cred could be used uninitialized if krb5_timeofday() failed. defcred
had the wrong type. kg_cred_resolve() should be used instead of
krb5_gss_validate_cred() to do delayed name/ccache resolution and get
a lock.
For default credentials, defer ccache resolution until we need the
information. If this happens in init_sec_context when we have the
target principal in hand, use krb5_cc_select() to pick a cache. If
the target principal is not known, use the default cache.
For credentials with a specified principal, use krb5_cc_cache_match()
to find the cache. If no cache is found and a password is specified,
create a new cache within the collection to hold the new credentials,
if the default cache type supports a collection.
The interface has two built-in modules. The realm module guesses a
cache based on the server realm if it is known. The k5identity module
(Unix only) chooses a client principal based on rules in a .k5identity
file in the user's homedir.
* "kdestroy -A" destroys all caches in collection.
* "kinit princ" searches the collection for a matching cache and
overwrites it, or creates a new cache in the collection, if the
type of the default cache is collection-enabled. The chosen cache
also becomes the primary cache for the collection.
* "klist -l" lists (in summary form) the caches in the collection.
* "klist -A" lists the content of all of the caches in the collection.
* "kswitch -c cache" (new command) makes cache the primary cache.
* "kswitch -p princ" makes the cache for princ the primary cache.
Do not yield any default caches in the top level cccol implementation.
In the FILE type, yield the default cache if it exists and is of type
FILE, instead of yielding the set of open file caches.
* krb5_cc_get_full_name retrieves the full type:name of a cache.
* krb5_cc_switch makes a cache the primary cache.
* krb5_cc_cache_match searches the collection for a client principal.
* krb5_free_string releases a string (for the krb5_cc_get_full_name
result).
All of these are from Heimdal except for krb5_free_string (Heimdal uses
krb5_xfree).
The DIR ccache type supports a collection of credential caches within
a private directory (which must be created out of band). One cache is
designated as primary at any given time. Setting the default cache
name to DIR:dirname will cause caches within dirname to be present in
the global cache collection.
verto uses dladdr() to figure out where it should look for modules,
and dladdr may or may not follow symlinks. Hard links ensure that it
always looks in the directory where liblinks are, allowing it to find
the verto-k5ev module.
Make symlinks within the lib directory for .so and .so.X instead of
symlinking those back to the library build directory.
Ken Raeburn [Mon, 5 Sep 2011 01:58:48 +0000 (01:58 +0000)]
Instead of passing a 0 to add_new_mkey for kvno and leaving
new_mkey_kvno (used when stashing) uninitialized, use get_next_kvno to
set the latter to the only non-zero value that add_new_mkey will
accept.
Ken Raeburn [Mon, 5 Sep 2011 01:22:03 +0000 (01:22 +0000)]
Fix "may be used uninitialized" warnings in db2 code, even though all
such cases appear to be safe. This will permit making
uninitialized-variable messages fatal.
Ken Raeburn [Mon, 5 Sep 2011 01:21:55 +0000 (01:21 +0000)]
Silence various "may be used uninitialized" warnings from GCC caused
by it not figuring out the control flow (initialization and use both
tied to some other variable).
Add configure and build support for libverto and the libverto-k5ev
module. Fix the version script rules to work for libraries with
hyphens in their names.
By making an entry for $hostname in [domain_realm], we can relax the
requirement that the canonicalized local hostname must have a parent
domain. This makes the test suite work more easily on Fedora.
socket.getfqdn() tries to produce a result containing a period, so it
may disagree with krb5_sname_to_principal's result--for example, in
Fedora's default DHCP configuration. Use getaddrinfo and getnameinfo
calls mirroring krb5_sname_to_principal's logic instead.
When terminating a connection, close and invalidate conn->fd so that
we don't look for it in selstate on the next select or poll
invocation. Looking for such an fd is harmless when using select, but
results in an assertion failure when using poll.
Greg Hudson [Mon, 29 Aug 2011 17:20:37 +0000 (17:20 +0000)]
Fix style issues in r25087
* Function names should be at the beginning of lines in definitions.
* Changes should not create lines >79 characters.
* Continuation lines should align after left parens when appropriate.
Also, krb5_gss_accept_sec_context_ext and acquire_accept_cred are
not gss mechanism functions and should not have been tagged.
