git.tremily.us Git - krb5.git/log

pull up r23672 from trunk

------------------------------------------------------------------------
r23672 | tlyu | 2010-01-26 13:43:29 -0500 (Tue, 26 Jan 2010) | 6 lines

ticket: 6599
target_version: 1.8
tags: pullup

Apply patch from Arlene Berry to plug a memory leak.

ticket: 6599
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23700 dc483132-0cff-0310-8789-dd5450dbe970

pull up r23663 from trunk

------------------------------------------------------------------------
r23663 | ghudson | 2010-01-19 18:35:39 -0500 (Tue, 19 Jan 2010) | 9 lines

ticket: 6645
subject: Add krb5_allow_weak_crypto API
target_version: 1.8
tags: pullup

Add an API to allow apps to override the profile setting of
allow_weak_crypto, so that aklog can work with krb5 1.8 out of the box
until OpenAFS finishes migrating away from DES.

ticket: 6645
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23665 dc483132-0cff-0310-8789-dd5450dbe970

pull up r23662 from trunk

------------------------------------------------------------------------
r23662 | ghudson | 2010-01-19 13:44:57 -0500 (Tue, 19 Jan 2010) | 3 lines

ticket: 6644
subject: Change basename of libkadm5 libraries to avoid Heimdal conflict

ticket: 6644
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23664 dc483132-0cff-0310-8789-dd5450dbe970

Add test program for decryption of overly short buffers

Pull up r23652 from trunk.

Test case for integer underflow in AES and RC4 decryption.
[MITKRB5-SA-2009-004, CVE-2009-4212] krb5-1.8 branch isn't vulnerable,
but include this test anyway.

------------------------------------------------------------------------
r23652 | ghudson | 2010-01-12 16:59:58 -0500 (Tue, 12 Jan 2010) | 2 lines

Add test program for decryption of overly short buffers.

ticket: 6642
target_version: 1.8
version_fixed: 1.8
tags: pullup
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23660 dc483132-0cff-0310-8789-dd5450dbe970

pull up r23657 from trunk

------------------------------------------------------------------------
r23657 | ghudson | 2010-01-14 11:09:24 -0500 (Thu, 14 Jan 2010) | 9 lines

ticket: 6640
subject: Make history key exempt from permitted_enctypes
tags: pullup
target_version: 1.8

In kdb_init_hist, just use the first key entry in the kadmin/history
entry. This makes the history key work even if the enctype is
disallowed by allow_weak_crypto=false or other configuration.

ticket: 6640
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23659 dc483132-0cff-0310-8789-dd5450dbe970

pull up r23607 from trunk

------------------------------------------------------------------------
r23607 | ghudson | 2010-01-07 15:57:02 -0500 (Thu, 07 Jan 2010) | 7 lines

ticket: 6546
status: open

When retrieving the kadmin/history key, accept any enctype, as the
current master key enctype may not match the one the KDB was created
with.

ticket: 6546
status: resolved
version_fixed: 1.8

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23658 dc483132-0cff-0310-8789-dd5450dbe970

pull up r23628 from trunk

------------------------------------------------------------------------
r23628 | ghudson | 2010-01-11 20:05:37 -0500 (Mon, 11 Jan 2010) | 9 lines

ticket: 6632
subject: Simplify and fix FAST check for keyed checksum type
target_version: 1.8
tags: pullup

Use krb5_c_is_keyed_checksum to detect unkeyed checksums when handling
FAST requests. The old check was broken for 1.8 because
krb5_c_verify_checksum got pickier about invalid keyblocks.

ticket: 6632
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23649 dc483132-0cff-0310-8789-dd5450dbe970

pull up r23629 from trunk

------------------------------------------------------------------------
r23629 | ghudson | 2010-01-11 20:07:48 -0500 (Mon, 11 Jan 2010) | 9 lines

ticket: 6633
subject: Use keyed checksum type for DES FAST
target_version: 1.7
tags: pullup

