Greg Hudson [Sun, 18 Oct 2009 17:17:42 +0000 (17:17 +0000)]
Add reference counts to key identifiers, so that they can have multiple owners
without having to create multiple underlying PKCS#11 objects (or similar).
Greg Hudson [Mon, 5 Oct 2009 18:30:00 +0000 (18:30 +0000)]
Respecify most crypto internals in terms of krb5_key.
Implement krb5_k_encrypt/decrypt/etc. with krb5_c versions as wrapers.
OpenSSL back end not yet updated since it is undergoing work on trunk.
Move the implementation of krb5_copy_keyblock[_contents] into crypto
to allow internal use (similar to krb5_free_keyblock[_contents]).
Define krb5_key type and initial internal representation.
Define the constructor, destructor, and accessors.
Create a new branch (from trunk r22791) for work on encryption
performance, as described in:
http://k5wiki.kerberos.org/wiki/Projects/Encryption_Performance
Add keytab_local.c to the kadmin client SRCS variable, so that we
generate dependencies for its object file. This change causes
kadmin.local to be properly rebuilt when keytab.c changes.
Clean up krb5_get_credentials:
* Use the current coding practice for output parameters.
* Rename the helper function krb5_get_credentials_core to
krb5int_construct_matching_creds and document it.
* Don't fail out if we fail to cache intermediate tgts.
* Simplify conditional logic and variable handling. ncreds is now
always a temporary holder for the resulting credentials.
Improve the mechanism used for addprinc -randkey. In the kadmin
server, if the password is null when creating a principal, treat that
as a request for a random key. In the kadmin client, try using the
new method for random key creation and then fall back to the old one.
Fix addprinc -randkey when policy requires multiple character classes
The fix for ticket #6074 (r20650) caused a partial regression of
ticket #115 (r9210) because the dummy password contained only one
character class. As a minimal 1.7 fix, use all five character classes
in the dummy password.
Remove autoconf.h on "make distclean".
Check for the presence of a build in the src tree for "make depend".
Suggest "make distclean" when "make depend" detects a build in the
src tree or an attempt to make depend in the src tree.
Create DB headers before recursing for "make depend" in
plugins/kdb/db2/libdb2, to restore the r22486 functionality ("make
depend" in an unbuilt source tree) after r22572 (predictable "make
depend" output for DB headers).
Ken Raeburn [Tue, 15 Sep 2009 06:17:17 +0000 (06:17 +0000)]
Check __BIG_ENDIAN__ and __LITTLE_ENDIAN__ to determine endianness.
In fallback code, check ia64 platforms for hpux vs everything else;
HP-UX uses big-endian mode.
In ksetpwd (a program we don't yet install), don't display the new
password to stderr. Cherry-picked from Luke's s4u branch since it's
an unrelated change.
Supply canonical name if present in LDAP iteration
In the presence of aliases, LDAP iteration was supplying the first
principal it found within the expected realm, which is not necessarily
the same as the canonical name. If the entry has a canonical name
field, use that in preference to any of the principal names.
Supply LDAP service principal aliases to non-referrals clients
In the LDAP back end, return aliases when the CLIENT_REFERRALS_ONLY
flag isn't set (abusing that flag to recognize a client name lookup).
Based on a patch from Luke Howard.
Greg Hudson [Fri, 28 Aug 2009 21:22:10 +0000 (21:22 +0000)]
Clean up a little bit of test suite spew in env-setup: first, when
using BSD options with ps, they should not be prefixed with a '-';
second, the Linux ps supports both BSD and System V options, so change
the structure of the tests not to warn when both forms work.
Greg Hudson [Fri, 28 Aug 2009 21:02:51 +0000 (21:02 +0000)]
Update a kadm5 testing library function which was calling
kadm5_get_principal without a mask argment. This was causing many
lib/kadm5 tests to fail, but the failures weren't being recorded
properly, so "make check" was still exiting successfully.
Tom Yu [Fri, 28 Aug 2009 20:29:24 +0000 (20:29 +0000)]
Remove bogus conditional from tcl_kadm5_randkey_principal(), which was
causing unparse_keyblocks() to get stack garbage as num_keys when
num_var was "null", thus overrunning the end of the array.
Greg Hudson [Fri, 28 Aug 2009 16:00:54 +0000 (16:00 +0000)]
Disable the COPY_FIRST_CANONNAME workaround on Linux glibc 2.4 and
later, since it leaks memory on fixed glibc versions. We will still
leak memory on glibc 2.3.4 through 2.3.6 (e.g. RHEL 4) but that's
harder to detect.
Greg Hudson [Thu, 27 Aug 2009 13:40:50 +0000 (13:40 +0000)]
Memory leak in spnego accept_sec_context error path
If the underlying mechanism's accept_sec_context returns an error, the
spnego accept_sec_context was leaving allocated data in
*context_handle, which is incorrect for the first call according to
RFC 2744.
Fix this by mirroring some code from the spnego init_sec_context,
which always cleans up the half-constructed context in case of error.
This is allowed (though not encouraged) by RFC 2744 for second and
subsequent calls; since we were already doing it in init_sec_context,
it seems simpler to do that than keep track of whether this is a first
call or not.
Ken Raeburn [Fri, 21 Aug 2009 22:37:55 +0000 (22:37 +0000)]
Rename db2 header files db.h and db-config.h in the source tree, so
that there will always be only one version of each name in the include
path (namely, the copy made in the build tree, or the generated db.h
if not using the in-tree one). This should fix some minor problems
with different dependency lists generated on different systems.
