Implement a new realm flag to reject ticket requests from anonymous
principals to any principal other than the local TGT. Allows FAST to
be deployed using anonymous tickets as armor in realms where the set
of authenticatable users must be constrained.
Tom Yu [Wed, 1 Dec 2010 20:49:06 +0000 (20:49 +0000)]
Apply ported patch
If kdb5_util load (without -update) fails--say, due to an invalid dump
file--it calls krb5_db_destroy to destroy the temporary DB.
Unfortunately, this results in the destruction of the real DB instead.
Luckily, this bug only applies to krb5 1.9, which hasn't been released
yet. In krb5 1.8 the destroy operation fails before it does any damage.
Update krb5_gic_opt_private and related code to reflect the change of
krb5_expire_callback_func from a function typedef to a function
pointer typedef. This was causing segfaults.
ticket: 6819
subject: Handle referral realm in kprop client principal
target_version: 1.9
tags: pullup
kprop uses krb5_sname_to_principal() to determine its client
principal. If the local hostname cannot be mapped to a realm based on
the profile's domain_realm section, krb5_sname_to_principal() will (as
of 1.6) return a principal with the referral realm (""), which does
not work in a client principal. Handle this by substituting the
default realm.
ticket: 6827
subject: SA-2010-007 Checksum vulnerabilities (CVE-2010-1324 and others)
Fix multiple checksum handling bugs, as described in:
CVE-2010-1324
CVE-2010-1323
CVE-2010-4020
CVE-2010-4021
* Return the correct (keyed) checksums as the mandatory checksum type
for DES enctypes.
* Restrict simplified-profile checksums to their corresponding etypes.
* Add internal checks to reduce the risk of stream ciphers being used
with simplified-profile key derivation or other algorithms relying
on the block encryption primitive.
* Use the mandatory checksum type for the PKINIT KDC signature,
instead of the first-listed keyed checksum.
* Use the mandatory checksum type when sending KRB-SAFE messages by
default, instead of the first-listed keyed checksum.
* Use the mandatory checksum type for the t_kperf test program.
* Use the mandatory checksum type (without additional logic) for the
FAST request checksum.
* Preserve the existing checksum choices (unkeyed checksums for DES
enctypes) for the authenticator checksum, using explicit logic.
* Ensure that SAM checksums received from the KDC are keyed.
* Ensure that PAC checksums are keyed.
Set *conf_state on successful return from
gss_krb5int_make_seal_token_v3_iov, fixing a case where it wasn't
always set by gss_wrap_iov. Patch from aberry@likewise.com.
When we create a temporary memory ccache for use within a
krb5_gss_cred_id_rec, set a flag to indicate that the ccache should be
destroyed rather than closed. Patch from aberry@likewise.com.
In acquire_init_cred in the GSS krb5 mech, don't intern cred->name,
since it's not used as an output parameter. Fixes a memory leak.
Reported by aberry@likewise.com.
Use SECMOD_RestartModules() from the forthcoming NSS 3.12.9 release to
make the libk5crypto back end work after a fork. Add a test program
to exercise fork detection in the NSS back end. Add a configure-time
version check to ensure that we're using NSS 3.12.9 or later.
Now that SAM1 support has been removed, the KDC does not need a replay
replay cache. Remove all code within USE_RCACHE and associated support.
Rename --disable-kdc-replay-cache to --disable-kdc-lookaside-cache.
Update copyright.texinfo. Move full copyright notices to appendices
of documentation. New rules to generate top-level NOTICE file from
copyright.texinfo. Regenerate NOTICE file.
ticket: 6801
target_version: 1.9
Subject: Fix leaks in get_init_creds interface
In Debian Bug 598032, Bastian Blank points out that there are two
leaks in the get_init_creds interface:
* Free ctx->request->padata after sending the KDC request so it is not
overwritten the next time around the loop.
* If options is NULL passed into krb5_get_init_creds_init, then set up
a non-extended options structure so that krb5_get_init_creds_free will
free the options.
Greg Hudson [Thu, 7 Oct 2010 17:49:44 +0000 (17:49 +0000)]
Performance issue in LDAP policy fetch
Instead of performing a tree search to fill in the refcnt field of a
policy object whenever a policy is fetched, set the refcnt to 0 and
perform a check when policies are deleted.
Tom Yu [Tue, 5 Oct 2010 21:05:19 +0000 (21:05 +0000)]
CVE-2010-1322 KDC uninitialized pointer crash in authorization data handling (MITKRB5-SA-2010-006)
When the KDC receives certain TGS-REQ messages, it may dereference an
uninitialized pointer while processing authorization data, causing a
crash, or in rare cases, unauthorized information disclosure, ticket
modification, or execution of arbitrary code. The crash may be
triggered by legitimate requests.
Correctly implement the filtering of authorization data items to avoid
leaving uninitialized pointers when omitting items.