DES enctypes have unkeyed mandatory-to-implement checksums. Since
FAST requires a keyed checksum, we must pick something else in that
case.

ticket: 6633
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23648 dc483132-0cff-0310-8789-dd5450dbe970

pull up r23622 from trunk

------------------------------------------------------------------------
r23622 | epeisach | 2010-01-09 11:02:13 -0500 (Sat, 09 Jan 2010) | 8 lines

subject: krb5int_pbkdf2_hmac_sha1 fails to set enctype on keyblock
ticket: 6630
tags: pullup

krb5int_pbkdf2_hmac_sha1 fails to set enctype on a termporary keyblock
- resulting in valgrind picking up on a conditional branch w/ unset
value. Initialize value.

ticket: 6630
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23627 dc483132-0cff-0310-8789-dd5450dbe970

pull up r23608 from trunk

------------------------------------------------------------------------
r23608 | epeisach | 2010-01-07 20:51:19 -0500 (Thu, 07 Jan 2010) | 23 lines

subject: krb5int_derive_key results in cache with uninitialized values

krb5int_derive_key creates a temporary keyblock to add to the derived cache.
krb5_k_free_key will iterate over the derived keys and for ones with cache will
lookup the enctype for the key_cleanup handler.

Unfortunatly, there isn't a keyblock init function that does not allocate the
keyblock - as I suspect this problem will appear in other places.

The valgrind log of this problem is:

==7281== Conditional jump or move depends on uninitialised value(s)
==7281==    at 0x40E9AE8: find_enctype (etypes.h:81)
==7281==    by 0x40E9C96: krb5_k_free_key (key.c:91)
==7281==    by 0x40E9C52: krb5_k_free_key (key.c:86)
==7281==    by 0x40EBB00: krb5_c_prf (prf.c:87)
==7281==    by 0x40E7B1B: prf_plus (cf2.c:77)
==7281==    by 0x40E7CE6: krb5_c_fx_cf2_simple (cf2.c:125)
==7281==    by 0x804899C: main (t_cf2.c:70)
==7281==

with memory leaks.

ticket: 6629
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23626 dc483132-0cff-0310-8789-dd5450dbe970

pull up r23612 from trunk

------------------------------------------------------------------------
r23612 | epeisach | 2010-01-08 09:54:04 -0500 (Fri, 08 Jan 2010) | 7 lines

ticket: 6628
subject: krb5int_dk_string_to_key fails to set enctype
tags: pullup

Failure to set the enctype before invoking krb5_k_create_key results in
potential memory leak.

ticket: 6628
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23621 dc483132-0cff-0310-8789-dd5450dbe970

pull up r23611 from trunk

------------------------------------------------------------------------
r23611 | epeisach | 2010-01-07 22:43:37 -0500 (Thu, 07 Jan 2010) | 7 lines

subject: Set enctype in crypto_tests to prevent memory leaks
ticket: 6627
tags: pullup

The key caching is causing memory leaks if enctype is not set as the
enctype specific cleanup handlers are not called.

ticket: 6627
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23620 dc483132-0cff-0310-8789-dd5450dbe970

pull up r23610 from trunk

------------------------------------------------------------------------
r23610 | ghudson | 2010-01-07 21:43:21 -0500 (Thu, 07 Jan 2010) | 10 lines

ticket: 6626
subject: Restore interoperability with 1.6 addprinc -randkey
tags: pullup
target_version: 1.8

The arcfour string-to-key operation in krb5 1.7 (or later) disagrees
with the dummy password used by the addprinc -randkey operation in
krb5 1.6's kadmin client, because it's not valid UTF-8. Recognize the
1.6 dummy password and use a random password instead.

ticket: 6626
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23619 dc483132-0cff-0310-8789-dd5450dbe970

pull up r23609 from trunk

------------------------------------------------------------------------
r23609 | epeisach | 2010-01-07 21:12:24 -0500 (Thu, 07 Jan 2010) | 23 lines

subject: yarrow code does not initialize keyblock enctype and uses unitialized value
ticket: 6625
tags: pullup

The yarrow code uses a keyblock that is partially initialized. This results
in krb5_k_free_key trying to look up the enctype to call the free handler.

