30 Mar 2010 01:54:21 +0000 (01:54 +0000)]
krb5-1.8.1-beta2-postrelease

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23849 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoREADME and patchlevel for krb5-1.8.1-beta2
Tom Yu [Tue, 30 Mar 2010 01:52:51 +0000 (01:52 +0000)]
README and patchlevel for krb5-1.8.1-beta2

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23847 dc483132-0cff-0310-8789-dd5450dbe970

14 years agomake depend
Tom Yu [Tue, 30 Mar 2010 01:51:11 +0000 (01:51 +0000)]
make depend

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23846 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23844 from trunk
Tom Yu [Tue, 30 Mar 2010 01:51:04 +0000 (01:51 +0000)]
pull up r23844 from trunk

 ------------------------------------------------------------------------
 r23844 | ghudson | 2010-03-29 18:08:21 -0400 (Mon, 29 Mar 2010) | 9 lines

 ticket: 6693
 subject: Fix backwards flag output in krb5_init_creds_step()
 tags: pullup
 target_version: 1.8.1

 krb5_init_creds_step() is taken from Heimdal, which sets *flags to 1
 for "continue" and 0 for "stop".  Unfortunately, we got it backwards
 in 1.8; fix it for 1.8.1.

ticket: 6693
version_fixed: 1.8.1
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23845 dc483132-0cff-0310-8789-dd5450dbe970

14 years agokrb5-1.8.1-beta1-postrelease
Tom Yu [Sun, 28 Mar 2010 23:00:08 +0000 (23:00 +0000)]
krb5-1.8.1-beta1-postrelease

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23841 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoREADME and patchlevel for krb5-1.8.1-beta1
Tom Yu [Sun, 28 Mar 2010 22:47:01 +0000 (22:47 +0000)]
README and patchlevel for krb5-1.8.1-beta1

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23839 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23834 from trunk
Tom Yu [Tue, 23 Mar 2010 22:31:00 +0000 (22:31 +0000)]
pull up r23834 from trunk

 ------------------------------------------------------------------------
 r23834 | tlyu | 2010-03-23 15:00:13 -0700 (Tue, 23 Mar 2010) | 7 lines

 ticket: 6678
 target_version: 1.8.1
 tags: pullup

 Apply patch from Arlene Berry to not use freed memory in
 gss_import_sec_context in some error paths.

ticket: 6678
version_fixed: 1.8.1
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23835 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23832 from trunk
Tom Yu [Tue, 23 Mar 2010 19:08:53 +0000 (19:08 +0000)]
pull up r23832 from trunk

 ------------------------------------------------------------------------
 r23832 | tlyu | 2010-03-23 11:53:52 -0700 (Tue, 23 Mar 2010) | 8 lines

 ticket: 6690
 target_version: 1.8.1
 tags: pullup
 subject: MITKRB5-SA-2010-002 CVE-2010-0628 denial of service in SPNEGO

 The SPNEGO implementation in krb5-1.7 and later could crash due to
 assertion failure when receiving some sorts of invalid GSS-API tokens.

ticket: 6690
version_fixed: 1.8.1
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23833 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23829 from trunk
Tom Yu [Tue, 23 Mar 2010 07:21:04 +0000 (07:21 +0000)]
pull up r23829 from trunk

 ------------------------------------------------------------------------
 r23829 | tlyu | 2010-03-22 23:09:02 -0700 (Mon, 22 Mar 2010) | 10 lines

 ticket: 6689
 target_version: 1.8.1
 tags: pullup
 subject: krb5_typed_data not castable to krb5_pa_data on 64-bit MacOSX

 Move krb5_typed_data to krb5.hin from k5-int-pkinit.h because
 krb5int_fast_process_error was assuming that it was safe to cast it to
 krb5_pa_data.  It's not safe to do the cast on 64-bit MacOSX because
 krb5.hin uses #pragma pack on that platform.

ticket: 6689
version_fixed: 1.8.1
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23830 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23821 from trunk
Tom Yu [Tue, 23 Mar 2010 01:58:29 +0000 (01:58 +0000)]
pull up r23821 from trunk

 ------------------------------------------------------------------------
 r23821 | ghudson | 2010-03-19 20:50:06 -0700 (Fri, 19 Mar 2010) | 17 lines

 ticket: 6687
 subject: Change KRB5_AUTHDATA_SIGNTICKET from 142 to 512
 target_version: 1.8.1
 tags: pullup

 KRB5_AUTHDATA_SIGNTICKET, originally a Heimdal authorization data
 type, was used to implement PAC-less constrained delegation in krb5
 1.8.  Unfortunately, it was found that Microsoft was using 142 for
 other purposes, which could result in a ticket issued by an MIT or
 Heimdal KDC being rejected by a Windows Server 2008 R2 application
 server.  Because KRB5_AUTHDATA_SIGNTICKET is only used to communicate
 among a realm's KDCs, it is relatively easy to change the number, so
 MIT and Heimdal are both migrating to a new number.  This change will
 cause a transitional interoperability issue when a realm mixes MIT
 krb5 1.8 (or Heimdal 1.3.1) KDCs with MIT krb5 1.8.1 (or Heimdal
 1.3.2) KDCs, but only for constrained delegation evidence tickets.

ticket: 6687
version_fixed: 1.8.1

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23828 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23820 from trunk
Tom Yu [Tue, 23 Mar 2010 01:58:22 +0000 (01:58 +0000)]
pull up r23820 from trunk

 ------------------------------------------------------------------------
 r23820 | ghudson | 2010-03-19 09:17:05 -0700 (Fri, 19 Mar 2010) | 7 lines

 ticket: 6680
 target_version: 1.8.1
 tags: pullup

 Document the ticket_lifetime libdefaults setting (which was added in
 r16656, #2656).  Based on a patch from nalin@redhat.com.

ticket: 6680
version_fixed: 1.8.1
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23827 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23819 from trunk
Tom Yu [Tue, 23 Mar 2010 01:58:15 +0000 (01:58 +0000)]
pull up r23819 from trunk

 ------------------------------------------------------------------------
 r23819 | ghudson | 2010-03-18 10:37:31 -0700 (Thu, 18 Mar 2010) | 7 lines

 ticket: 6683
 target_version: 1.8.1
 tags: pullup

 Fix the kpasswd fallback from the ccache principal name to the
 username in the case where the ccache doesn't exist.

ticket: 6683
version_fixed: 1.8.1
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23826 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23815 from trunk
Tom Yu [Tue, 23 Mar 2010 01:58:07 +0000 (01:58 +0000)]
pull up r23815 from trunk

