krb5.git
15 years agoCheck return value of ftell() in krb5_ktfileint_find_slot
Greg Hudson [Fri, 1 May 2009 20:11:01 +0000 (20:11 +0000)]
Check return value of ftell() in krb5_ktfileint_find_slot

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22301 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoMove an error check to an earlier location in krb5_524_conv_principal
Greg Hudson [Fri, 1 May 2009 20:07:13 +0000 (20:07 +0000)]
Move an error check to an earlier location in krb5_524_conv_principal
to fix a memory leak.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22300 dc483132-0cff-0310-8789-dd5450dbe970

15 years agomake depend
Sam Hartman [Thu, 30 Apr 2009 20:48:36 +0000 (20:48 +0000)]
make depend

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22299 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoImplement DES and 3DES PRF. Patch fromKAMADA Ken'ichi
Sam Hartman [Thu, 30 Apr 2009 20:17:42 +0000 (20:17 +0000)]
Implement DES and 3DES PRF. Patch fromKAMADA Ken'ichi

Currently the DES and 3DES PRF output 16-byte results.  This is
consistent with RFC 3961, but we need to confirm it is consistent with
Heimdal and WG decisions.  See IETF 74 minutes for some discussion of
the concern as it applies to AES and thus possibly all simplified
profile enctypes.

ticket: 5587
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22298 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn krb5_kt_resolve, ensure that the output parameter is set to NULL on
Greg Hudson [Thu, 30 Apr 2009 17:49:28 +0000 (17:49 +0000)]
In krb5_kt_resolve, ensure that the output parameter is set to NULL on
failure even if the underlying resolver doesn't do that properly.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22297 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn ktfile_common_resolve, set the output pointer to NULL on error, and
Greg Hudson [Thu, 30 Apr 2009 17:28:55 +0000 (17:28 +0000)]
In ktfile_common_resolve, set the output pointer to NULL on error, and
use a cleanup label instead of freeing the same resources in multiple
error handling blocks.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22296 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix a memory leak by reorganizing krb5_ktf_keytab_internalize to use
Greg Hudson [Thu, 30 Apr 2009 17:16:20 +0000 (17:16 +0000)]
Fix a memory leak by reorganizing krb5_ktf_keytab_internalize to use
the recommended exception-handling flow control.  Eliminate the check
for ktdata being null after resolution because that's not possible.
Add a check for the resolved keytab being of a different type, since
that would result in data structure corruption.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22295 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoUninitialized variable may cause unpredictable behavior in kdc_verify_preauth
Zhanna Tsitkov [Thu, 30 Apr 2009 16:27:08 +0000 (16:27 +0000)]
Uninitialized variable may cause unpredictable behavior in kdc_verify_preauth

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22294 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoDocument ok_as_delegate in the admin guide
Greg Hudson [Thu, 30 Apr 2009 15:08:50 +0000 (15:08 +0000)]
Document ok_as_delegate in the admin guide

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22293 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoDo not return PREAUTH_FAILED on unknown preauth
Sam Hartman [Thu, 30 Apr 2009 00:38:48 +0000 (00:38 +0000)]
Do not return PREAUTH_FAILED on unknown preauth

If the KDC receives unknown pre-authentication data then ignore it.
Do not get into a case where PREAUTH_FAILED is returned because of
unknown pre-authentication.  The main AS loop will cause
PREAUTH_REQUIRED to be returned if the preauth_required flag is set
and no valid preauth is found.

ticket: 6480
Target_Version: 1.7
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22292 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoAdd DEBUG_ERROR_LOCATIONS support
Greg Hudson [Wed, 29 Apr 2009 23:21:21 +0000 (23:21 +0000)]
Add DEBUG_ERROR_LOCATIONS support

If DEBUG_ERROR_LOCATIONS is defined, replace uses of
krb5_set_error_message and krb5int_set_error with calls to the new
_fl variants of those functions, and include filename and line number
information in the calls.  Requires C99-style variadic macros if
defined.

ticket: 6479

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22291 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix typo in error message reported by Marek Mahut (Red Hat)
Tom Yu [Wed, 29 Apr 2009 00:31:50 +0000 (00:31 +0000)]
Fix typo in error message reported by Marek Mahut (Red Hat)

ticket: 6472
target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22290 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix handling of RET_SEQUENCE flag in mk_priv/mk_ncred
Greg Hudson [Tue, 28 Apr 2009 18:00:13 +0000 (18:00 +0000)]
Fix handling of RET_SEQUENCE flag in mk_priv/mk_ncred

Regularize the handling of KRB5_AUTH_CONTEXT_RET_SEQUENCE in
krb5_mk_safe, krb5_mk_priv, and krb5_mk_ncred, using krb5_mk_safe as
a baseline.  RET_SEQUENCE now implies DO_SEQUENCE for all three
functions, the sequence number is always incremented if it is used,
and outdata->seq is always set if RET_SEQUENCE is passed.

