Prevent bleed-through of mechglue symbols into loaded mechs
When loading a mech's symbols individually, make sure the symbol we
got wasn't just a mechglue symbol showing through because the mech
was linked against the mechglue. From r24719 in
users/lhoward/moonshot-mechglue-fixes.
Resurrect gss_userok and gss_pname_to_uid in the mechglue. Add krb5
mech implementations using krb5_kuserok and krb5_aname_to_localname,
as well as mechanism-independent implementations based on name
attributes.
From r24710, r24715, r24717, r24731, r24732, r24733, r24734, r24735,
r24747, r24816, and r24819 in users/lhoward/moonshot-mechglue-fixes,
with minor edits.
In libkrb5, move krb5int_auth_con_chkseqnum to a new file privsafe.c,
renamed to k5_privsafe_check_seqnum. Declare it in int-proto.h rather
than k5-int.h.
Add gss_encapsulate_token(), gss_decapsulate_token(), and
gss_oid_equal() APIs, which are already present in Heimdal and Shishi.
From r24737, r24738, and r24740 in
users/lhoward/moonshot-mechglue-fixes.
Greg Hudson [Tue, 29 Mar 2011 22:44:30 +0000 (22:44 +0000)]
In r21175 (on the mskrb branch, merged in r21690) the result codes for
password quality and other errors were accidentally reversed. Fix
them so that password quality errors generate a "soft" failure and
other errors generate a "hard" failure, as Heimdal and Microsoft do.
Also recognize KADM5_PASS_Q_GENERIC (added in 1.9) as a password
quality error.
Zhanna Tsitkov [Tue, 29 Mar 2011 16:22:05 +0000 (16:22 +0000)]
If the new configuration data that is passed to krb5_cc_set_config is NULL, just remove the old configuration.
Moved short krb5_cc_set_config usage example from krb5.hin into the separate file.
Zhanna Tsitkov [Tue, 29 Mar 2011 15:19:41 +0000 (15:19 +0000)]
Updated the documentation for the krb5_ error_message function family.
Created the directory doc/doxy_examples/ to hold examples used in the doxygen documentation.
Added usage example for the krb5_get/set/free_error_message functions
Greg Hudson [Mon, 28 Mar 2011 23:35:54 +0000 (23:35 +0000)]
Remove the weak key checks from the builtin rc4 enc provider. There
is no standards support for avoiding RC4 weak keys, so rejecting them
causes periodic failures. Heimdal and Microsoft do not check for weak
keys. Attacks based on these weak keys are probably thwarted by the
use of a confounder, and even if not, the reduction in work factor is
not terribly significant for 128-bit keys.
Greg Hudson [Mon, 28 Mar 2011 17:05:54 +0000 (17:05 +0000)]
Use first principal in keytab when verifying creds
In krb5_verify_init_creds(), use the first principal in the keytab
to verify the credentials instead of the result of
krb5_sname_to_principal(). Also add tests.
Greg Hudson [Thu, 24 Mar 2011 01:24:42 +0000 (01:24 +0000)]
Fix DAL documentation to recommend using krb5_db_get_context() and
krb5_db_set_context() instead of directly accessing
context->dal_handle->db_context (which requires internal headers).
Zhanna Tsitkov [Fri, 18 Mar 2011 20:48:06 +0000 (20:48 +0000)]
Move doxygen comments from source to header. Updated comments and added some usage examples.
Affected functions: krb5_cc_get_config, krb5_cc_set_config, krb5_is_config_principal
Greg Hudson [Thu, 17 Mar 2011 22:10:44 +0000 (22:10 +0000)]
KDC memory leak of reply padata for FAST replies
kdc_fast_response_handle_padata() replaces rep->padata, causing the
old value to be leaked. As a minimal fix, free the old value of
rep->padata before replacing it.
Greg Hudson [Thu, 17 Mar 2011 20:02:01 +0000 (20:02 +0000)]
KDC memory leak in FAST error path
When kdc_fast_handle_error() produces a FAST-encoded error, it puts it
into err->e_data and it never gets freed (since in the non-FAST case,
err->e_data contains aliased pointers). Fix this by storing the
encoded error in an output variable which is placed into the error's
e_data by the caller and then freed.