 ------------------------------------------------------------------------
 r23815 | ghudson | 2010-03-17 14:10:10 -0700 (Wed, 17 Mar 2010) | 7 lines

 ticket: 6681
 target_version: 1.8.1
 tags: pullup

 When checking for KRB5_GET_INIT_CREDS_OPT_CHG_PWD_PRMPT, don't
 dereference options if it's NULL.

ticket: 6681
version_fixed: 1.8.1
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23825 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23810 from trunk
Tom Yu [Tue, 23 Mar 2010 01:58:00 +0000 (01:58 +0000)]
pull up r23810 from trunk

 ------------------------------------------------------------------------
 r23810 | tlyu | 2010-03-16 12:14:33 -0700 (Tue, 16 Mar 2010) | 8 lines

 ticket: 6685
 target_version: 1.8.1
 subject: handle NT_SRV_INST in service principal referrals

 Handle NT_SRV_INST in service principal cross-realm referrals, as
 Windows apparently uses that instead of NT_SRV_HST for at least some
 service principals.

ticket: 6685
version_fixed: 1.8.1
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23824 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23766 from trunk
Tom Yu [Mon, 15 Mar 2010 23:50:52 +0000 (23:50 +0000)]
pull up r23766 from trunk

 ------------------------------------------------------------------------
 r23766 | ghudson | 2010-03-05 12:45:46 -0500 (Fri, 05 Mar 2010) | 10 lines

 ticket: 6676
 subject: Ignore improperly encoded signedpath AD elements
 target_version: 1.8.1
 tags: pullup

 We have some reason to believe Microsoft and Heimdal are both using
 the authdata value 142 for different purposes, leading to failures in
 verify_ad_signedpath().  For better interoperability, treat such
 tickets as unsigned, rather than invalid.

ticket: 6676
version_fixed: 1.8.1
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23809 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23772 from trunk
Tom Yu [Mon, 15 Mar 2010 23:50:49 +0000 (23:50 +0000)]
pull up r23772 from trunk

 ------------------------------------------------------------------------
 r23772 | ghudson | 2010-03-05 15:35:26 -0500 (Fri, 05 Mar 2010) | 7 lines

 ticket: 6674
 target_version: 1.8.1
 tags: pullup

 Release the internal_name field of a SPNEGO context if it has not been
 claimed for a caller argument.

ticket: 6674
status: resolved
version_fixed: 1.8.1

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23808 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23749 from trunk
Tom Yu [Mon, 15 Mar 2010 23:50:46 +0000 (23:50 +0000)]
pull up r23749 from trunk

 ------------------------------------------------------------------------
 r23749 | ghudson | 2010-02-24 13:57:08 -0500 (Wed, 24 Feb 2010) | 9 lines

 ticket: 6668
 subject: Two problems in kadm5_get_principal mask handling
 target_version: 1.8
 tags: pullup

 KADM5_MOD_NAME was being applied to entry->principal instead of
 entry->mod_name.  KADM5_MKVNO was not being applied to entry->mkvno.
 Patch from Marcus Watts <mdw@umich.edu>.

ticket: 6668
version_fixed: 1.8.1
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23807 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23767 from trunk
Tom Yu [Mon, 15 Mar 2010 23:50:40 +0000 (23:50 +0000)]
pull up r23767 from trunk

 ------------------------------------------------------------------------
 r23767 | ghudson | 2010-03-05 14:19:42 -0500 (Fri, 05 Mar 2010) | 7 lines

 ticket: 6661
 target_version: 1.8.1
 tags: pullup

 Add IPv6 support to changepw.c (reverting r21004 since it is no longer
 necessary).  Patch from Submit Bose <sbose@redhat.com>.

ticket: 6661
version_fixed: 1.8.1
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23806 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoRevert KRB5_CONF_ macro change intended for trunk
Tom Yu [Wed, 10 Mar 2010 20:33:05 +0000 (20:33 +0000)]
Revert KRB5_CONF_ macro change intended for trunk

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23797 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoUse KRB5_CONF_ macros instead of strings in source for profile config arguments ...
Zhanna Tsitkov [Wed, 10 Mar 2010 15:59:30 +0000 (15:59 +0000)]
Use KRB5_CONF_ macros instead of strings in source for profile config arguments "default" and "logging"

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23795 dc483132-0cff-0310-8789-dd5450dbe970

14 years agokrb5-1.8-postrelease
Tom Yu [Tue, 2 Mar 2010 18:21:06 +0000 (18:21 +0000)]
krb5-1.8-postrelease

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23762 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoREADME and patchlevel.h for krb5-1.8 final
Tom Yu [Tue, 2 Mar 2010 18:13:43 +0000 (18:13 +0000)]
README and patchlevel.h for krb5-1.8 final

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23760 dc483132-0cff-0310-8789-dd5450dbe970

14 years agokrb5-1.8-beta2-postrelease
Tom Yu [Thu, 25 Feb 2010 21:28:29 +0000 (21:28 +0000)]
krb5-1.8-beta2-postrelease

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23755 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoREADME and patchlevel.h for krb5-1.8-beta2
Tom Yu [Thu, 25 Feb 2010 21:28:22 +0000 (21:28 +0000)]
README and patchlevel.h for krb5-1.8-beta2

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23754 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23750 from trunk
Tom Yu [Thu, 25 Feb 2010 20:14:21 +0000 (20:14 +0000)]
pull up r23750 from trunk

 ------------------------------------------------------------------------
 r23750 | tlyu | 2010-02-25 15:09:45 -0500 (Thu, 25 Feb 2010) | 7 lines

 ticket: 6669
 target_version: 1.8
 tags: pullup
 subject: doc updates for allow_weak_crypto

 Update documentation to be more helpful about allow_weak_crypto.

ticket: 6669
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23751 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23742 from trunk
Tom Yu [Tue, 23 Feb 2010 00:25:58 +0000 (00:25 +0000)]
pull up r23742 from trunk

 ------------------------------------------------------------------------
 r23742 | ghudson | 2010-02-21 23:52:30 -0500 (Sun, 21 Feb 2010) | 24 lines

 ticket: 6603
 target_version: 1.8
 tags: pullup

 Fix two unrelated problems in SPNEGO which don't crop up with the krb5
 mechanism.

 1. The third call to spnego_init_accept_context uses faulty logic to
 determine if the exchange is complete, preventing a third mech token
 from being sent to the acceptor if no MIC exchange is required.
 Follow the logic used in the second call (in init_ctx_nego), which is
 correct.