One of the valgrind reports: (there are several paths)

==26701== Conditional jump or move depends on uninitialised value(s)
==26701==    at 0x40E9AF0: find_enctype (etypes.h:81)
==26701==    by 0x40E9C9E: krb5_k_free_key (key.c:91)
==26701==    by 0x40D641A: krb5int_yarrow_cipher_init (ycipher.c:49)
==26701==    by 0x40D593A: yarrow_gate_locked (yarrow.c:578)
==26701==    by 0x40D5349: krb5int_yarrow_output_Block (yarrow.c:423)
==26701==    by 0x40D581B: yarrow_output_locked (yarrow.c:553)
==26701==    by 0x40D5667: krb5int_yarrow_output (yarrow.c:513)
==26701==    by 0x40EBD2D: krb5_c_random_make_octets (prng.c:112)
==26701==    by 0x40D4119: krb5int_old_encrypt (old_aead.c:97)
==26701==    by 0x40E9696: krb5_k_encrypt_iov (encrypt_iov.c:42)
==26701==    by 0x8049554: main (t_encrypt.c:206)
==26701==

ticket: 6625
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23618 dc483132-0cff-0310-8789-dd5450dbe970

pull up r23602, r23604, r23605 from trunk

------------------------------------------------------------------------
r23605 | hartmans | 2010-01-07 13:35:15 -0500 (Thu, 07 Jan 2010) | 4 lines

ticket: 6624

Revert change to Makefile.in that ended up not being needed

------------------------------------------------------------------------
r23604 | hartmans | 2010-01-07 13:32:20 -0500 (Thu, 07 Jan 2010) | 10 lines

Subject: automated tests for anonymous pkinit
ticket: 6624
target_version: 1.8
tags: pullup

Implement tests for anonymous pkinit. A certificate and private key
are checked in; these tests will stop working in 2023.

Note that r23602 needs to be pulled up before this ticket.

------------------------------------------------------------------------
r23602 | ghudson | 2010-01-07 12:26:58 -0500 (Thu, 07 Jan 2010) | 4 lines

Make preauth_module_dir override, rather than supplement, the
built-in path list, to avoid problems with running the same preauth
module twice.

ticket: 6624
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23617 dc483132-0cff-0310-8789-dd5450dbe970

pull up r23603 from trunk

------------------------------------------------------------------------
r23603 | hartmans | 2010-01-07 13:32:15 -0500 (Thu, 07 Jan 2010) | 7 lines

subject: Always treat anonymous as preauth required
ticket: 6623
target_version: 1.8
tags: pullup

Always treat the WELLKNOWN/ANONYMOUS principal as requiring pre-authentication. The anonymous draft depends on a pre-auth exchange to invoke pkinit.

ticket: 6623
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23616 dc483132-0cff-0310-8789-dd5450dbe970

pull up r23597, r23599 from trunk

------------------------------------------------------------------------
r23599 | ghudson | 2010-01-06 18:44:04 -0500 (Wed, 06 Jan 2010) | 4 lines

Make krb5_dbe_def_search_enctype more consistent about when it returns
KRB5_KDB_NO_PERMITTED_KEY. Now it will return that error if it sees
any non-permitted enctypes which match the search criteria.