Greg Hudson [Tue, 5 Oct 2010 14:53:09 +0000 (14:53 +0000)]
Propagate modprinc -unlock from master to slave KDCs
Create a new tl-data type to hold the time of the last administrative
unlock, and factor it into decisions about account lockout. Since
tl-data values are propagated from master to slave, this will cause
modprinc -unlock operations to reach slave KDCs on the next
propagation.
Zhanna Tsitkov [Tue, 5 Oct 2010 03:18:22 +0000 (03:18 +0000)]
Improves prng code modularity. Introduces fortuna-like prng that can be used in lieu of yarrow.
Yarrow stays the default prng while fortuna may be engaged during configuration by using "--with-prng-alg=fortuna" flag.
Also, nss crypto backend continues to use its own prng.
Greg Hudson [Sat, 2 Oct 2010 11:48:06 +0000 (11:48 +0000)]
In the krb5_kuserok implementation, fix an unintentional type change
to "gobble" (was an int, was accidentally changed to a char) which
could result in an infinite loop.
Ken Raeburn [Sat, 2 Oct 2010 03:29:34 +0000 (03:29 +0000)]
Try to require function declarations for GCC, as we already do for the
Sun compiler.
Change the cache variable name construction to distinguish "=" from
"-" in option names. Prefer -Werror-implicit-function-declaration
over -Werror=implicit-function-declaration since in some versions of
GCC only the former works properly.
Sam Hartman [Fri, 1 Oct 2010 17:12:26 +0000 (17:12 +0000)]
Remove support for the old pa-sam-challenge and pa-sam-response
preauth type per discussion on krbdev. The pa-sam-challenge-2 code
remains in the client.
Greg Hudson [Fri, 1 Oct 2010 03:47:38 +0000 (03:47 +0000)]
A cleaner impleentation of r24399 which adds two new auth context APIs
(and is therefore less suitable for backporting to 1.8) but doesn't
reach inside the auth context structure in the krb5 mechanism code.
Greg Hudson [Fri, 1 Oct 2010 03:45:43 +0000 (03:45 +0000)]
GSSAPI forwarded credentials must be encrypted in session key
When IAKERB support was added, the krb5_mk_req checksum function
gained access to the send subkey. This caused GSSAPI forwarded
credentials to be encrypted in the subkey, which violates RFC 4121
section 4.1.1 and is not accepted by Microsoft's implementation.
Temporarily null out the send subkey in the auth context so that
krb5_mk_ncred uses the session key instead.
Use a different construction for defaulting ks_tuple and n_ks_tuple in
the libkadm5 server principal routines, to avoid repeated conditional
expressions.
Follow-on to r24258: initialize the new k5e1 error table where we
initialize the krb5 error table, and add initialize_k5e1_error_table
to the libkrb5 exports list for consistency with the other error
tables.
Make krb5_dbe_def_search_enctype skip key data entries with invalid
enctypes instead of erroring out on them. We had this behavior prior
to 1.8 (more by accident than by design), but it changed as a
side-effect of r23599.
Sam Hartman [Mon, 27 Sep 2010 17:16:41 +0000 (17:16 +0000)]
kpasswd: if a credential cache is present, use FAST
If a credentials cache is available, use it as an armor cache to enable FAST negotiation for kpasswd. This requires an attacker to attack both the user's long-term key for the old password as well as the ticket used for the armor cache in order to attack the password change. Depending on how the armor ticket is obtained, this may provide limited value. However, it provides users an easy option if they are concerned about their current password. Users can kinit with one principal to help protect changing the password of another principal.
* krb5_get_init_creds_opt_set_fast_ccache: new API to set fast ccache based on a krb5_ccache object rather than a resolvable string
* kpasswd: always open the current credential cache even if not needed
for determining the principal. If the cache has tickets, use it as
an armor cache.
* tests/dejagnu/krb-standalone/kadmin.exp: Arrange to test new code path
Add gss_krb5_import_cred from Heimdal; allows krb5 creds to be
acquired from a keytab or ccache into a GSSAPI credential without
using global process or thread variables.
Initialize kdb5_ldap_util's context with kadm5_init_krb5_context, like
kdb5_util does, in order to get the KDC profile settings as well as
the regular krb5 profile settings.
Slight revisions to create_workers() in the KDC:
* Use calloc() to allocate the pids array; squashes a Coverity false
positive.
* Don't leak the pids array in worker processes.
* Use consistent terminology in comments.
Add support for a krb5kdc -w option which causes the KDC to spawn
worker processes which can process requests in parallel. See also:
http://k5wiki.kerberos.org/wiki/Projects/Parallel_KDC
In the PKINIT OpenSSL crypto code, use a signed int to hold the result
of X509_get_ext_by_NID so we can detect negative return values.
Reported by nalin@redhat.com.
Add a license statement to the new extern.h in kinit, use an include
blocker which does not impinge on the system's symbol namespace, and
use the recommended formatting for function prototypes.
projects / thirdparty / krb5.git / log