Note that in the corresponding rd_ functions, RET_SEQUENCE and
DO_SEQUENCE are independent flags, which is not consistent with the
above.  This compromise is intended to preserve compatibility with
any working code which might exist using the RET_SEQUENCE flag.

ticket: 6478

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22288 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix typo
Greg Hudson [Tue, 28 Apr 2009 17:54:13 +0000 (17:54 +0000)]
Fix typo

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22287 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix a couple of memory leaks in krb5int_sendto, reworking the error
Greg Hudson [Tue, 28 Apr 2009 15:45:31 +0000 (15:45 +0000)]
Fix a couple of memory leaks in krb5int_sendto, reworking the error
handling a bit for cleanliness in the process.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22286 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix a memory leak in aname_replacer using the recommended flow control
Greg Hudson [Tue, 28 Apr 2009 04:46:10 +0000 (04:46 +0000)]
Fix a memory leak in aname_replacer using the recommended flow control
for exception handling.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22285 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix a memory leak in module_locate_server
Greg Hudson [Tue, 28 Apr 2009 04:30:03 +0000 (04:30 +0000)]
Fix a memory leak in module_locate_server

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22284 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix a few memory leaks in krb5_mk_ncred. Also tighten up the error
Greg Hudson [Mon, 27 Apr 2009 23:48:22 +0000 (23:48 +0000)]
Fix a few memory leaks in krb5_mk_ncred.  Also tighten up the error
handling of the sequence number, only decreasing it if it was
increased.  The handling of DO_SEQUENCE and RET_SEQUENCE may still be
flawed in some cases.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22283 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix an unchecked use of fwrite in krb5_ktfileint_delete_entry
Greg Hudson [Mon, 27 Apr 2009 23:01:08 +0000 (23:01 +0000)]
Fix an unchecked use of fwrite in krb5_ktfileint_delete_entry

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22282 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoMove KRB5_KDB_OK_AS_DELEGATE from kdb_ext.h to kdb.h. Add kadmin
Greg Hudson [Mon, 27 Apr 2009 15:42:23 +0000 (15:42 +0000)]
Move KRB5_KDB_OK_AS_DELEGATE from kdb_ext.h to kdb.h.  Add kadmin
support for the flag.  In the KDC, remove the restriction on returning
the flag on cross-realm TGTs since there is now a defined meaning for
that (it allows ok-as-delegate to be honored on the foreign realm's
service tickets).

ticket: 5596

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22281 dc483132-0cff-0310-8789-dd5450dbe970

15 years agomake installed headers C++-safe
Ken Raeburn [Sat, 25 Apr 2009 09:36:11 +0000 (09:36 +0000)]
make installed headers C++-safe

Now that we're installing the kadm5 headers, they should be C++-safe
like the others.  Wrap the content in 'extern "C"' if compiling as
C++.  New test program to verify.

ticket: 6477
target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22280 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoSimplify and shorten krb5_ktfileint_find_slot, and properly handle the
Greg Hudson [Fri, 24 Apr 2009 21:15:04 +0000 (21:15 +0000)]
Simplify and shorten krb5_ktfileint_find_slot, and properly handle the
commit_point output parameter.

ticket: 6475

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22279 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn krb5_ktfileint_find_slot, don't continue the loop when we find a
Greg Hudson [Fri, 24 Apr 2009 19:49:54 +0000 (19:49 +0000)]
In krb5_ktfileint_find_slot, don't continue the loop when we find a
final zero-length buffer.  This is a minimal fix intended to be pulled
up to the 1.7 branch; a code cleanup commit will follow.