------------------------------------------------------------------------
r23597 | ghudson | 2010-01-06 18:14:14 -0500 (Wed, 06 Jan 2010) | 8 lines

ticket: 6622
target_version: 1.8
tags: pullup

Don't return KRB5_KDB_NO_PERMITTED_KEY from
krb5_dbe_def_search_enctype if we previously returned results (i.e. if
*start > 0).

ticket: 6622
version_fixed: 1.8
status: resolved

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23615 dc483132-0cff-0310-8789-dd5450dbe970

krb5-1.8-alpha1-postrelease

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23596 dc483132-0cff-0310-8789-dd5450dbe970

README, patchlevel, etc. for krb5-1.8-alpha1

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23594 dc483132-0cff-0310-8789-dd5450dbe970

branch for krb5-1.8

git-svn-id: svn://anonsvn.mit.edu/krb5/branches/krb5-1-8@23588 dc483132-0cff-0310-8789-dd5450dbe970

README, copyright, patchlevel for krb5-1.8 branch

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23587 dc483132-0cff-0310-8789-dd5450dbe970

disable weak crypto by default

Set allow_weak_crypto=false by default. Set default master key
enctype to sha256. Adjust test suite to compensate.

ticket: 6621

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23586 dc483132-0cff-0310-8789-dd5450dbe970

Install encrypted_challenge plugin during fake-install

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23585 dc483132-0cff-0310-8789-dd5450dbe970

Add preauth_module_dir support to the KDC preauth module loader
(should have been part of r23531). Most or all of this logic should
be moved into the plugin code or a layer above it, after the branch.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23584 dc483132-0cff-0310-8789-dd5450dbe970

Anonymous documentation

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23583 dc483132-0cff-0310-8789-dd5450dbe970

Other changes in this ticket guarantee that the padata argument to
return callbacks is non-null; don't check for null in pkinit_srv.c.

ticket: 6607

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23582 dc483132-0cff-0310-8789-dd5450dbe970

Bring back krb5_kt_free_entry which really does the same thing as
krb5_free_keytab_entry_contents per discussion on krbdev in order to
avoid breaking samba builds.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23581 dc483132-0cff-0310-8789-dd5450dbe970

Test FAST authentication during each pass

Because a new principal is added to the database, the iprop test
expected output is updated.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23580 dc483132-0cff-0310-8789-dd5450dbe970

Fix documentation of armor cache based on fast negotiation project

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23579 dc483132-0cff-0310-8789-dd5450dbe970

kdc_supported_enctypes does nothing; eradicate mentions thereof

kdc_supported_enctypes does nothing. Remove all mention of it from
documentation and test suites.

ticket: 6620

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23578 dc483132-0cff-0310-8789-dd5450dbe970

Don't accept AS replies encrypted in enctypes other than the ones we
asked for.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23577 dc483132-0cff-0310-8789-dd5450dbe970

For the better code modularity keep some "free" routines closer to the resource allocators. Also, reindent cleanup in the touched files

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23576 dc483132-0cff-0310-8789-dd5450dbe970

Update dependencies

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23575 dc483132-0cff-0310-8789-dd5450dbe970

Enable caching of key-derived context info such as key schedules from
one encryption operation to another. Use a new function in the
enc_provider structure for cleanup. Implement caching of aes_ctx
values.

Using Greg's performance tests from the derived-key caching work, on a
2.8GHz Xeon, I see 1 million AES-128 encryptions of 16 bytes improved
by 5-6%; encryptions of 1024 bytes and checksums are not significantly
affected.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23574 dc483132-0cff-0310-8789-dd5450dbe970

Fix a case where krb5int_aes_decrypt was trying to encrypt a block
instead of decrypting it.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23573 dc483132-0cff-0310-8789-dd5450dbe970

krb5_gss_acquire_cred will deref garbage pointer if actual_mechs is NULL

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23572 dc483132-0cff-0310-8789-dd5450dbe970

Initialize variables in case of error path winds up freeing stack garbage

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23571 dc483132-0cff-0310-8789-dd5450dbe970

Ignore some routing messages indicating changes that don't affect our
set of local addresses.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23570 dc483132-0cff-0310-8789-dd5450dbe970

Remove old 'full' arg to KDC that should've gone away with '-4'

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23569 dc483132-0cff-0310-8789-dd5450dbe970

Some unsigned/signed warning cleanup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23568 dc483132-0cff-0310-8789-dd5450dbe970

Use krb5int_count_etypes in rd_req_decoded_opt

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23567 dc483132-0cff-0310-8789-dd5450dbe970