Sort and uniquify dependency header names before doing substitutions,
as well as after. Look for the db2 headers listed in sorted order.
Don't copy db-ndbm.h into the build tree; let libdb2 find it from the
source tree only.
Ken Raeburn [Fri, 21 Aug 2009 18:32:50 +0000 (18:32 +0000)]
Change "vague-errors" compile-time conditionals into run-time
conditionals, based on a variable initialized based on the
compile-time conditional (but probably eventually set from the config
file or command line).
Greg Hudson [Mon, 17 Aug 2009 19:40:48 +0000 (19:40 +0000)]
Modify kadm5 initializers to accept krb5 contexts
Add krb5_context parameters to all kadm5 initialization functions.
This allows extended error information to be retrieved by the caller
when an error is returned.
Greg Hudson [Thu, 13 Aug 2009 21:25:54 +0000 (21:25 +0000)]
Remove kadmin v1 API support
The kadmin v1 API and the even older ovsec_kadm_* API were legacy when
kadmin was first incorporated in 1996, and compatibility with them is
no longer believed to be necessary.
The uninstalled kadmin/passwd has been removed (since it used the ovsec
API). The test suite has been updated to use the v2 API where
appropriate, and the parts specifically designed to test the old API
have been excised.
Greg Hudson [Wed, 12 Aug 2009 18:53:47 +0000 (18:53 +0000)]
Reply message ordering bug in ftpd
user() was replying to the user command and then calling login(),
which could send a continuation reply if it fails to chdir to the
user's homedir. Continuation replies must come before the actual
reply; the mis-ordering was causing ftp and ftpd to deadlock. To fix
the bug, invoke login() before reply() so that the continuation reply
comes first.
Ken Raeburn [Wed, 12 Aug 2009 17:58:24 +0000 (17:58 +0000)]
r22529@squish: raeburn | 2009-08-12 13:49:45 -0400
.
r22530@squish: raeburn | 2009-08-12 13:55:57 -0400
Change KRBCONF_KDC_MODIFIES_KDB to a mostly run-time option.
Change all code conditionals to test a new global variable, the
initial value of which is based on KRBCONF_KDC_MODIFIES_KDB. There is
currently no way to alter the value from the command line; that will
presumably be desired later.
Change initialize_realms to store db_args in a global variable. In
process_as_req, call db_open instead of the old set_name + init.
Don't reopen if an error is reported by krb5_db_fini.
Add a test of running kinit with an incorrect password, to trigger a
kdb update if enabled.
r22531@squish: raeburn | 2009-08-12 13:58:13 -0400
Fix trailing whitespace.
Greg Hudson [Mon, 10 Aug 2009 19:35:34 +0000 (19:35 +0000)]
Correct the t_nfold build rules again. We don't have a simple way of
plucking object files from other directories (we don't know for sure
what extension to use), so build an nfold.o in this directory from the
nfold.c in the ../krb source directory.
Greg Hudson [Mon, 10 Aug 2009 05:16:24 +0000 (05:16 +0000)]
In pkinit_clnt.c, make private functions static. There and in
pkinit_srv.c, only declare static functions when necessary for forward
references (as is consistent with the other pkinit sources). Remove
the empty functions pkinit_init_client_profile and
pkinit_fini_client_profile.
Greg Hudson [Mon, 10 Aug 2009 04:42:44 +0000 (04:42 +0000)]
Remove pkinit_identity_process_option, which wasn't doing anything
besides picking a subsidiary function based on the (constant) input
argument. Remove the associated constants from pkinit.h as well. No
functional change.
Greg Hudson [Fri, 7 Aug 2009 19:17:57 +0000 (19:17 +0000)]
Fix the LDAP build, which was broken by the build reordering in
r22406. Build kdb5_util's getdate from the kadmin/cli getdate
source, instead of borrowing the object file from the kadmin/cli
build directory.
Greg Hudson [Mon, 3 Aug 2009 23:18:42 +0000 (23:18 +0000)]
In crypto_tests: for t_nfold, link against an nfold object file in the
build directory, not the source directory. Remove the nfold object
from the t_encrypt dependency list since we don't directly use it in
the linking rule.
Greg Hudson [Mon, 3 Aug 2009 20:27:03 +0000 (20:27 +0000)]
Get "make depend" to work in an unbuilt source tree, since bad deps
files can make it difficult to build the tree. To do this, make the
depends target depend on generated header files and on header file
copies or links into the main include directory.
Greg Hudson [Mon, 3 Aug 2009 17:57:05 +0000 (17:57 +0000)]
In configure.in's list of Makefiles to generate, remove the trailing
slash from lib/crypto/krb as it breaks Makefile auto-regeneration.
While here, wrap the list to fit within 80 columns and use tab indents
to match the surrounding lines.
Zhanna Tsitkov [Mon, 3 Aug 2009 14:19:16 +0000 (14:19 +0000)]
Crypto modularity proj: Separate files under crypto directory based on their functionality. Move Kerberos specific files into krb subdir and MIT specific - into builtin subdir. Place all tests into crypto_tests subfolder.
Include <assert.h> in k5-platform.h, since we use assertions in some
of the macros defined there, as well as in many source files which do
not themselves include <assert.h>. Report and fix by Rainer Weikusat.
projects / thirdparty / krb5.git / log