ticket: 6475
status: open
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22278 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn krb5_principal_compare_flags, improve clarity slightly by using a
Greg Hudson [Thu, 23 Apr 2009 23:37:42 +0000 (23:37 +0000)]
In krb5_principal_compare_flags, improve clarity slightly by using a
boolean temporary instead of an ordering temporary in the loop over
the elements, since we only care about the boolean result.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22277 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn krb5_rcache_externalize, remove a pointless null check of a pointer
Greg Hudson [Thu, 23 Apr 2009 15:15:22 +0000 (15:15 +0000)]
In krb5_rcache_externalize, remove a pointless null check of a pointer
 we just dereferenced.
Rewrite krb5_rcache_internalize to use the recommended cleanup flow
 control, closing a memory leak in the process.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22276 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoClose a memory leak in asn1_decode_etype_info2_entry_1_3
Greg Hudson [Thu, 23 Apr 2009 14:55:42 +0000 (14:55 +0000)]
Close a memory leak in asn1_decode_etype_info2_entry_1_3

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22275 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn krb5_fcc_read, remove an assert which could never trigger (because
Greg Hudson [Thu, 23 Apr 2009 14:52:25 +0000 (14:52 +0000)]
In krb5_fcc_read, remove an assert which could never trigger (because
len is unsigned and cannot be less than zero).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22274 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix an error-handling block in sendto_kdc.c's setup_connection() which
Greg Hudson [Thu, 23 Apr 2009 14:50:06 +0000 (14:50 +0000)]
Fix an error-handling block in sendto_kdc.c's setup_connection() which
would always attempt to close -1.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22273 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn krb5_get_cred_via_tkt, strip the ok-as-delegate flag from
Greg Hudson [Thu, 23 Apr 2009 08:42:40 +0000 (08:42 +0000)]
In krb5_get_cred_via_tkt, strip the ok-as-delegate flag from
credentials obtained using a foreign TGT, unless the TGT also has
ok-as-delegate set.

ticket: 6473
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22272 dc483132-0cff-0310-8789-dd5450dbe970

15 years agomove kadmin, ktutil, k5srvutil man pages to man1
Sam Hartman [Wed, 22 Apr 2009 13:30:00 +0000 (13:30 +0000)]
move kadmin, ktutil, k5srvutil man pages to man1

These binaries have been moved to /usr/bin so their manpages should
move from man8 to man1.

Ticket: 6474
Target_Version: 1.7
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22267 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn the cross-realm setup example in the admin documentation, use
Greg Hudson [Wed, 22 Apr 2009 08:26:17 +0000 (08:26 +0000)]
In the cross-realm setup example in the admin documentation, use
"addprinc" instead of "add_princ" since the latter is not a recognized
alias for add_principal.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22266 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoSend explicit salt for SALTTYPE_NORMAL keys
Greg Hudson [Thu, 16 Apr 2009 16:46:33 +0000 (16:46 +0000)]
Send explicit salt for SALTTYPE_NORMAL keys

Change the signature of _make_etype_info_entry to take the canonical
client principal instead of the request structure.  Also fixes the salt
we compute for SALTTYPE_NOREALM keys.

Sending an explicit salt for SALTTYPE_NORMAL keys is believed to be
necessary for some preauth scenarios involving aliases.

ticket: 6470
target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22264 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoRequire fast_req checksum to be keyed
Sam Hartman [Tue, 14 Apr 2009 15:35:12 +0000 (15:35 +0000)]
Require fast_req checksum to be keyed

Since the fast_req checksum is unencrypted, a keyed checksum type needs to be used.

ticket: 6461
Target_Version: 1.7
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22210 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoImplement kinit option for FAST armor ccache
Sam Hartman [Tue, 14 Apr 2009 15:05:21 +0000 (15:05 +0000)]
Implement kinit option for FAST armor ccache

Implement the -T option to kinit to specify the FAST armor ccache.

ticket: 6460
Target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22209 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoUpdate kdb5_util man page with missing purge_mkeys command
Will Fiveash [Mon, 13 Apr 2009 22:15:05 +0000 (22:15 +0000)]
Update kdb5_util man page with missing purge_mkeys command

While previously updating the kdb5_util command man page to include
documentation on new subcommands added as a result of the Master Key
Migration project I missed the purge_mkeys command.  I've added that
with this commit.