Test -P options to kdc and kadmind to write out a pid file. Verify contents of
pid file match pid of executable.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23566 dc483132-0cff-0310-8789-dd5450dbe970

Factor out copying and counting of zero-terminated enctype lists into
a new file src/lib/krb5/krb/etype_list.c.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23565 dc483132-0cff-0310-8789-dd5450dbe970

Update copyright year in prototype sources

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23564 dc483132-0cff-0310-8789-dd5450dbe970

Change db_args from being a global to only defined in the function
that uses it. This removes a warning of shadowed variable names. Change
several functions to static when limited to main.c

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23563 dc483132-0cff-0310-8789-dd5450dbe970

Add gcc printf attribute for kdc_err prototype

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23562 dc483132-0cff-0310-8789-dd5450dbe970

Unsigned/signed cleanup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23561 dc483132-0cff-0310-8789-dd5450dbe970

Add a new -P option to krb5kdc and kadmind which, if given, specifies
the path to which to write the PID file of the daemon after it finishes
initializing.

Ticket: 6618

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23560 dc483132-0cff-0310-8789-dd5450dbe970

Free tinfo at end - so program runs with new memory leaks

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23559 dc483132-0cff-0310-8789-dd5450dbe970

Remove tests for functions that we do not conditionalize on. Most deprecated
from breakoff of apps.

Specifically, do not test for:

gethostbyname2 getifaddrs pthread_mutex_lock sched_yield ftime strstr
timezone umask waitpid sem_init sem_trywait daemon

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23558 dc483132-0cff-0310-8789-dd5450dbe970

Declare function as static to avoid compiler warning on missing prototypes

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23557 dc483132-0cff-0310-8789-dd5450dbe970

Remove $(TOBJS) for make clean

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23556 dc483132-0cff-0310-8789-dd5450dbe970

Use krb5_free_default_realm instead of free on the results of
krb5_get_default_realm().

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23555 dc483132-0cff-0310-8789-dd5450dbe970

Fix spelling and hyphen errors in man pages

Fix spelling errors in man pages detected by Debian's Lintian program.
Also escape some -'s that are intended to be literal ASCII dashes and
not Unicode hyphens so that groff won't change them into true hyphens.

ticket: 6616
component: krb5-doc

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23554 dc483132-0cff-0310-8789-dd5450dbe970

NetBSD 5.0.1 uses an OpenSSL snapshot that describes itself as 0.9.9,
and has the EVP_PKEY_decrypt API change that was already being worked
around for OpenSSL 1.0.0. Work around it for 0.9.9 too.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23553 dc483132-0cff-0310-8789-dd5450dbe970

format %p wants void*

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23552 dc483132-0cff-0310-8789-dd5450dbe970

Initialize hash_iov, in case of premature error exit

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23551 dc483132-0cff-0310-8789-dd5450dbe970

Convert C++ style comments into traditional C comments

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23550 dc483132-0cff-0310-8789-dd5450dbe970

No comma at end of enumerator list

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23549 dc483132-0cff-0310-8789-dd5450dbe970

No comma at end of enumerator list

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23548 dc483132-0cff-0310-8789-dd5450dbe970

Include os-proto.h for _krb5_conf_boolean prototype before declaration
of function. (gcc warning)

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23547 dc483132-0cff-0310-8789-dd5450dbe970

Move krb5int_get_domain_realm_mapping into kdc_util.c as this function is a helper in kdc code

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23546 dc483132-0cff-0310-8789-dd5450dbe970

Eliminate the krb5_set_default_in_tkt_ktypes and
krb5_set_default_tgs_ktypes during context initialization, as they
weren't doing anything.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23545 dc483132-0cff-0310-8789-dd5450dbe970

Create a separate file for krb5_copy_context for better code modularity

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23538 dc483132-0cff-0310-8789-dd5450dbe970

Combine the related code into one file

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23537 dc483132-0cff-0310-8789-dd5450dbe970

