Greg Hudson [Fri, 16 Dec 2011 23:18:54 +0000 (23:18 +0000)]
Verify acceptor's mech in SPNEGO initiator
In spnego_gss_ctx_id_rec, store the set of negotiable mechanisms as
well as the currently selected internal_mech, which becomes an alias
into mech_set. In init_ctx_reselect, locate the acceptor's counter-
proposal in sc->mech_set and consider the token defective if it is not
found.
If krb5_server_decrypt_ticket_keytab doesn't find a key of the
appropriate enctype in an iterable keytab, it returns 0 (without
decrypting the ticket) due to a misplaced initialization of retval.
This bug causes kinit -k to claim "keytab entry valid" when it
shouldn't. Reported by mark@mproehl.net.
Tom Yu [Mon, 12 Dec 2011 20:46:20 +0000 (20:46 +0000)]
Split cci_thread_init into per-process and per-thread portions
Call the per-thread code on thread attach and per-process once per
process. Previously, while the function was named 'thread', it was
only actually called once per process. Currently, the per-thread
code does nothing on non-windows platforms and is not even actually
invoked.
Fixes a windows bug when multiple non-main threads try to use ccapi
at the same time.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7050
mfc bug causes assertions when dialog is generated from
within PreTranslateMessages() (MSG input param points to a global
variable which is corrupted in the dialog message loop). So we need
to instead PostMessage() to cause the popup later.
Also fixed logic to cause warning dialog to actually be modal as intended
when the leash window is not minimized.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com>
ticket: 7050
Tom Yu [Mon, 12 Dec 2011 20:44:30 +0000 (20:44 +0000)]
Make ccapiserver exit if its receiveloop thread terminates for any reason
This happens, for example, when the rpc endpoint is already registered
by another ccapiserver process. There's no reason to leave a zombie
process running that can't receive messages.
Greg Hudson [Fri, 9 Dec 2011 17:57:47 +0000 (17:57 +0000)]
Fix memory leaks in FAST TGS support
krb5int_fast_prep_req remove tgs from request->padata and needs to
free it. get_creds.c needs to use a fresh FAST state for each TGS
request to avoid leaking armor keys.
Greg Hudson [Wed, 7 Dec 2011 19:38:32 +0000 (19:38 +0000)]
Allow null server key to krb5_pac_verify
When the KDC verifies a PAC, it doesn't really need to check the
server signature, since it can't trust that anyway. Allow the caller
to pass only a TGT key.
Greg Hudson [Wed, 7 Dec 2011 19:38:29 +0000 (19:38 +0000)]
Add automated tests for S4U2Self and S4U2Proxy
These tests mainly exercise the client-side GSSAPI code for S4U2Self
and S4U2Proxy. They also exercise the KDC code for S4U2Self, but only
the denial logic for S4U2Proxy since the DB2 back end doesn't support
constrained delegation currently.
Greg Hudson [Wed, 7 Dec 2011 19:38:22 +0000 (19:38 +0000)]
Allow S4U2Proxy service tickets to be cached
Previous to this change, the GSS code avoids caching S4U2Proxy results
for fear of the memory cache growing without bound, but that seems
unlikely to be a serious problem. Allow these to be cached.
Greg Hudson [Wed, 7 Dec 2011 19:38:13 +0000 (19:38 +0000)]
Allow S4U2Proxy delegated credentials to be saved
The initial implementation of client-side S4U2Proxy support did not
allow delegated proxy credentials to be stored (gss_store_cred would
error out, and gss_krb5_copy_ccache would generate a non-working
cache). To make this work, we save the impersonator name in a cache
config variable and in a cred structure field (replacing the
proxy_cred flag), and make the default principal of the proxy cache
the subject principal as the caller would expect for a regular
delegated cred.
Greg Hudson [Sun, 4 Dec 2011 22:38:36 +0000 (22:38 +0000)]
Set a default enctype for optimistic preauth
When the client application requests optimistic preauth for a preauth
type which uses the password, we don't have an etype-info2 to
interpret since we haven't talked to the KDC. So we need to guess an
enctype, salt, and s2k parameters. In 1.9 and prior, encrypted
timestamp contained code to use the first requested enctype in this
case, but encrypted challenge did not. In 1.10 prior to this change,
neither mechanism uses a reasonable default.
Set a default enctype in krb5_init_creds_init so that all
password-based preauth mechanisms will use a reasonable default in the
optimistic preauth case. The default salt and s2k parameters for this
case will be the principal-based default salt and the enctype-based
default parameters.
Sam Hartman [Tue, 29 Nov 2011 21:22:21 +0000 (21:22 +0000)]
AC_CHECK_LIB should put -lcrypto in PKINIT_CRYPTO_IMPL_LIBS not LIBS
for pkinit. A similar problem exists for crypto_impl and is not
addressed by this patch.
ticket: new Subject: LIBS should not include PKINIT_CRYPTO_IMPL_LIBS tags: pullup target_version: 1.10
Sam Hartman [Wed, 23 Nov 2011 01:00:36 +0000 (01:00 +0000)]
FAST: error handling and const keyblock
krb5int_fast_process_error: Allow out_padata and retry to be null for
TGS case. Refactor function to do more frees in the exit handling and
to declare variables at the top.
krb5int_fast_reply_key: input keyblock arguments should be const
Sam Hartman [Wed, 23 Nov 2011 01:00:27 +0000 (01:00 +0000)]
ticket: new
subject: FAST PKINIT
target_version: 1.10
tags: pullup
Per RFC 6113 fast should use the inner request body for the pkinit
checksum. We did that on the KDC; now do so on the client. Remove
code that explicitly blocked pkinit under FAST.