 2. If the acceptor selects a mech other than the optimistic mech, it
 sets sc->mic_reqd to 1 whether or not the selected mech supports MICs
 (which isn't known until the mech completes).  Most code outside of
 handle_mic checks sc->mic_reqd along with (sc->ctx_flags &
 GSS_C_INTEG_FLAG), but the code in acc_ctx_call_acc neglected to do
 so, so it could improperly delegate responsibility for deciding when
 the negotiation was finished to handle_mic--which never gets called if
 (sc->ctx_flags & GSS_C_INTEG_FLAG) is false.  Fix acc_ctx_call_acc to
 check sc->ctx_flags so that mechs which don't support integrity
 protection can complete if they are selected non-optimistically.

ticket: 6603
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23748 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23735 from trunk
Tom Yu [Tue, 23 Feb 2010 00:25:54 +0000 (00:25 +0000)]
pull up r23735 from trunk

 ------------------------------------------------------------------------
 r23735 | ghudson | 2010-02-18 13:49:11 -0500 (Thu, 18 Feb 2010) | 8 lines

 ticket: 6659
 target_version: 1.8
 tags: pullup

 The TGS code was not freeing authdata.  This is an old leak which was
 made more evident in 1.8 by the addition of ad-signedpath authdata
 appearing in most tickets issued through the TGS path.

ticket: 6659
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23747 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23734 from trunk
Tom Yu [Tue, 23 Feb 2010 00:25:51 +0000 (00:25 +0000)]
pull up r23734 from trunk

 ------------------------------------------------------------------------
 r23734 | ghudson | 2010-02-18 13:04:47 -0500 (Thu, 18 Feb 2010) | 17 lines

 ticket: 6665
 subject: Fix cipher state chaining in OpenSSL back end
 target_version: 1.8
 tags: pullup

 Make cipher state chaining work in the OpenSSL back end for des, des3,
 and arcfour enc providers.  Subtleties:

 * DES and DES3 have checks to avoid clobbering ivec with uninitialized
   data if there is no data to encrypt.
 * Arcfour saves the OpenSSL cipher context across calls.  To protect
   against a caller improperly copying the state (which happens to work
   with other enc providers), a loopback pointer is used, as in GSSAPI.
 * EVP_EncryptFinal_ex is unnecessary with stream ciphers and would
   interfere with cipher state chaining if it did anything, so just
   remove it.

ticket: 6665
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23746 dc483132-0cff-0310-8789-dd5450dbe970

14 years agokrb5-1.8-beta1-postrelease
Tom Yu [Wed, 17 Feb 2010 03:41:03 +0000 (03:41 +0000)]
krb5-1.8-beta1-postrelease

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23730 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoREADME and patchlevel.h for krb5-1.8-beta1
Tom Yu [Wed, 17 Feb 2010 03:13:29 +0000 (03:13 +0000)]
README and patchlevel.h for krb5-1.8-beta1

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23728 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23726 from trunk
Tom Yu [Tue, 16 Feb 2010 23:01:30 +0000 (23:01 +0000)]
pull up r23726 from trunk

 ------------------------------------------------------------------------
 r23726 | tlyu | 2010-02-16 17:41:27 -0500 (Tue, 16 Feb 2010) | 8 lines

 ticket: 6663
 subject: update mkrel to deal with changed source layout
 target_version: 1.8
 tags: pullup

 Update mkrel so it deals somewhat better with removed src/lib/des425,
 NOTICES, etc.

ticket: 6663
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23727 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23724 from trunk
Tom Yu [Tue, 16 Feb 2010 22:21:08 +0000 (22:21 +0000)]
pull up r23724 from trunk

 ------------------------------------------------------------------------
 r23724 | tlyu | 2010-02-16 17:10:17 -0500 (Tue, 16 Feb 2010) | 10 lines

 ticket: 6662
 subject: MITKRB5-SA-2010-001 CVE-2010-0283 KDC denial of service
 tags: pullup
 target_version: 1.8

 Code introduced in krb5-1.7 can cause an assertion failure if a
 KDC-REQ is internally inconsistent, specifically if the ASN.1 tag
 doesn't match the msg_type field.  Thanks to Emmanuel Bouillon (NATO
 C3 Agency) for discovering and reporting this vulnerability.

ticket: 6662
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23725 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23716 from trunk
Tom Yu [Fri, 12 Feb 2010 20:28:51 +0000 (20:28 +0000)]
pull up r23716 from trunk

 ------------------------------------------------------------------------
 r23716 | ghudson | 2010-02-11 11:07:08 -0500 (Thu, 11 Feb 2010) | 15 lines

 ticket: 6660
 subject: Minimal support for updating history key
 target_version: 1.8
 tags: pullup

 Add minimal support for re-randomizing the history key:

 * cpw -randkey kadmin/history now works, but creates only one key.
 * cpw -randkey -keepold kadmin/history still fails.
 * libkadm5 no longer caches the history key.  Performance impact
   is minimal since password changes are not common.
 * randkey no longer checks the newly randomized key against old keys,
   and the disabled code to do so in setkey/setv4key is gone, so now
   only kadm5_chpass_principal_3 accesses the password history.

------------------------------------------------------------------------

ticket: 6660
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23721 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23715 from trunk
Tom Yu [Fri, 12 Feb 2010 20:28:47 +0000 (20:28 +0000)]
pull up r23715 from trunk

 ------------------------------------------------------------------------
 r23715 | ghudson | 2010-02-10 18:44:18 -0500 (Wed, 10 Feb 2010) | 14 lines

 ticket: 6658
 subject: Implement gss_set_neg_mechs
 target_version: 1.8
 tags: pullup

 Implement gss_set_neg_mechs in SPNEGO by intersecting the provided
 mech set with the mechanisms available in the union credential.  As
 we now need space to hold the mech set, the SPNEGO credential is now
 a structure and not just a mechglue credential.

 t_spnego.c is a test program which exercises the new logic.  Like the
 other GSSAPI tests, it is not run as part of "make check" at this
 time.

ticket: 6658
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23720 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23713 from trunk
Tom Yu [Fri, 12 Feb 2010 20:28:43 +0000 (20:28 +0000)]
pull up r23713 from trunk

 ------------------------------------------------------------------------
 r23713 | hartmans | 2010-02-09 14:15:12 -0500 (Tue, 09 Feb 2010) | 10 lines

 subject: krb5int_fast_free_state segfaults if state is null
 ticket: 6657
 target_version: 1.8
 tags: pullup

 krb5int_fast_free_state fails if state is null.  INstead it should
 simply return Reorganization of the get_init_creds logic has created
 situations where the init_creds loop can fail between the time when
 the context is initialized and the fast state is initialized.

ticket: 6657
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23719 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23712, r23714 from trunk
Tom Yu [Fri, 12 Feb 2010 20:28:39 +0000 (20:28 +0000)]
pull up r23712, r23714 from trunk

 ------------------------------------------------------------------------
 r23714 | ghudson | 2010-02-09 20:55:36 -0500 (Tue, 09 Feb 2010) | 13 lines

 ticket: 6656

 Followon fixes to r23712:
 * A few formatting fixes.
 * Fix unlikely leak in kdc_handle_protected_negotiation: if
   add_pa_data_element with copy == FALSE fails, it's still the
   caller's responsibility to free pa.contents.
 * Fix pre-existing (since r23465) leak of reply_encpart.enc_padata in
   process_as_req.
 * Call add_pa_data_element with copy == TRUE in
   return_referral_enc_padata since we are passing memory owned by the
   database entry.