Remove an inoperable error check in return_pkinit_kx

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23536 dc483132-0cff-0310-8789-dd5450dbe970

Functions in enc_helper.c serve different code blocks. Split them

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23535 dc483132-0cff-0310-8789-dd5450dbe970

MITKRB5-SA-2009-003 CVE-2009-3295 KDC null deref in referrals

On certain error conditions, prep_reprocess_req() calls kdc_err() with
a null pointer as the format string, causing a null dereference and
denial of service. Legitimate protocol requests can trigger this
problem.

ticket: 6608
tags: pullup
target_version: 1.7.1

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23533 dc483132-0cff-0310-8789-dd5450dbe970

Add dejagnu test suite support for finding the preauth modules in the
fake install. Not yet tested, except to verify that it doesn't break
the existing test suite.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23532 dc483132-0cff-0310-8789-dd5450dbe970

Add a new profile variable preauth_module_dir, which specifies
directories to look for preauth plugins in prior to the hardcoded
locations. Undocumented for now since, like db_module_dir, this is
mostly intended for the test suite.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23531 dc483132-0cff-0310-8789-dd5450dbe970

Move krb5_get_profile back to init_os_ctx.c for now and revert r23519.
At this time we link t_etypes against init_ctx.so during "make check",
which breaks if init_ctx contains reference to the profile library.
More general solutions to this problem are under discussion.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23530 dc483132-0cff-0310-8789-dd5450dbe970

Whitespace fixes for new anonymous support

ticket: 6607

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23528 dc483132-0cff-0310-8789-dd5450dbe970

Anonymous support for Kerberos

This ticket implements Project/Anonymous pkinit from k5wiki. Provides
support for completely anonymous principals and untested client
support for realm-exposed anonymous authentication.

* Introduce kinit -n
* Introduce kadmin -n
* krb5_get_init_creds_opt_set_out_ccache aliases the supplied ccache
* No longer generate ad-initial-verified-cas in pkinit
* Fix pkinit interactions with non-TGT authentication

Merge remote branch 'anonymous' into trunk

Conflicts:
src/lib/krb5/krb/gic_opt.c

ticket: 6607
Tags: enhancement

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23527 dc483132-0cff-0310-8789-dd5450dbe970

Remove libpty references

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23525 dc483132-0cff-0310-8789-dd5450dbe970

The "comment" field of prf_data_t was never actually set nor used, so
delete it and all references.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23524 dc483132-0cff-0310-8789-dd5450dbe970

Performance testing programs for krb5_init_context and profile data fetch

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23523 dc483132-0cff-0310-8789-dd5450dbe970

Fixing minorly grammatical bad

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23522 dc483132-0cff-0310-8789-dd5450dbe970

Note last real update was a while back; delete listings of libraries no longer in tree

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23521 dc483132-0cff-0310-8789-dd5450dbe970

allow testing when offline

Define new make variable OFFLINE to "no"; if it's set to "yes", skip
the testing of t_locate_kdc, which requires access to mit.edu SRV
records.

ticket: 6606

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23520 dc483132-0cff-0310-8789-dd5450dbe970

Include prof_int.h in init_ctx.c instead of init_os_ctx.c,
corresponding to the moved use of profile_copy in r23484.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23519 dc483132-0cff-0310-8789-dd5450dbe970

Code modularity related updates

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23484 dc483132-0cff-0310-8789-dd5450dbe970

Remove krb5_ prefix from some static func names

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23483 dc483132-0cff-0310-8789-dd5450dbe970

Add a set_cred_option handler for SPNEGO which forwards to the
underlying mechanism. Fixes SPNEGO credential delegation in 1.7 and
copying of SPNEGO initiator creds in both 1.7 and trunk. Patch
provided by nalin@redhat.com.

ticket: 6594
target_version: 1.7.1
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23482 dc483132-0cff-0310-8789-dd5450dbe970