Ticket: 6459
Version_Reported: 1.7
Target_Version: 1.7
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22208 dc483132-0cff-0310-8789-dd5450dbe970

15 years agokrb5_fcc_generate_new was destroying a locked mutex in the err_out
Greg Hudson [Mon, 13 Apr 2009 19:29:14 +0000 (19:29 +0000)]
krb5_fcc_generate_new was destroying a locked mutex in the err_out
label, which is used for I/O failures.  Unlock the mutex first.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22200 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn pa_sam, remove a gratuitous null check for etype which was
Greg Hudson [Mon, 13 Apr 2009 18:43:29 +0000 (18:43 +0000)]
In pa_sam, remove a gratuitous null check for etype which was
immediately followed by dereferencing etype.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22199 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoMake krb5_mkt_resolve error handling work
Greg Hudson [Mon, 13 Apr 2009 18:36:42 +0000 (18:36 +0000)]
Make krb5_mkt_resolve error handling work

Very little is likely to go wrong inside krb5_mkt_resolve (it just
allocates memory and plays with mutexes), but if anything did, the
handling was almost always wrong.  Reorganize the function to handle
errors properly, using a helper create_list_node function to simplify
the task.

ticket: 6454

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22198 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn krb5int_dns_init, fix a malloc-returning-null check which could let
Greg Hudson [Mon, 13 Apr 2009 17:16:35 +0000 (17:16 +0000)]
In krb5int_dns_init, fix a malloc-returning-null check which could let
a null result slip past.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22197 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoMore dead code elimination. When asprintf was used the varaible namelen was
Ezra Peisach [Sun, 12 Apr 2009 15:40:41 +0000 (15:40 +0000)]
More dead code elimination.  When asprintf was used the varaible namelen was
no longer necessary.

ticket: 6453
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22196 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoremove dead code
Ezra Peisach [Sun, 12 Apr 2009 14:59:08 +0000 (14:59 +0000)]
remove dead code

Remove some more dead code assignment - where the variable is
immediately assigned in the next statement - or not used at all.

ticket: 6453

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22195 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoRemove dead assignment of variables that are never used
Ezra Peisach [Sun, 12 Apr 2009 14:09:29 +0000 (14:09 +0000)]
Remove dead assignment of variables that are never used

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22194 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoIn krb5_get_in_tkt, r7002 introduced an unused local variable
Greg Hudson [Fri, 10 Apr 2009 21:17:03 +0000 (21:17 +0000)]
In krb5_get_in_tkt, r7002 introduced an unused local variable
"padata".  It was accidentally used in r18641 instead of
preauth_to_use when sorting the received padata sequence, causing the
sort to be a no-op.  Sort the correct sequence and eliminate the
unused local variable.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22193 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoSimplify the coupling of problem to response code in recvauth_common,
Greg Hudson [Fri, 10 Apr 2009 20:17:38 +0000 (20:17 +0000)]
Simplify the coupling of problem to response code in recvauth_common,
eliminating a big switch statement with a dead-code default block.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22192 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoRemove an unnecessary cleanup in krb5_cc_set_default_name
Greg Hudson [Fri, 10 Apr 2009 19:54:35 +0000 (19:54 +0000)]
Remove an unnecessary cleanup in krb5_cc_set_default_name

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22191 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoCheck the return value of krb5_timeofday in krb5int_populate_gic_opt.
Greg Hudson [Fri, 10 Apr 2009 19:51:53 +0000 (19:51 +0000)]
Check the return value of krb5_timeofday in krb5int_populate_gic_opt.
Also initialize krb5int_populate_gic_opt's output variable.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22190 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoCheck return value of krb5int_copy_data_contents in preauth2.c's
Greg Hudson [Fri, 10 Apr 2009 19:50:55 +0000 (19:50 +0000)]
Check return value of krb5int_copy_data_contents in preauth2.c's
pa_salt.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22189 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoDocument allow_weak_crypto
Greg Hudson [Fri, 10 Apr 2009 16:09:19 +0000 (16:09 +0000)]
Document allow_weak_crypto

Also document which cryptosystems are defined to be weak, and add some
enctype entries which weren't in the documentation.

ticket: 6452
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22188 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoUpdate defaults in documentation
Greg Hudson [Thu, 9 Apr 2009 17:57:03 +0000 (17:57 +0000)]
Update defaults in documentation

doc/definitions.texinfo had, predictably, fallen out of date with
respect to the code.  Update a few of the out of date comments and
defaults, particularly the default enctype lists.

ticket: 6451
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22187 dc483132-0cff-0310-8789-dd5450dbe970

15 years agokdc: handle_referral_params does not return ENOMEM errors
Ezra Peisach [Thu, 9 Apr 2009 11:53:27 +0000 (11:53 +0000)]
kdc: handle_referral_params does not return ENOMEM errors

retval was set but never returned.

ticket: 6450
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22186 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoUsing a patch from Apple, add support for GSS_C_DELEG_POLICY_FLAG,
Greg Hudson [Wed, 8 Apr 2009 16:39:33 +0000 (16:39 +0000)]
Using a patch from Apple, add support for GSS_C_DELEG_POLICY_FLAG,
which requests delegation only if the ok-as-delegate ticket flag is
set.