Greg Hudson [Fri, 26 Aug 2011 17:56:44 +0000 (17:56 +0000)]
Remember and close the kadmin socket we opened
Prior to ticket #6746, the RPC library opened the kadmin socket and
took responsibility for closing. When we added IPv6 support, the
calling code became the owner of the socket but wasn't closing it,
resulting in a file descriptor leak.
Zhanna Tsitkov [Mon, 22 Aug 2011 20:24:07 +0000 (20:24 +0000)]
Minor reformating of kdb5_ldap_util documentation. Also, removed duplicates from ldap_operations documentation by referencing to kdb5_ldap_util documentation subsections
Zhanna Tsitkov [Mon, 22 Aug 2011 16:54:20 +0000 (16:54 +0000)]
Removed repetitive text from "Operations on the Kerberos database" sub-section of database administration section. Reference to kdb5_util commands documentation instead
Greg Hudson [Thu, 11 Aug 2011 16:37:55 +0000 (16:37 +0000)]
Fix call to gss_inquire_cred from spnego_gss_acquire_cred_impersonate_name
If desired_mechs is NULL (this should never happen when invoked from
the MIT mechglue), we call gss_inquire_cred to get a list of mechs.
This call needs to pass a union cred handle, not the SPNEGO handle we
got as input. Reported by aberry@likewise.com.
Greg Hudson [Thu, 11 Aug 2011 15:13:52 +0000 (15:13 +0000)]
Fix major status handling in gss_acquire_cred
If we have at least one cred element after the mech loop, reset major
before continuing on, or we could mistakenly return a failure status
from the last mech (and free the returned creds). Reported by
aberry@likewise.com.
Sam Hartman [Tue, 9 Aug 2011 20:07:39 +0000 (20:07 +0000)]
Windows fixes for gss-client.c
close(s) -> closesocket(s)
#include "port-sockets.h" (for closesocket())
#include "winsock.h" -> #include "winsock2.h" for consistency with port-sockets.h
call WSAStartup() before using sockets functions on Windows
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com>
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25089 dc483132-0cff-0310-8789-dd5450dbe970
Sam Hartman [Tue, 9 Aug 2011 20:07:34 +0000 (20:07 +0000)]
Fix rare duplicate time issue On systems with imprecise clocks
(e.g. windows), there was as issue where microsecond rollover could
conceivably cause the same time to be reported twice. Also document
potential performance improvement by using thread-local storage for
last_time and eliminating the mutex.
Signed-off-by: Kevin Wasserman <kevin.wasserman@painless-security.com> Signed-off-by: Sam Hartman <hartmans@painless-security.com>
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@25088 dc483132-0cff-0310-8789-dd5450dbe970
Greg Hudson [Mon, 8 Aug 2011 18:27:15 +0000 (18:27 +0000)]
Fix accidental KDC use of replay cache
r24464 (ticket #6804) intended to remove the KDC replay cache by
eliminating all of the USE_RCACHE code, but it had the unintended side
effect of causing krb5_rd_req_decoded to use the default server
rcache. Using this cache is much less efficient because it is opened
and re-read for each request.
Set appropriate flags on the auth context to disable replay cache use
for TGS requests altogether.
Greg Hudson [Sun, 7 Aug 2011 01:12:28 +0000 (01:12 +0000)]
Add internal APIs for portable path manipulation
k5_path_split separates a path into dirname and basename.
k5_path_join joins two paths.
k5_path_isabs determines if a path is absolute.
All three functions follow the Python path function semantics.
Currently the test module doesn't run in the Windows build, but the
Windows path semantics are tested in the Unix build using specially
built objects.
Zhanna Tsitkov [Wed, 3 Aug 2011 17:50:23 +0000 (17:50 +0000)]
Added kadmin_local and krb5kdc admin programs to Sphinx doc tree.
Changed the reference labels in krb5/kdc.conf files for them to appear properly in the man pages.
Greg Hudson [Wed, 3 Aug 2011 03:41:35 +0000 (03:41 +0000)]
Fix several krb5.conf doc inconsistencies
ldap_servers was incorrectly documented as ldap_server in the admin
guide. realm_try_domains and preferred_preauth_types were documented
in the man page but not the admin guide.
projects / thirdparty / krb5.git / log