 ------------------------------------------------------------------------
 r23712 | hartmans | 2010-02-09 14:15:07 -0500 (Tue, 09 Feb 2010) | 14 lines

 subject: enc_padata can include empty sequence
 ticket: 6656
 target_version: 1.8
 tags: pullup

 There are two issues with return_enc_padata.
 1)  It often will return an empty sequence of enc_padata rather than not including the field
 2) FAST negotiation is double supported in the referral tgs path and not supported in the non-referral path

 Rewrite the return_enc_padata logic to:

 * Split  out referral interactions with kdb into its own function
 * Use add_pa_data_element

ticket: 6656
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23718 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23677 from trunk
Tom Yu [Mon, 8 Feb 2010 21:22:18 +0000 (21:22 +0000)]
pull up r23677 from trunk

 ------------------------------------------------------------------------
 r23677 | ghudson | 2010-01-28 20:22:17 -0500 (Thu, 28 Jan 2010) | 14 lines

 ticket: 6652
 subject: Make decryption of master key list more robust
 target_version: 1.8
 tags: pullup

 krb5_def_fetch_mkey_list was incorrectly filtering mkey_aux entries
 when searching the list for an entry which can be decrypted with the
 stashed master key.  This bug was masked in most cases by the mkvno
 heuristic.

 Remove the mkvno heuristic, since performance is not an issue for this
 rarely-performed operation, and remove the incorrect enctype
 comparison in the brute-force search.

ticket: 6652
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23711 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23699 from trunk
Tom Yu [Mon, 8 Feb 2010 20:55:48 +0000 (20:55 +0000)]
pull up r23699 from trunk

 ------------------------------------------------------------------------
 r23699 | ghudson | 2010-02-05 16:46:35 -0500 (Fri, 05 Feb 2010) | 10 lines

 ticket: 6643
 target_version: 1.8
 tags: pullup

 Consistently place $(LDFLAGS) after $(SHLIB_EXPFLAGS) when building
 shared libraries.  Previously we sometimes failing to use $(LDFLAGS)
 at all, and at other times were putting it before $(SHLIB_EXPFLAGS)
 where it could pick up tree-internal libraries from outside the build
 tree.

ticket: 6643
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23710 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23698 from trunk
Tom Yu [Mon, 8 Feb 2010 20:55:46 +0000 (20:55 +0000)]
pull up r23698 from trunk

 ------------------------------------------------------------------------
 r23698 | tlyu | 2010-02-05 15:52:42 -0500 (Fri, 05 Feb 2010) | 8 lines

 ticket: 6601
 tags: pullup
 target_version: 1.8

 Apply patch from Arlene Berry to handle the case where a mechanism
 implements set_cred_option but does not implement the requested
 option.

ticket: 6601
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23709 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23697 from trunk
Tom Yu [Mon, 8 Feb 2010 20:55:43 +0000 (20:55 +0000)]
pull up r23697 from trunk

 ------------------------------------------------------------------------
 r23697 | ghudson | 2010-02-04 22:43:54 -0500 (Thu, 04 Feb 2010) | 12 lines

 ticket: 6655
 subject: Fix cross-realm handling of AD-SIGNEDPATH
 target_version: 1.8
 tags: pullup

 Avoid setting AD-SIGNEDPATH when returning a cross-realm TGT.
 Previously we were avoiding it when answering a cross-realm client,
 which was wrong.

 Don't fail out on an invalid AD-SIGNEDPATH checksum; just don't trust
 the ticket for S4U2Proxy (as if AD-SIGNEDPATH weren't present).

ticket: 6655
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23708 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23696 from trunk
Tom Yu [Mon, 8 Feb 2010 20:55:39 +0000 (20:55 +0000)]
pull up r23696 from trunk

 ------------------------------------------------------------------------
 r23696 | tlyu | 2010-02-04 22:25:49 -0500 (Thu, 04 Feb 2010) | 7 lines

 ticket: 6600
 tags: pullup
 target_version: 1.8

 Apply patch from Arlene Berry to avoid segfault if a mech
 gss_inquire_context returns GSS_C_NO_NAME for the target name.

ticket: 6600
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23707 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23695 from trunk
Tom Yu [Mon, 8 Feb 2010 20:55:36 +0000 (20:55 +0000)]
pull up r23695 from trunk

 ------------------------------------------------------------------------
 r23695 | tlyu | 2010-02-04 22:05:42 -0500 (Thu, 04 Feb 2010) | 8 lines

 ticket: 6598
 tags: pullup
 target_version: 1.8

 Apply patch from Arlene Berry to return a comparable static OID object
 instead of the application-passed (probably dynamically allocated)
 OID, to avoid use-after-free problems.

ticket: 6598
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23706 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23694 from trunk
Tom Yu [Mon, 8 Feb 2010 20:55:34 +0000 (20:55 +0000)]
pull up r23694 from trunk

 ------------------------------------------------------------------------
 r23694 | ghudson | 2010-02-03 14:55:05 -0500 (Wed, 03 Feb 2010) | 7 lines

 ticket: 6654
 subject: Fix greet_server build
 target_version: 1.8
 tags: pullup

 Fix the export list for the greet_server plugin.

ticket: 6654
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23705 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23681 from trunk
Tom Yu [Mon, 8 Feb 2010 20:55:31 +0000 (20:55 +0000)]
pull up r23681 from trunk

 ------------------------------------------------------------------------
 r23681 | tlyu | 2010-02-01 16:48:19 -0500 (Mon, 01 Feb 2010) | 15 lines

 ticket: 6653
 subject: set_default_enctype_var should filter not reject weak enctypes
 tags: pullup
 target_version: 1.8

 With allow_weak_crypto=false, set_default_enctype_var() (helper
 function for krb5_set_default_tgs_enctypes(), etc.) was rejecting any
 application-provided enctype list that contained any weak enctype even
 when valid strong enctypes were present.  This broke some Samba
 things.  Filter the weak enctypes instead.  Add test cases.