Fix a cleanup handler in the store_creds code; krb5_cc_close doesn't
handle NULL arguments, so we have to check.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23480 dc483132-0cff-0310-8789-dd5450dbe970

Add GSS extensions to store credentials, generate random bits

Merge /users/lhoward/gssextras-no-cqa to trunk. Adds
gss_pseudo_random and gss_store_cred.

ticket: 6597

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23479 dc483132-0cff-0310-8789-dd5450dbe970

Whitespace fixes

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23477 dc483132-0cff-0310-8789-dd5450dbe970

On Luke's advice, remove krb5_init_creds_store_creds. It is not a
Heimdal API and its functionality is covered by
krb5_get_init_creds_opt_set_out_ccache.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23469 dc483132-0cff-0310-8789-dd5450dbe970

Get rid of the requirement of defining MAX_ENCTYPE in
krb5int_parse_enctype_list, at the cost of making repeated realloc()
calls during parsing.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23468 dc483132-0cff-0310-8789-dd5450dbe970

Formatining enhancement

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23467 dc483132-0cff-0310-8789-dd5450dbe970

fast negotiation projec

Merge branches/fast-negotiate into trunk.
This implements http://k5wiki.kerberos.org/wiki/Projects/Fast_negotiation

Additional changes:
* krb5_c_make_checksum with checksum type 0 uses mandatory checksum for given key enctype

Conflicts:
src/lib/crypto/krb/make_checksum.c

ticket: 6595
Tags: enhancement

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23465 dc483132-0cff-0310-8789-dd5450dbe970

Don't use sizeof(pointertype) to get the length of an allocated array

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23464 dc483132-0cff-0310-8789-dd5450dbe970

Add comments to make it slightly clearer how
krb5int_confounder_checksum works.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23463 dc483132-0cff-0310-8789-dd5450dbe970

Restructure the crypto checksum implementation to minimize
dependencies on the internals of modules.

* Keyhash providers are gone.
* The cksumtypes table contains checksum and verify functions,
  similar to the etypes encrypt and decrypt functions.  New checksum
  functions parallel the old keyhash providers, and there are also
  functions for unkeyed and derived-key HMAC checksums.
* The flags field is now used to indicate whether a checksum is
  unkeyed, but not whether it is a derived-key HMAC checksum.
* The descbc checksum is handled through a new enc_provider function
  which calculates a CBC MAC.

The OpenSSL module does not implement the CBC MAC function (it didn't
implement descbc before).  builtin/des could probably get rid of
f_cksum.c (the old DES CBC routine) with some alterations to
string2key.c.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23462 dc483132-0cff-0310-8789-dd5450dbe970

Change file holder for krb5int_check_clockskew. Minor Style changes per code practices

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23460 dc483132-0cff-0310-8789-dd5450dbe970

Remove dependency on /bin/csh in test suite

The libdb2 test suite would fail if /bin/csh was not present.  The
tests did not execute /bin/csh - but used the contents as data to put
into the test database.  Iterate over a few "known" files until one is found
that could be used for it... Tests for /bin/csh, /bin/cat, /usr/bin/cat,
/bin/ls, /usr/bin/ls.  If none of these exist - then fail.

ticket: 6593

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23458 dc483132-0cff-0310-8789-dd5450dbe970

Mark and reindent lib/gssapi, with some exceptions

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23457 dc483132-0cff-0310-8789-dd5450dbe970

Mark lib/apputils

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23456 dc483132-0cff-0310-8789-dd5450dbe970

Mark and reindent util, with some exceptions

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23455 dc483132-0cff-0310-8789-dd5450dbe970

handle negative enctypes better

krb5_dbe_def_search_enctype and krb5int_parse_enctype_list were making
assumptions that enctype numbers are positive. Potentially more code
makes this assumption, but these appear to be the major ones.

ticket: 6592
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23454 dc483132-0cff-0310-8789-dd5450dbe970

Initialize ihash_iov in case fall through to cleanup handler and try
to free garbarge.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23453 dc483132-0cff-0310-8789-dd5450dbe970