Greg Hudson [Fri, 11 Mar 2011 17:53:18 +0000 (17:53 +0000)]
Although it can't actually happen, make it more explicit that we won't
dereference a null mech in the cleanup handler of the mechglue's
gss_accept_sec_context.
Greg Hudson [Fri, 11 Mar 2011 04:20:17 +0000 (04:20 +0000)]
Move the des and AFS string-to-key implementations into lib/crypto/krb,
since they aren't standard crypto primitives. Revise the module SPI
accordingly. Add tests for AFS string-to-key to t_str2key.c to replace
the ones in the (now defunct) t_afss2k.c.
Greg Hudson [Tue, 8 Mar 2011 19:34:31 +0000 (19:34 +0000)]
SPNEGO's accept_sec_context and init_sec_context produce a null context
on error, so it needs to silently succeed when deleting a null context.
It was instead passing the null context along to the mechglue which
would produce an error, causing a leak of the mechglue's union context
wrapper. Reported by aberry@likewise.com.
Greg Hudson [Sat, 5 Mar 2011 13:51:00 +0000 (13:51 +0000)]
Remove the init_state and free_state enctype functions and go back to
always delegating state to the enc provider. (We needed enctype-
specific state initialization for CCM enctypes when we had them.)
Greg Hudson [Wed, 2 Mar 2011 05:29:29 +0000 (05:29 +0000)]
Consolidate almost all lib/crypto/krb headers into a single
crypto_int.h. In that header, define and document responsibilities
for crypto modules, some of which are satisfied through a
module-specific crypto_mod.h. In the OpenSSL and NSS modules, remove
many of the headers and sources providing functionality which isn't
needed by lib/crypto/krb any more (direct interfaces to MD4, MD5, and
SHA-1 hashing, as well as DES weak key testing). Change most
Makefile.ins to only include headers from lib/crypto/krb and
lib/crypto/$(CRYPTO_IMPL), instead of from many different directories.
Greg Hudson [Mon, 28 Feb 2011 23:57:56 +0000 (23:57 +0000)]
Simplify lib/crypto/krb/arcfour in the wake of r23444. Move the
contents of arcfour_aead.c into arcfour.c, turn the key derivation
helper functions into static functions, and eliminate arcfour-int.h.
Greg Hudson [Mon, 28 Feb 2011 20:56:02 +0000 (20:56 +0000)]
Use the hash provider interface in krb5int_arcfour_string_to_key so
that we don't need a direct interface to MD4 in the crypto modules.
Also clean up the code a bit.
Greg Hudson [Sun, 27 Feb 2011 19:08:14 +0000 (19:08 +0000)]
Reference random-to-key handlers through the enctype instead of the
enc_provider, for consistency with string-to-key and the place of
implementation (other enc_provider functions are implemented in the
back end, but random-to-key handlers are in krb). Use a single
handler for non-DES/DES3 enctypes since it's always just directly
copying the bits. Collapse the three implementations (des, des3, and
direct) into random_to_key.c, as they're very short, and eliminate the
lib/crypto/krb/rand2key directory.
Greg Hudson [Sun, 27 Feb 2011 02:35:04 +0000 (02:35 +0000)]
Make sure ulog_map() is invoked whenever we open the database in
kdb5_util. Fixes all of the master key rollover commands in the
presence of iprop. Reported by kacarstensen@csupomona.edu.
Greg Hudson [Fri, 25 Feb 2011 17:23:54 +0000 (17:23 +0000)]
Now that all PRNG modules fit nicely into a single source file,
simplify the PRNG abstraction, flattening the implementations into
crypto/krb and removing the indirection through function pointers.
Move the guts of the NSS PRNG implementation into the nss subdir so
that crypto/krb doesn't need to be built with CRYPTO_IMPL_CFLAGS.
Greg Hudson [Thu, 24 Feb 2011 09:58:45 +0000 (09:58 +0000)]
Fortuna as default PRNG
Rewrite prng_fortuna.c to much more closely match the description of
Fortuna in chapter 9 of Cryptography Engineering. Add a facility to
get OS entropy and implement it for Unix and Windows (not yet tested
on Windows) to replace prng/fortuna/entropy.c. Rewrite the test
harness to always ensure stable output and perform a statistical test
on the predictable internal state resulting from the stable-output
tests.
projects / thirdparty / krb5.git / log
