oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Fix leak in kimpersonate

Browse Source
This commit is contained in:
Nicolas Williams
2015-03-24 14:32:32 -05:00
parent 4ae3e7d40a
commit c2961ced3c
1 changed files with 55 additions and 55 deletions
Download Patch File Download Diff File Expand all files Collapse all files

110
kuser/kimpersonate.c
View File

@@ -56,11 +56,11 @@ static const char *enc_type = "aes256-cts-hmac-sha1-96";
static const char *session_enc_type = NULL; static const char *session_enc_type = NULL;
static void static void
encode_ticket (krb5_context context, encode_ticket(krb5_context context,
EncryptionKey *skey, EncryptionKey *skey,
krb5_enctype etype, krb5_enctype etype,
int skvno, int skvno,
krb5_creds *cred) krb5_creds *cred)
{ {
size_t len, size; size_t len, size;
char *buf; char *buf;
@@ -70,8 +70,8 @@ encode_ticket (krb5_context context,
EncTicketPart et; EncTicketPart et;
Ticket ticket; Ticket ticket;
memset (&enc_part, 0, sizeof(enc_part)); memset(&enc_part, 0, sizeof(enc_part));
memset (&ticket, 0, sizeof(ticket)); memset(&ticket, 0, sizeof(ticket));
/* /*
* Set up `enc_part' * Set up `enc_part'
@@ -106,7 +106,7 @@ encode_ticket (krb5_context context,
ret = krb5_crypto_init(context, skey, etype, &crypto); ret = krb5_crypto_init(context, skey, etype, &crypto);
if (ret) if (ret)
krb5_err(context, 1, ret, "krb5_crypto_init"); krb5_err(context, 1, ret, "krb5_crypto_init");
ret = krb5_encrypt_EncryptedData (context, ret = krb5_encrypt_EncryptedData(context,
crypto, crypto,
KRB5_KU_TICKET, KRB5_KU_TICKET,
buf, buf,
@@ -129,7 +129,7 @@ encode_ticket (krb5_context context,
ASN1_MALLOC_ENCODE(Ticket, buf, len, &ticket, &size, ret); ASN1_MALLOC_ENCODE(Ticket, buf, len, &ticket, &size, ret);
if(ret) if(ret)
krb5_err (context, 1, ret, "encode_Ticket"); krb5_err(context, 1, ret, "encode_Ticket");
krb5_data_copy(&cred->ticket, buf, len); krb5_data_copy(&cred->ticket, buf, len);
free(buf); free(buf);
@@ -140,7 +140,7 @@ encode_ticket (krb5_context context,
*/ */
static int static int
create_krb5_tickets (krb5_context context, krb5_keytab kt) create_krb5_tickets(krb5_context context, krb5_keytab kt)
{ {
krb5_error_code ret; krb5_error_code ret;
krb5_keytab_entry entry; krb5_keytab_entry entry;
@@ -149,30 +149,29 @@ create_krb5_tickets (krb5_context context, krb5_keytab kt)
krb5_enctype session_etype; krb5_enctype session_etype;
krb5_ccache ccache; krb5_ccache ccache;
memset (&cred, 0, sizeof(cred)); memset(&cred, 0, sizeof(cred));
ret = krb5_string_to_enctype (context, enc_type, &etype); ret = krb5_string_to_enctype(context, enc_type, &etype);
if (ret) if (ret)
krb5_err (context, 1, ret, "krb5_string_to_enctype (enc-type)"); krb5_err (context, 1, ret, "krb5_string_to_enctype (enc-type)");
ret = krb5_string_to_enctype (context, session_enc_type, &session_etype); ret = krb5_string_to_enctype(context, session_enc_type, &session_etype);
if (ret) if (ret)
krb5_err (context, 1, ret, "krb5_string_to_enctype (session-enc-type)"); krb5_err (context, 1, ret, "krb5_string_to_enctype (session-enc-type)");
ret = krb5_kt_get_entry (context, kt, server_principal, ret = krb5_kt_get_entry(context, kt, server_principal, 0, etype, &entry);
0, etype, &entry);
if (ret) if (ret)
krb5_err (context, 1, ret, "krb5_kt_get_entry"); krb5_err(context, 1, ret, "krb5_kt_get_entry");
/* /*
* setup cred * setup cred
*/ */
ret = krb5_copy_principal (context, client_principal, &cred.client); ret = krb5_copy_principal(context, client_principal, &cred.client);
if (ret) if (ret)
krb5_err (context, 1, ret, "krb5_copy_principal"); krb5_err(context, 1, ret, "krb5_copy_principal");
ret = krb5_copy_principal (context, server_principal, &cred.server); ret = krb5_copy_principal(context, server_principal, &cred.server);
if (ret) if (ret)
krb5_err (context, 1, ret, "krb5_copy_principal"); krb5_err(context, 1, ret, "krb5_copy_principal");
krb5_generate_random_keyblock(context, session_etype, &cred.session); krb5_generate_random_keyblock(context, session_etype, &cred.session);
cred.times.authtime = time(NULL); cred.times.authtime = time(NULL);
@@ -181,9 +180,9 @@ create_krb5_tickets (krb5_context context, krb5_keytab kt)
cred.times.renew_till = 0; cred.times.renew_till = 0;
krb5_data_zero(&cred.second_ticket); krb5_data_zero(&cred.second_ticket);
ret = krb5_get_all_client_addrs (context, &cred.addresses); ret = krb5_get_all_client_addrs(context, &cred.addresses);
if (ret) if (ret)
krb5_err (context, 1, ret, "krb5_get_all_client_addrs"); krb5_err(context, 1, ret, "krb5_get_all_client_addrs");
cred.flags.b = ticket_flags; cred.flags.b = ticket_flags;
@@ -191,7 +190,8 @@ create_krb5_tickets (krb5_context context, krb5_keytab kt)