 Reported to Debian by Holger Isenberg. (Debian bug #566977)
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=566977
 Thanks to Simo Sorce for testing.

ticket: 6653
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23704 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23676, r23679 from trunk
Tom Yu [Mon, 8 Feb 2010 20:55:27 +0000 (20:55 +0000)]
pull up r23676, r23679 from trunk

 ------------------------------------------------------------------------
 r23679 | ghudson | 2010-01-31 16:04:48 -0500 (Sun, 31 Jan 2010) | 4 lines

 ticket: 6650

 Fix minor error-handling bug in r23676.

 ------------------------------------------------------------------------
 r23676 | ghudson | 2010-01-28 16:39:31 -0500 (Thu, 28 Jan 2010) | 17 lines

 ticket: 6650
 subject: Handle migration from pre-1.7 databases with master key kvno != 1
 target_version: 1.7.1
 tags: pullup

 krb5_dbe_lookup_mkvno assumes an mkvno of 1 for entries with no
 explicit tl_data.  We've seen at least one pre-1.7 KDB with a master
 kvno of 0, violating this assumption.  Fix this as follows:

 * krb5_dbe_lookup_mkvno outputs 0 instead of 1 if no tl_data exists.
 * A new function krb5_dbe_get_mkvno translates this 0 value to the
   minimum version number in the mkey_list.  (krb5_dbe_lookup_mkvno
   cannot do this as it doesn't take the mkey_list as a parameter.)
 * Call sites to krb5_dbe_lookup_mkvno are converted to
   krb5_dbe_get_mkvno, except for an LDAP case where it is acceptable
   to store 0 if the mkvno is unknown.

ticket: 6651
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23703 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23674, r23675 from trunk
Tom Yu [Mon, 8 Feb 2010 20:55:22 +0000 (20:55 +0000)]
pull up r23674, r23675 from trunk

 ------------------------------------------------------------------------
 r23675 | ghudson | 2010-01-27 17:17:12 -0500 (Wed, 27 Jan 2010) | 4 lines

 ticket: 6649

 Update the LDAP dependencies for r23674.

 ------------------------------------------------------------------------
 r23674 | ghudson | 2010-01-26 22:52:52 -0500 (Tue, 26 Jan 2010) | 10 lines

 ticket: 6649
 subject: Get rid of kdb_ext.h and allow out-of-tree KDB plugins
 target_version: 1.8
 tags: pullup

 Move the contents of kdb_ext.h into kdb.h, since there is no meaningful
 "extensions" category of DB interfaces now that this stuff is in our
 tree.  Allows out-of-tree KDB plugins to be built since we install
 kdb.h.

ticket: 6649
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23702 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23673 from trunk
Tom Yu [Mon, 8 Feb 2010 20:55:17 +0000 (20:55 +0000)]
pull up r23673 from trunk

 ------------------------------------------------------------------------
 r23673 | tlyu | 2010-01-26 17:55:07 -0500 (Tue, 26 Jan 2010) | 9 lines

 ticket: 6648
 target_version: 1.8
 tags: pullup
 subject: define MIN() in lib/gssapi/krb5/prf.c

 Apply patch from Doug Engert to define MIN(), which was causing prf.c
 to fail compilation on Solaris.  (The definition was probably leaking
 from sys/param.h, included indirectly somehow.)

ticket: 6648
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23701 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23672 from trunk
Tom Yu [Mon, 8 Feb 2010 20:55:12 +0000 (20:55 +0000)]
pull up r23672 from trunk

 ------------------------------------------------------------------------
 r23672 | tlyu | 2010-01-26 13:43:29 -0500 (Tue, 26 Jan 2010) | 6 lines

 ticket: 6599
 target_version: 1.8
 tags: pullup

 Apply patch from Arlene Berry to plug a memory leak.

ticket: 6599
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23700 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23663 from trunk
Tom Yu [Thu, 21 Jan 2010 22:49:07 +0000 (22:49 +0000)]
pull up r23663 from trunk

 ------------------------------------------------------------------------
 r23663 | ghudson | 2010-01-19 18:35:39 -0500 (Tue, 19 Jan 2010) | 9 lines

 ticket: 6645
 subject: Add krb5_allow_weak_crypto API
 target_version: 1.8
 tags: pullup

 Add an API to allow apps to override the profile setting of
 allow_weak_crypto, so that aklog can work with krb5 1.8 out of the box
 until OpenAFS finishes migrating away from DES.

ticket: 6645
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23665 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23662 from trunk
Tom Yu [Thu, 21 Jan 2010 22:49:01 +0000 (22:49 +0000)]
pull up r23662 from trunk

 ------------------------------------------------------------------------
 r23662 | ghudson | 2010-01-19 13:44:57 -0500 (Tue, 19 Jan 2010) | 3 lines

 ticket: 6644
 subject: Change basename of libkadm5 libraries to avoid Heimdal conflict

ticket: 6644
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23664 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoAdd test program for decryption of overly short buffers
Tom Yu [Thu, 14 Jan 2010 19:27:33 +0000 (19:27 +0000)]
Add test program for decryption of overly short buffers

Pull up r23652 from trunk.

Test case for integer underflow in AES and RC4 decryption.
[MITKRB5-SA-2009-004, CVE-2009-4212] krb5-1.8 branch isn't vulnerable,
but include this test anyway.

 ------------------------------------------------------------------------
 r23652 | ghudson | 2010-01-12 16:59:58 -0500 (Tue, 12 Jan 2010) | 2 lines

 Add test program for decryption of overly short buffers.

ticket: 6642
target_version: 1.8
version_fixed: 1.8
tags: pullup
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23660 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23657 from trunk
Tom Yu [Thu, 14 Jan 2010 18:51:13 +0000 (18:51 +0000)]
pull up r23657 from trunk

 ------------------------------------------------------------------------
 r23657 | ghudson | 2010-01-14 11:09:24 -0500 (Thu, 14 Jan 2010) | 9 lines

 ticket: 6640
 subject: Make history key exempt from permitted_enctypes
 tags: pullup
 target_version: 1.8

 In kdb_init_hist, just use the first key entry in the kadmin/history
 entry.  This makes the history key work even if the enctype is
 disallowed by allow_weak_crypto=false or other configuration.

ticket: 6640
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23659 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23607 from trunk
Tom Yu [Thu, 14 Jan 2010 18:51:09 +0000 (18:51 +0000)]
pull up r23607 from trunk