ticket: 6203
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22185 dc483132-0cff-0310-8789-dd5450dbe970

15 years agomk_safe and mk_priv require the local address to be set in the auth
Greg Hudson [Wed, 8 Apr 2009 15:58:24 +0000 (15:58 +0000)]
mk_safe and mk_priv require the local address to be set in the auth
context; rd_safe and rd_priv require the remote address to be set.
Create error codes for both kinds of missing addresses and stop trying
futilely to handle the cases where they are not set.

ticket: 1165

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22184 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFall through on error return
Ezra Peisach [Wed, 8 Apr 2009 15:25:43 +0000 (15:25 +0000)]
Fall through on error return

If decoding the encoded_req_body fails, proceed goto errout instead of falling
through to fast handling.

Looks like a merge error.

Reindented code.

ticket: 6449

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22183 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoWhen getting initial credentials with a password, try the master if
Greg Hudson [Wed, 8 Apr 2009 15:22:17 +0000 (15:22 +0000)]
When getting initial credentials with a password, try the master if
preauth fails on a slave, since preauth can fail due to an out-of-date
key.  This removes a snippet added in r14939 which was considering
only hardware preauth.

ticket: 6108
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22182 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoSubject k5_utf8s_to_ucs2s could deref NULL pointer..
Ezra Peisach [Tue, 7 Apr 2009 23:59:25 +0000 (23:59 +0000)]
Subject k5_utf8s_to_ucs2s could deref NULL pointer..

Based on usage of this static function, this will never happen as
results are always malloced (and checked) by caller.  However, the
function is already coded to handle the first argument being null - so
be consistent throughout.

ticket:

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22177 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoCVE-2009-0846 asn1_decode_generaltime can free uninitialized pointer
Tom Yu [Tue, 7 Apr 2009 21:22:23 +0000 (21:22 +0000)]
CVE-2009-0846 asn1_decode_generaltime can free uninitialized pointer

The asn1_decode_generaltime() function can free an uninitialized
pointer if asn1buf_remove_charstring() fails.

ticket: 6445
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22176 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoCVE-2009-0847 asn1buf_imbed incorrect length validation
Tom Yu [Tue, 7 Apr 2009 21:22:20 +0000 (21:22 +0000)]
CVE-2009-0847 asn1buf_imbed incorrect length validation

asn1buf_imbed() can perform pointer arithmetic that causes the "bound"
pointer of the subbuffer to be less than the "next" pointer.  This can
lead to malloc() failure or crash.

In asn1buf_imbed(), check the length before doing arithmetic to set
subbuf->bound.  In asn1buf_remove_octetstring() and
asn1buf_remove_charstring(), check for invalid buffer pointers before
executing an unsigned length check against a (casted to size_t)
negative number.

ticket: 6444
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22175 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoCVE-2009-0844 SPNEGO can read beyond buffer end
Tom Yu [Tue, 7 Apr 2009 21:22:17 +0000 (21:22 +0000)]
CVE-2009-0844 SPNEGO can read beyond buffer end

SPNEGO can read beyond the end of a buffer if the claimed DER length
exceeds the number of bytes in the input buffer. This can lead to
crash or information disclosure.

Thanks to Apple for reporting this vulnerability and providing
patches.

ticket: 6443
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22174 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoApply revised patch from Apple that ensures that a REJECT token is
Tom Yu [Tue, 7 Apr 2009 21:22:13 +0000 (21:22 +0000)]
Apply revised patch from Apple that ensures that a REJECT token is
sent on error.

ticket: 6417

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22173 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoNull pointer defref in adding info
Ezra Peisach [Tue, 7 Apr 2009 17:57:56 +0000 (17:57 +0000)]
Null pointer defref in adding info

Clearly the code is broken - and we either never use it - or callers never pass
NULL...