* Encode encrypted part of ticket * Encode encrypted part of ticket
*/ */
encode_ticket (context, &entry.keyblock, etype, entry.vno, &cred); encode_ticket(context, &entry.keyblock, etype, entry.vno, &cred);
krb5_kt_free_entry(context, &entry);
/* /*
* Write to cc * Write to cc
@@ -200,23 +200,23 @@ create_krb5_tickets (krb5_context context, krb5_keytab kt)
if (ccache_str) { if (ccache_str) {
ret = krb5_cc_resolve(context, ccache_str, &ccache); ret = krb5_cc_resolve(context, ccache_str, &ccache);
if (ret) if (ret)
krb5_err (context, 1, ret, "krb5_cc_resolve"); krb5_err(context, 1, ret, "krb5_cc_resolve");
} else { } else {
ret = krb5_cc_default (context, &ccache); ret = krb5_cc_default(context, &ccache);
if (ret) if (ret)
krb5_err (context, 1, ret, "krb5_cc_default"); krb5_err(context, 1, ret, "krb5_cc_default");
} }
ret = krb5_cc_initialize (context, ccache, cred.client); ret = krb5_cc_initialize(context, ccache, cred.client);
if (ret) if (ret)
krb5_err (context, 1, ret, "krb5_cc_initialize"); krb5_err(context, 1, ret, "krb5_cc_initialize");
ret = krb5_cc_store_cred (context, ccache, &cred); ret = krb5_cc_store_cred(context, ccache, &cred);
if (ret) if (ret)
krb5_err (context, 1, ret, "krb5_cc_store_cred"); krb5_err(context, 1, ret, "krb5_cc_store_cred");
krb5_free_cred_contents (context, &cred); krb5_free_cred_contents(context, &cred);
krb5_cc_close (context, ccache); krb5_cc_close(context, ccache);
return 0; return 0;
} }
@@ -226,28 +226,28 @@ create_krb5_tickets (krb5_context context, krb5_keytab kt)
*/ */
static void static void
setup_env (krb5_context context, krb5_keytab *kt) setup_env(krb5_context context, krb5_keytab *kt)
{ {
krb5_error_code ret; krb5_error_code ret;
if (keytab_file) if (keytab_file)
ret = krb5_kt_resolve (context, keytab_file, kt); ret = krb5_kt_resolve(context, keytab_file, kt);
else else
ret = krb5_kt_default (context, kt); ret = krb5_kt_default(context, kt);
if (ret) if (ret)
krb5_err (context, 1, ret, "resolving keytab"); krb5_err(context, 1, ret, "resolving keytab");
if (client_principal_str == NULL) if (client_principal_str == NULL)
krb5_errx (context, 1, "missing client principal"); krb5_errx(context, 1, "missing client principal");
ret = krb5_parse_name (context, client_principal_str, &client_principal); ret = krb5_parse_name(context, client_principal_str, &client_principal);
if (ret) if (ret)
krb5_err (context, 1, ret, "resolvning client name"); krb5_err(context, 1, ret, "resolvning client name");
if (server_principal_str == NULL) if (server_principal_str == NULL)
krb5_errx (context, 1, "missing server principal"); krb5_errx(context, 1, "missing server principal");
ret = krb5_parse_name (context, server_principal_str, &server_principal); ret = krb5_parse_name(context, server_principal_str, &server_principal);
if (ret) if (ret)
krb5_err (context, 1, ret, "resolvning server name"); krb5_err(context, 1, ret, "resolvning server name");
/* If no session-enc-type specified on command line and this is an afs */ /* If no session-enc-type specified on command line and this is an afs */
/* service ticket, change default of session_enc_type to DES. */ /* service ticket, change default of session_enc_type to DES. */
@@ -261,12 +261,12 @@ setup_env (krb5_context context, krb5_keytab *kt)
ticket_flags_int = parse_flags(ticket_flags_str, ticket_flags_int = parse_flags(ticket_flags_str,
asn1_TicketFlags_units(), 0); asn1_TicketFlags_units(), 0);
if (ticket_flags_int <= 0) { if (ticket_flags_int <= 0) {
krb5_warnx (context, "bad ticket flags: `%s'", ticket_flags_str); krb5_warnx(context, "bad ticket flags: `%s'", ticket_flags_str);
print_flags_table (asn1_TicketFlags_units(), stderr); print_flags_table(asn1_TicketFlags_units(), stderr);
exit (1); exit(1);
} }
if (ticket_flags_int) if (ticket_flags_int)
ticket_flags = int2TicketFlags (ticket_flags_int); ticket_flags = int2TicketFlags(ticket_flags_int);
} }
} }
@@ -302,26 +302,26 @@ struct getargs args[] = {
}; };
static void static void
usage (int ret) usage(int ret)
{ {
arg_printusage (args, arg_printusage(args,
sizeof(args) / sizeof(args[0]), sizeof(args) / sizeof(args[0]),
NULL, NULL,
""); "");
exit (ret); exit(ret);
} }
int int
main (int argc, char **argv) main(int argc, char **argv)
{ {
int optidx = 0; int optidx = 0;
krb5_error_code ret; krb5_error_code ret;
krb5_context context; krb5_context context;
krb5_keytab kt; krb5_keytab kt;
setprogname (argv[0]); setprogname(argv[0]);
ret = krb5_init_context (&context); ret = krb5_init_context(&context);
if (ret) if (ret)
errx(1, "krb5_init_context failed: %u", ret); errx(1, "krb5_init_context failed: %u", ret);