 ------------------------------------------------------------------------
 r23607 | ghudson | 2010-01-07 15:57:02 -0500 (Thu, 07 Jan 2010) | 7 lines

 ticket: 6546
 status: open

 When retrieving the kadmin/history key, accept any enctype, as the
 current master key enctype may not match the one the KDB was created
 with.

ticket: 6546
status: resolved
version_fixed: 1.8

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23658 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23628 from trunk
Tom Yu [Tue, 12 Jan 2010 05:03:49 +0000 (05:03 +0000)]
pull up r23628 from trunk

 ------------------------------------------------------------------------
 r23628 | ghudson | 2010-01-11 20:05:37 -0500 (Mon, 11 Jan 2010) | 9 lines

 ticket: 6632
 subject: Simplify and fix FAST check for keyed checksum type
 target_version: 1.8
 tags: pullup

 Use krb5_c_is_keyed_checksum to detect unkeyed checksums when handling
 FAST requests.  The old check was broken for 1.8 because
 krb5_c_verify_checksum got pickier about invalid keyblocks.

ticket: 6632
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23649 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23629 from trunk
Tom Yu [Tue, 12 Jan 2010 05:03:44 +0000 (05:03 +0000)]
pull up r23629 from trunk

 ------------------------------------------------------------------------
 r23629 | ghudson | 2010-01-11 20:07:48 -0500 (Mon, 11 Jan 2010) | 9 lines

 ticket: 6633
 subject: Use keyed checksum type for DES FAST
 target_version: 1.7
 tags: pullup

 DES enctypes have unkeyed mandatory-to-implement checksums.  Since
 FAST requires a keyed checksum, we must pick something else in that
 case.

ticket: 6633
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23648 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23622 from trunk
Tom Yu [Mon, 11 Jan 2010 21:44:18 +0000 (21:44 +0000)]
pull up r23622 from trunk

 ------------------------------------------------------------------------
 r23622 | epeisach | 2010-01-09 11:02:13 -0500 (Sat, 09 Jan 2010) | 8 lines

 subject: krb5int_pbkdf2_hmac_sha1 fails to set enctype on keyblock
 ticket: 6630
 tags: pullup

 krb5int_pbkdf2_hmac_sha1 fails to set enctype on a termporary keyblock
 - resulting in valgrind picking up on a conditional branch w/ unset
 value. Initialize value.

ticket: 6630
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23627 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23608 from trunk
Tom Yu [Mon, 11 Jan 2010 21:44:13 +0000 (21:44 +0000)]
pull up r23608 from trunk

 ------------------------------------------------------------------------
 r23608 | epeisach | 2010-01-07 20:51:19 -0500 (Thu, 07 Jan 2010) | 23 lines

 subject: krb5int_derive_key results in cache with uninitialized values

 krb5int_derive_key creates a temporary keyblock to add to the derived cache.
 krb5_k_free_key will iterate over the derived keys and for ones with cache will
 lookup the enctype for the key_cleanup handler.

 Unfortunatly, there isn't a keyblock init function that does not allocate the
 keyblock - as I suspect this problem will appear in other places.

 The valgrind log of this problem is:

 ==7281== Conditional jump or move depends on uninitialised value(s)
 ==7281==    at 0x40E9AE8: find_enctype (etypes.h:81)
 ==7281==    by 0x40E9C96: krb5_k_free_key (key.c:91)
 ==7281==    by 0x40E9C52: krb5_k_free_key (key.c:86)
 ==7281==    by 0x40EBB00: krb5_c_prf (prf.c:87)
 ==7281==    by 0x40E7B1B: prf_plus (cf2.c:77)
 ==7281==    by 0x40E7CE6: krb5_c_fx_cf2_simple (cf2.c:125)
 ==7281==    by 0x804899C: main (t_cf2.c:70)
 ==7281==

 with memory leaks.

ticket: 6629
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23626 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23612 from trunk
Tom Yu [Fri, 8 Jan 2010 23:43:18 +0000 (23:43 +0000)]
pull up r23612 from trunk

 ------------------------------------------------------------------------
 r23612 | epeisach | 2010-01-08 09:54:04 -0500 (Fri, 08 Jan 2010) | 7 lines

 ticket: 6628
 subject: krb5int_dk_string_to_key fails to set enctype
 tags: pullup

 Failure to set the enctype before invoking krb5_k_create_key results in
 potential memory leak.

ticket: 6628
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23621 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23611 from trunk
Tom Yu [Fri, 8 Jan 2010 23:43:15 +0000 (23:43 +0000)]
pull up r23611 from trunk

 ------------------------------------------------------------------------
 r23611 | epeisach | 2010-01-07 22:43:37 -0500 (Thu, 07 Jan 2010) | 7 lines

 subject: Set enctype in crypto_tests to prevent memory leaks
 ticket: 6627
 tags: pullup

 The key caching is causing memory leaks if enctype is not set as the
 enctype specific cleanup handlers are not called.

ticket: 6627
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23620 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23610 from trunk
Tom Yu [Fri, 8 Jan 2010 23:43:12 +0000 (23:43 +0000)]
pull up r23610 from trunk

 ------------------------------------------------------------------------
 r23610 | ghudson | 2010-01-07 21:43:21 -0500 (Thu, 07 Jan 2010) | 10 lines

 ticket: 6626
 subject: Restore interoperability with 1.6 addprinc -randkey
 tags: pullup
 target_version: 1.8

 The arcfour string-to-key operation in krb5 1.7 (or later) disagrees
 with the dummy password used by the addprinc -randkey operation in
 krb5 1.6's kadmin client, because it's not valid UTF-8.  Recognize the
 1.6 dummy password and use a random password instead.

ticket: 6626
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23619 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23609 from trunk
Tom Yu [Fri, 8 Jan 2010 23:43:09 +0000 (23:43 +0000)]
pull up r23609 from trunk

 ------------------------------------------------------------------------
 r23609 | epeisach | 2010-01-07 21:12:24 -0500 (Thu, 07 Jan 2010) | 23 lines

 subject: yarrow code does not initialize keyblock enctype and uses unitialized value
 ticket: 6625
 tags: pullup

 The yarrow code uses a keyblock that is partially initialized. This results
 in krb5_k_free_key trying to look up the enctype to call the free handler.