Detected by clang static checker.

ticket: 6442

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22172 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoImplement KDC side of TGS FAST
Sam Hartman [Sun, 5 Apr 2009 21:11:26 +0000 (21:11 +0000)]
Implement KDC side of TGS FAST

Most of the KDC side of TGS FAST was already present.  This adds
correct generation of the reply key.

ticket: 6439
target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22171 dc483132-0cff-0310-8789-dd5450dbe970

15 years agofix logic errors
Sam Hartman [Sat, 4 Apr 2009 03:03:04 +0000 (03:03 +0000)]
fix logic errors

ticket: 6436

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22170 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoAdjust the logic in rule_an_to_ln to avoid a "can't happen" case of
Greg Hudson [Fri, 3 Apr 2009 18:14:40 +0000 (18:14 +0000)]
Adjust the logic in rule_an_to_ln to avoid a "can't happen" case of
strchr returning null when searching for a character we know is there.
Also properly return ENOMEM if we fail to allocate selstring.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22169 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoHandle authdata encrypted in subkey
Sam Hartman [Fri, 3 Apr 2009 05:36:25 +0000 (05:36 +0000)]
Handle authdata encrypted in subkey

RFC 4120 requires that if a subkey is present in the TGS request that
authorization data be encrypted in the subkey.  Our KDC did not handle
this correctly.

ticket: 6438
target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22168 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoMerge fast branch at 22166 onto trunk
Sam Hartman [Fri, 3 Apr 2009 04:03:45 +0000 (04:03 +0000)]
Merge fast branch at 22166 onto trunk

ticket: 6436

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22167 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoUnfortunately, pre-1.7 krshd fails to support keyed checksums because
Sam Hartman [Fri, 3 Apr 2009 03:33:01 +0000 (03:33 +0000)]
Unfortunately, pre-1.7 krshd fails to support keyed checksums because
it uses the wrong API and wrong key usage.  So, if the auth_context
has an explicit checksum type set, then respect that.  kcmd sets such
a checksum type.  Also, because other applications may have the same
problem, allow the config file variable if set to override the default
checksum.

* kcmd.c: Force use of rsa_md5
* init_ctx.c: do not default  to md5
* mk_req_ext.c: allow auth_context to override

ticket: 1624

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22160 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix krshd and krlogind to use krb5_c_verify_checksum
Tom Yu [Thu, 2 Apr 2009 23:30:28 +0000 (23:30 +0000)]
Fix krshd and krlogind to use krb5_c_verify_checksum

ticket: 1624

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22159 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoUse the preferred checksum for non-DES keys in the kdc_req path and
Sam Hartman [Wed, 1 Apr 2009 18:25:02 +0000 (18:25 +0000)]
Use the preferred checksum for non-DES keys in the kdc_req path and
all the time in the ap_req checksum path.  This breaks code to support
DCE versions prior to 1.1 but uses the correct checksum for protocol
compatibility.

ticket: 1624
Target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22154 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoMake FAST changes build when pkinit is disabled
Tom Yu [Tue, 31 Mar 2009 23:51:48 +0000 (23:51 +0000)]
Make FAST changes build when pkinit is disabled

ticket: 6436

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22153 dc483132-0cff-0310-8789-dd5450dbe970

15 years agomark export grade RC4 as weak
Sam Hartman [Tue, 31 Mar 2009 22:36:03 +0000 (22:36 +0000)]
mark export grade RC4 as weak

Set the weak enctype flag on the 40-bit RC4.

ticket: 6437
target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22152 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoInitialize request state in the TGS path
Sam Hartman [Tue, 31 Mar 2009 22:35:59 +0000 (22:35 +0000)]
Initialize request state in the TGS path

ticket: 6436

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22151 dc483132-0cff-0310-8789-dd5450dbe970

15 years agomake depend
Sam Hartman [Tue, 31 Mar 2009 17:12:44 +0000 (17:12 +0000)]
make depend

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22150 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoImplement FAST from draft-ietf-krb-wg-preauth-framework
Sam Hartman [Tue, 31 Mar 2009 17:00:41 +0000 (17:00 +0000)]
Implement FAST from draft-ietf-krb-wg-preauth-framework

Merge fast branch at 22146 onto trunk

Implement the kerberos pre-authentication framework FAST feature per
Projects/FAST on the wiki.

ticket: 6436
Target_Version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22149 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoin send_tgs.c:
Sam Hartman [Tue, 31 Mar 2009 16:50:25 +0000 (16:50 +0000)]
in send_tgs.c:
Encrypt using local_subkey not *subkey

ticket: 6393

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22148 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoAdd PAC and principal parsing test cases
Greg Hudson [Mon, 30 Mar 2009 02:43:51 +0000 (02:43 +0000)]
Add PAC and principal parsing test cases

From Heimdal, ported by Luke, further modified by me.

ticket: 6435

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22147 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoUpdate kdb5_util man page for mkey migration project
Will Fiveash [Wed, 25 Mar 2009 21:12:58 +0000 (21:12 +0000)]
Update kdb5_util man page for mkey migration project

Updated the kdb5_util command man page to include documentation on new
subcommands added as a result of the Master Key Migration project.