Also, use the reply key *before* the strengthen key is applied when
verifying the PADATA_PKINIT_KX.
Greg Hudson [Tue, 22 Nov 2011 17:52:55 +0000 (17:52 +0000)]
Use POSIX constants instead of S_IREAD/S_IWRITE
S_IREAD and S_IWRITE are ancient names for S_IRUSR and S_IWUSR, and
are not defined on some modern platforms (such as Android). Use the
POSIX names instead.
Greg Hudson [Mon, 21 Nov 2011 21:14:39 +0000 (21:14 +0000)]
Clean up client-side preauth error data handling
Change the clpreauth tryagain method to accept a list of pa-data,
taken either from the FAST response or from decoding the e_data as
either pa-data or typed-data. Also change the in_padata argument to
contain just the type of the request padata rather than the whole
element, since modules generally shouldn't care about the contents of
their request padata (or they can remember it).
In krb5int_fast_process_error, no longer re-encode FAST pa-data as
typed-data for the inner error e_data, but decode traditional error
e_data for all error types, and try both pa-data and typed-data
encoding.
In PKINIT, try all elements of the new pa-data list, since it may
contain FAST elements as well as the actual PKINIT array. (Fixes an
outstanding bug in FAST PKINIT.)
Greg Hudson [Mon, 21 Nov 2011 17:30:41 +0000 (17:30 +0000)]
Recognize IAKERB mech in krb5_gss_display_status
Minor status codes were not displaying properly when originated from
the IAKERB mech, because of a safety check on mech_type. From Ralf
Haferkamp <rhafer@suse.de>.
Greg Hudson [Sun, 20 Nov 2011 05:19:45 +0000 (05:19 +0000)]
Fix failure interval of 0 in LDAP lockout code
A failure count interval of 0 caused krb5_ldap_lockout_check_policy to
pass the lockout check (but didn't cause a reset of the failure count
in krb5_ldap_lockout_audit). It should be treated as forever, as in
the DB2 back end.
This bug is the previously unknown cause of the assertion failure
fixed in CVE-2011-1528.
Greg Hudson [Tue, 15 Nov 2011 02:42:58 +0000 (02:42 +0000)]
Make verto context available to kdcpreauth modules
Add an event_context callback to kdcpreauth. Adjust the internal KDC
and main loop interfaces to pass around the event context, and expose
it to kdcpreauth modules via the rock.
Greg Hudson [Tue, 15 Nov 2011 01:59:01 +0000 (01:59 +0000)]
Update verto to 0.2.2 release
Update verto sources to 0.2.2 release versions. verto_reinitialize()
now has a return value; check it in kdc/main.c. Store verto-libev.c
alongside verto-k5ev.c to make it easy to diff corresponding versions
when updating.
Greg Hudson [Mon, 14 Nov 2011 21:45:33 +0000 (21:45 +0000)]
Simplify and fix kdcpreauth request_body callback
Alter the contract for the kdcpreauth request_body callback so that it
returns an alias to the encoded body instead of a fresh copy. At the
beginning of AS request processing, save a copy of the encoded request
body, or the encoded inner request body for FAST requests. Previously
the request_body callback would re-encode the request structure, which
in some cases has been modified by the AS request code.
No kdcpreauth modules currently use the request_body callback, but
PKINIT will need to start using it in order to handle FAST requests
correctly.
Greg Hudson [Mon, 14 Nov 2011 18:02:52 +0000 (18:02 +0000)]
Handle TGS referrals to the same realm
krb5 1.6 through 1.8 contained a workaround for the Active Directory
behavior of returning a TGS referral to the same realm as the request.
1.9 responds to this behavior by caching the returned TGT, trying
again, and detecting a referral loop. This is a partial regression of
ticket #4955. Detect this case and fall back to a non-referreal
request.
Greg Hudson [Fri, 11 Nov 2011 17:01:12 +0000 (17:01 +0000)]
Avoid looping when preauth can't be generated
If we receive a PREAUTH_REQUIRED error and fail to generate any real
preauthentication, error out immediately instead of continuing to
generate non-preauthenticated requests until we hit the loop count.
There is a lot of room to generate a more meaningful error about why
we failed to generate preauth (although in many cases the answer may
be too complicated to explain in an error message), but that requires
more radical restructuring of the preauth framework.
Greg Hudson [Fri, 11 Nov 2011 04:04:58 +0000 (04:04 +0000)]
Fix com_err.h dependencies in gss-kernel-lib
make check was failing in util/gss-kernel-lib due to dependencies
when the build is configured with --with-system-et, because depfix.pl
wasn't smart enough to substitute the dependency on com_err.h in the
current directory. Make depfix.pl smarter, and adjust COM_ERR_DEPS
to be com_err.h in gss-kernel-lib when building with the bundled
com_err.
Greg Hudson [Fri, 11 Nov 2011 02:14:56 +0000 (02:14 +0000)]
Remove -v from the preset valgrind flags
Verbose output from valgrind is rarely needed and makes it harder to
find errors and leaks in the output. When it is needed, it's easier
to add it in than to take it out.
projects / thirdparty / krb5.git / log