 One of the valgrind reports: (there are several paths)

 ==26701== Conditional jump or move depends on uninitialised value(s)
 ==26701==    at 0x40E9AF0: find_enctype (etypes.h:81)
 ==26701==    by 0x40E9C9E: krb5_k_free_key (key.c:91)
 ==26701==    by 0x40D641A: krb5int_yarrow_cipher_init (ycipher.c:49)
 ==26701==    by 0x40D593A: yarrow_gate_locked (yarrow.c:578)
 ==26701==    by 0x40D5349: krb5int_yarrow_output_Block (yarrow.c:423)
 ==26701==    by 0x40D581B: yarrow_output_locked (yarrow.c:553)
 ==26701==    by 0x40D5667: krb5int_yarrow_output (yarrow.c:513)
 ==26701==    by 0x40EBD2D: krb5_c_random_make_octets (prng.c:112)
 ==26701==    by 0x40D4119: krb5int_old_encrypt (old_aead.c:97)
 ==26701==    by 0x40E9696: krb5_k_encrypt_iov (encrypt_iov.c:42)
 ==26701==    by 0x8049554: main (t_encrypt.c:206)
 ==26701==

ticket: 6625
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23618 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23602, r23604, r23605 from trunk
Tom Yu [Fri, 8 Jan 2010 23:43:05 +0000 (23:43 +0000)]
pull up r23602, r23604, r23605 from trunk

 ------------------------------------------------------------------------
 r23605 | hartmans | 2010-01-07 13:35:15 -0500 (Thu, 07 Jan 2010) | 4 lines

 ticket: 6624

 Revert change to Makefile.in that ended up not being needed

 ------------------------------------------------------------------------
 r23604 | hartmans | 2010-01-07 13:32:20 -0500 (Thu, 07 Jan 2010) | 10 lines

 Subject: automated tests for anonymous pkinit
 ticket: 6624
 target_version: 1.8
 tags: pullup

 Implement tests for anonymous pkinit.  A certificate and private key
 are checked in; these tests will stop working in 2023.

 Note that r23602 needs to be pulled up before this ticket.

 ------------------------------------------------------------------------
 r23602 | ghudson | 2010-01-07 12:26:58 -0500 (Thu, 07 Jan 2010) | 4 lines

 Make preauth_module_dir override, rather than supplement, the
 built-in path list, to avoid problems with running the same preauth
 module twice.

ticket: 6624
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23617 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23603 from trunk
Tom Yu [Fri, 8 Jan 2010 23:43:02 +0000 (23:43 +0000)]
pull up r23603 from trunk

 ------------------------------------------------------------------------
 r23603 | hartmans | 2010-01-07 13:32:15 -0500 (Thu, 07 Jan 2010) | 7 lines

 subject: Always treat anonymous as preauth required
 ticket: 6623
 target_version: 1.8
 tags: pullup

 Always treat the WELLKNOWN/ANONYMOUS principal as requiring pre-authentication.  The anonymous draft depends on a pre-auth exchange to invoke pkinit.

ticket: 6623
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23616 dc483132-0cff-0310-8789-dd5450dbe970

14 years agopull up r23597, r23599 from trunk
Tom Yu [Fri, 8 Jan 2010 23:42:59 +0000 (23:42 +0000)]
pull up r23597, r23599 from trunk

 ------------------------------------------------------------------------
 r23599 | ghudson | 2010-01-06 18:44:04 -0500 (Wed, 06 Jan 2010) | 4 lines

 Make krb5_dbe_def_search_enctype more consistent about when it returns
 KRB5_KDB_NO_PERMITTED_KEY.  Now it will return that error if it sees
 any non-permitted enctypes which match the search criteria.

 ------------------------------------------------------------------------
 r23597 | ghudson | 2010-01-06 18:14:14 -0500 (Wed, 06 Jan 2010) | 8 lines

 ticket: 6622
 target_version: 1.8
 tags: pullup

 Don't return KRB5_KDB_NO_PERMITTED_KEY from
 krb5_dbe_def_search_enctype if we previously returned results (i.e. if
 *start > 0).

ticket: 6622
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23615 dc483132-0cff-0310-8789-dd5450dbe970

14 years agokrb5-1.8-alpha1-postrelease
Tom Yu [Wed, 6 Jan 2010 23:11:52 +0000 (23:11 +0000)]
krb5-1.8-alpha1-postrelease

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23596 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoREADME, patchlevel, etc. for krb5-1.8-alpha1
Tom Yu [Wed, 6 Jan 2010 22:58:45 +0000 (22:58 +0000)]
README, patchlevel, etc. for krb5-1.8-alpha1

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23594 dc483132-0cff-0310-8789-dd5450dbe970

14 years agobranch for krb5-1.8
Tom Yu [Tue, 5 Jan 2010 04:38:21 +0000 (04:38 +0000)]
branch for krb5-1.8

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23588 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoREADME, copyright, patchlevel for krb5-1.8 branch
Tom Yu [Tue, 5 Jan 2010 04:37:07 +0000 (04:37 +0000)]
README, copyright, patchlevel for krb5-1.8 branch

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23587 dc483132-0cff-0310-8789-dd5450dbe970

14 years agodisable weak crypto by default
Tom Yu [Tue, 5 Jan 2010 02:47:58 +0000 (02:47 +0000)]
disable weak crypto by default

Set allow_weak_crypto=false by default.  Set default master key
enctype to sha256.  Adjust test suite to compensate.

ticket: 6621

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23586 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoInstall encrypted_challenge plugin during fake-install
Tom Yu [Mon, 4 Jan 2010 21:45:23 +0000 (21:45 +0000)]
Install encrypted_challenge plugin during fake-install

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23585 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoAdd preauth_module_dir support to the KDC preauth module loader
Greg Hudson [Mon, 4 Jan 2010 21:22:00 +0000 (21:22 +0000)]
Add preauth_module_dir support to the KDC preauth module loader
(should have been part of r23531).  Most or all of this logic should
be moved into the plugin code or a layer above it, after the branch.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23584 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoAnonymous documentation
Sam Hartman [Mon, 4 Jan 2010 19:59:25 +0000 (19:59 +0000)]
Anonymous documentation

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23583 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoOther changes in this ticket guarantee that the padata argument to
Sam Hartman [Mon, 4 Jan 2010 19:59:20 +0000 (19:59 +0000)]
Other changes in this ticket guarantee that the padata argument to
return callbacks is non-null; don't check for null in pkinit_srv.c.

ticket: 6607

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23582 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoBring back krb5_kt_free_entry which really does the same thing as
Sam Hartman [Mon, 4 Jan 2010 19:59:16 +0000 (19:59 +0000)]
Bring back krb5_kt_free_entry which really does the same thing as
krb5_free_keytab_entry_contents per discussion on krbdev in order to
avoid breaking samba builds.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23581 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoTest FAST authentication during each pass
Sam Hartman [Mon, 4 Jan 2010 19:59:12 +0000 (19:59 +0000)]
Test FAST authentication during each pass