Ticket: 6432
Version_Reported: 1.7
Target_Version: 1.7
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22114 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoRevert r21880 which included k5-int.h in several pkinit source files.
Greg Hudson [Tue, 24 Mar 2009 17:24:31 +0000 (17:24 +0000)]
Revert r21880 which included k5-int.h in several pkinit source files.
Instead, move the pkinit-specific KRB5_CONF macros to pkinit.h, and
add duplicate definitions of the non-pkinit-specific macros used by
the pkinit code.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22113 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoInstall kadmin and kdb headers
Greg Hudson [Fri, 20 Mar 2009 18:09:19 +0000 (18:09 +0000)]
Install kadmin and kdb headers

Add disclaimers to the kadmin and kdb headers about the weaker
stability commitments we make for their APIs, and install them for the
benefit of users who can tolerate such instability.  (The kadmin
interface is the real goal here, but the kadmin header includes kdb.h
so we need to install both.)

ticket: 6431
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22112 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoFix error handling issue in ASN.1 decoder
Greg Hudson [Tue, 17 Mar 2009 21:54:51 +0000 (21:54 +0000)]
Fix error handling issue in ASN.1 decoder

In asn1_k_decode.c, check the return value of
end_sequence_of_no_tagvars_helper.

ticket: 6427
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22107 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoVerify return code from krb5_db_set_mkey_list
Zhanna Tsitkov [Mon, 16 Mar 2009 18:00:06 +0000 (18:00 +0000)]
Verify return code from krb5_db_set_mkey_list

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22100 dc483132-0cff-0310-8789-dd5450dbe970

15 years agomake depend
Sam Hartman [Mon, 16 Mar 2009 16:54:40 +0000 (16:54 +0000)]
make depend

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22098 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoImplement tests for authdata functions
Sam Hartman [Mon, 16 Mar 2009 16:50:30 +0000 (16:50 +0000)]
Implement tests for authdata functions

Implement some test cases for krb5_merge_authdata and
krb5int_find_authdata

ticket: 6422

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22097 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoImplement krb5int_find_authdata
Sam Hartman [Mon, 16 Mar 2009 16:50:26 +0000 (16:50 +0000)]
Implement krb5int_find_authdata

Implement a function to find all instances of a particular ad_type in
ticket or authenticator authdata.

ticket: 6422

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22096 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoImplement test cases for CF2
Sam Hartman [Mon, 16 Mar 2009 16:50:23 +0000 (16:50 +0000)]
Implement test cases for CF2

Implement a simple program to call KRB-FX-CF2 and print the resulting
keys.  Add to regression tests.  Also, use the PRF testing application
to confirm that CF2 generates consistent keys if called by hand.

ticket: 6421

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22095 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoImplement KRB-FX_CF2
Sam Hartman [Mon, 16 Mar 2009 16:50:09 +0000 (16:50 +0000)]
Implement KRB-FX_CF2

Draft-ietf-krb-wg-preauth-framework defines a function KRB-FX-CF2 that
combines two keys of arbitrary enctype.  Implement this function as an
exported API.

ticket: 6421

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22094 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoCall kdb_set_mkey_list from the KDC
Sam Hartman [Mon, 16 Mar 2009 16:50:04 +0000 (16:50 +0000)]
Call kdb_set_mkey_list from the KDC

In order for the kdb keytab to be used from within the KDC, the KDC
needs to set the master key list in the context.

ticket: 6424
Target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22093 dc483132-0cff-0310-8789-dd5450dbe970

15 years agokrb5_auth_con_free should support freeing a null auth_context without segfault
Sam Hartman [Mon, 16 Mar 2009 16:49:59 +0000 (16:49 +0000)]
krb5_auth_con_free should support freeing a null auth_context without segfault

If the input auth_con is NULL, return success.

ticket: 6423

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22092 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoAdd LDAP back end support for canonical name attribute
Greg Hudson [Sun, 15 Mar 2009 04:21:12 +0000 (04:21 +0000)]
Add LDAP back end support for canonical name attribute

Add a krbCanonicalName attribute to the schema.  When looking up a
principal, if the canonical name is set and does not match the
requested name, then return the entry only if canonicalization was
requested, and use the entry's canonical name.

ticket: 6420
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22090 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoDocument alias support in LDAP back end
Greg Hudson [Sun, 15 Mar 2009 04:15:16 +0000 (04:15 +0000)]
Document alias support in LDAP back end

Add a few paragraphs to the LDAP instructions on creating aliases
through direct manipulation of the LDAP data, and briefly explain when
aliases will be used.

ticket: 6419
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22089 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoImprove LDAP admin documentation
Greg Hudson [Sat, 14 Mar 2009 05:46:18 +0000 (05:46 +0000)]
Improve LDAP admin documentation

Use dc=example,dc=com as the example base DN instead of more archaic
forms.  Provide a little more cross-referencing of concepts and
mechanisms.  Add additional steps in the OpenLDAP setup instructions
for choosing DNs for the Kerberos container, KDC service, and kadmin
service.  Explain a little bit about what the Kerberos container and
realm container are.  Be clearer that using separate subtrees from the
realm container for principals is an option, not a necessity, and
don't use the base DN as an example of a separate subtree (it's
confusing).

ticket: 6418
target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22088 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoCVE-2009-0845 SPNEGO can dereference a null pointer
Tom Yu [Fri, 13 Mar 2009 21:16:14 +0000 (21:16 +0000)]
CVE-2009-0845 SPNEGO can dereference a null pointer

acc_ctx_new() can return an error condition without establishing a
SPNEGO context structure.  This can cause a null pointer dereference
in cleanup code in spnego_gss_accept_sec_context().

ticket: 6417
tags: pullup
target_version: 1.7

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22084 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoUse correct salt for canonicalized principals
Greg Hudson [Fri, 13 Mar 2009 03:10:12 +0000 (03:10 +0000)]
Use correct salt for canonicalized principals

In cases where the salt is derived from the client principal, use the
canonicalized principal received from the KDC to determine the salt.
Further changes are probably required for some preauth cases.

ticket: 6415
target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22083 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoBetter fix: Delay setting 'outbuf' until after the header buffer might
Ken Raeburn [Thu, 12 Mar 2009 22:06:35 +0000 (22:06 +0000)]
Better fix: Delay setting 'outbuf' until after the header buffer might
have been allocated locally, and set it in both code paths instead of
just the confidentiality-requested code path.

ticket: 6412
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22082 dc483132-0cff-0310-8789-dd5450dbe970

15 years agocrash using library-allocated storage for header in wrap_iov
Ken Raeburn [Thu, 12 Mar 2009 16:48:15 +0000 (16:48 +0000)]
crash using library-allocated storage for header in wrap_iov

When allocating storage for the header buffer, update the internal
output buffer pointer as well.

ticket: 6412
target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22081 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoReport verbose error messages from KDC
Greg Hudson [Wed, 11 Mar 2009 22:14:24 +0000 (22:14 +0000)]
Report verbose error messages from KDC

We were losing verbose error messages when logging from the KDC because
the context passed to krb5_klog_init did not match the realm-specific
context used for most library function calls.  Introduce a wrapper
function kdc_err which copies the error state from the call context
to the log context.  The wrapper function also knows the program name,
which removes the need to pass argv[0] around everywhere or make up
program names.

ticket: 6408
target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22079 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoMake a working krb5_copy_error_message
Greg Hudson [Wed, 11 Mar 2009 22:11:06 +0000 (22:11 +0000)]
Make a working krb5_copy_error_message

The krb5_copy_error_state macro wasn't used, didn't work, and didn't
need to be a macro.  Replace it with an exported API function named
krb5_copy_error_message.

ticket: 6407
target_version: 1.7
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22078 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoMake Lite Client lib link again
Zhanna Tsitkov [Wed, 11 Mar 2009 15:36:41 +0000 (15:36 +0000)]
Make Lite Client lib link again

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22077 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoMake it link again
Zhanna Tsitkov [Wed, 11 Mar 2009 15:32:14 +0000 (15:32 +0000)]
Make it link again

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22076 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoSeveral small fixes to enable the migrate mkey commands to work properly with a LDAP...
Will Fiveash [Tue, 10 Mar 2009 20:26:24 +0000 (20:26 +0000)]
Several small fixes to enable the migrate mkey commands to work properly with a LDAP KDB.  See the ticket for more details

ticket: 6405
Tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22073 dc483132-0cff-0310-8789-dd5450dbe970

15 years agoAdded test for KRB5_NT_UNKNOWN princ type
Zhanna Tsitkov [Tue, 10 Mar 2009 14:49:43 +0000 (14:49 +0000)]
Added test for KRB5_NT_UNKNOWN princ type

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@22072 dc483132-0cff-0310-8789-dd5450dbe970