Because a new principal is added to the database, the iprop test
expected output is updated.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23580 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoFix documentation of armor cache based on fast negotiation project
Sam Hartman [Mon, 4 Jan 2010 19:59:03 +0000 (19:59 +0000)]
Fix documentation of armor cache based on fast negotiation project

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23579 dc483132-0cff-0310-8789-dd5450dbe970

14 years agokdc_supported_enctypes does nothing; eradicate mentions thereof
Tom Yu [Mon, 4 Jan 2010 19:34:33 +0000 (19:34 +0000)]
kdc_supported_enctypes does nothing; eradicate mentions thereof

kdc_supported_enctypes does nothing.  Remove all mention of it from
documentation and test suites.

ticket: 6620

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23578 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoDon't accept AS replies encrypted in enctypes other than the ones we
Greg Hudson [Mon, 4 Jan 2010 17:00:23 +0000 (17:00 +0000)]
Don't accept AS replies encrypted in enctypes other than the ones we
asked for.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23577 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoFor the better code modularity keep some "free" routines closer to the resource alloc...
Zhanna Tsitkov [Mon, 4 Jan 2010 06:22:41 +0000 (06:22 +0000)]
For the better code modularity keep some "free" routines closer to the resource allocators. Also, reindent cleanup in the touched files

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23576 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoUpdate dependencies
Ken Raeburn [Sun, 3 Jan 2010 23:41:49 +0000 (23:41 +0000)]
Update dependencies

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23575 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoEnable caching of key-derived context info such as key schedules from
Ken Raeburn [Sun, 3 Jan 2010 23:39:12 +0000 (23:39 +0000)]
Enable caching of key-derived context info such as key schedules from
one encryption operation to another.  Use a new function in the
enc_provider structure for cleanup.  Implement caching of aes_ctx
values.

Using Greg's performance tests from the derived-key caching work, on a
2.8GHz Xeon, I see 1 million AES-128 encryptions of 16 bytes improved
by 5-6%; encryptions of 1024 bytes and checksums are not significantly
affected.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23574 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoFix a case where krb5int_aes_decrypt was trying to encrypt a block
Greg Hudson [Sun, 3 Jan 2010 23:12:19 +0000 (23:12 +0000)]
Fix a case where krb5int_aes_decrypt was trying to encrypt a block
instead of decrypting it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23573 dc483132-0cff-0310-8789-dd5450dbe970

14 years agokrb5_gss_acquire_cred will deref garbage pointer if actual_mechs is NULL
Ezra Peisach [Sun, 3 Jan 2010 15:14:51 +0000 (15:14 +0000)]
krb5_gss_acquire_cred will deref garbage pointer if actual_mechs is NULL

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23572 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoInitialize variables in case of error path winds up freeing stack garbage
Ezra Peisach [Sun, 3 Jan 2010 14:27:02 +0000 (14:27 +0000)]
Initialize variables in case of error path winds up freeing stack garbage

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23571 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoIgnore some routing messages indicating changes that don't affect our
Ken Raeburn [Sun, 3 Jan 2010 03:00:24 +0000 (03:00 +0000)]
Ignore some routing messages indicating changes that don't affect our
set of local addresses.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23570 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoRemove old 'full' arg to KDC that should've gone away with '-4'
Ken Raeburn [Sun, 3 Jan 2010 03:00:19 +0000 (03:00 +0000)]
Remove old 'full' arg to KDC that should've gone away with '-4'

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23569 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoSome unsigned/signed warning cleanup
Ezra Peisach [Sun, 3 Jan 2010 00:19:53 +0000 (00:19 +0000)]
Some unsigned/signed warning cleanup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23568 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoUse krb5int_count_etypes in rd_req_decoded_opt
Greg Hudson [Sat, 2 Jan 2010 02:35:40 +0000 (02:35 +0000)]
Use krb5int_count_etypes in rd_req_decoded_opt

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23567 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoTest -P options to kdc and kadmind to write out a pid file. Verify contents of
Ezra Peisach [Sat, 2 Jan 2010 02:16:23 +0000 (02:16 +0000)]
Test -P options to kdc and kadmind to write out a pid file. Verify contents of
pid file match pid of executable.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23566 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoFactor out copying and counting of zero-terminated enctype lists into
Greg Hudson [Fri, 1 Jan 2010 23:20:56 +0000 (23:20 +0000)]
Factor out copying and counting of zero-terminated enctype lists into
a new file src/lib/krb5/krb/etype_list.c.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23565 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoUpdate copyright year in prototype sources
Greg Hudson [Fri, 1 Jan 2010 22:34:29 +0000 (22:34 +0000)]
Update copyright year in prototype sources

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23564 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoChange db_args from being a global to only defined in the function
Ezra Peisach [Fri, 1 Jan 2010 16:41:04 +0000 (16:41 +0000)]
Change db_args from being a global to only defined in the function
that uses it. This removes a warning of shadowed variable names.  Change
several functions to static when limited to main.c

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23563 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoAdd gcc printf attribute for kdc_err prototype
Ezra Peisach [Fri, 1 Jan 2010 13:00:08 +0000 (13:00 +0000)]
Add gcc printf attribute for kdc_err prototype

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23562 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoUnsigned/signed cleanup
Ezra Peisach [Fri, 1 Jan 2010 12:58:42 +0000 (12:58 +0000)]
Unsigned/signed cleanup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23561 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoAdd a new -P option to krb5kdc and kadmind which, if given, specifies
Russ Allbery [Fri, 1 Jan 2010 05:09:57 +0000 (05:09 +0000)]
Add a new -P option to krb5kdc and kadmind which, if given, specifies
the path to which to write the PID file of the daemon after it finishes
initializing.

Ticket: 6618

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23560 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoFree tinfo at end - so program runs with new memory leaks
Ezra Peisach [Thu, 31 Dec 2009 23:18:16 +0000 (23:18 +0000)]
Free tinfo at end - so program runs with new memory leaks

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23559 dc483132-0cff-0310-8789-dd5450dbe970

14 years agoRemove tests for functions that we do not conditionalize on. Most deprecated
Ezra Peisach [Thu, 31 Dec 2009 23:13:56 +0000 (23:13 +0000)]
Remove tests for functions that we do not conditionalize on.  Most deprecated
from breakoff of apps.

Specifically, do not test for:

gethostbyname2 getifaddrs pthread_mutex_lock sched_yield ftime strstr
timezone umask waitpid sem_init sem_trywait daemon

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23558 dc483132-0cff-0310-8789-dd5450dbe970