This will help programs that need to URL-escape strings.
Also, this changes `do_hvis()` to not fallback on `do_svis()` for chars in
`extra` -- that `do_hvis()` was doing that seems like an oversight. Christos
Zoulas, of NetBSD, agrees. `do_hvis()` still falls back on `do_svis()` for
characters not in the RFC 1808 / 3986 to-be-escaped set *and* characters not in
the `extra` set -- that much seems to have been the intent.
Now that we're using krb5_net_write() with non-blocking sockets in
ipropd_master, we MUST correctly account for partial writes.
Therefore, roken net_write() called from krb5_net_write() now
returns the number of bytes written when the socket error was
EWOULDBLOCK (or EAGAIN).
Also, fix potential issue on Windows, where errno was used instead
of rk_SOCKET_ERRNO whether or not we used _write() or send().
This is necessary in order to add proper support for CSRs in kx509,
where the KDC can examine all requested KUs/EKUs/SANs, check
authorization, and issue a certificate with all those extensions if
authorized.
This is the convention used by OpenSSL, of encoding all the KU, EKUs,
and SANs being requested as Extensions as they would appear in the
TBSCertificate, then putting those in as a single Attribute in the CSR's
Attributes list with attribute OID {id-pkcs-9, 14}.
- expose all hx509_request_*() functions
- finish support in hx509_request_parse*() for KU, EKU, and SAN CSR
attributes
- finish support in hx509_request_to_pkcs10() for encoding all
requested KU, EKU, and SAN extensions as a CSR extReq (extension request)
- add hx509_request_add_*() support for:
- id-pkinit-san and ms-upn-pkinit-san
- XMPP (Jabber) SAN
- registeredID (useless but trivial)
- add hxtool request-create options for all supported SANs
- add hxtool request-create options for KeyUsage
- add hxtool request-create options for ExtKeyUsage
- add hxtool request-print support for all these things
- fix bugs in existing id-pkinit-san handling
Possible future improvements
- add HX509_TRACE env var and support (it would be nice to be able to
observe why some certificate is rejected, or not matched in a query)
- add testing that CSR creating and printing round-trip for all KUs,
EKUs, and SANs
(probably in tests/kdc/check-pkinit.in)
- add testing that OpenSSL can print a CSR made by hxtool and
vice-versa
- hxtool ca: add KU sanity checking (via hx509_ca_sign() and/or friends)
(don't allow encrypt for signing-only algs)
(don't allow encrypt for RSA at all, or for RSA with small e exponents)
- hxtool request-print: warn about all unknown attributes and
extensions
- hxtool ca: MAYBE add support for adding requested extensions from the
--req=CSR
("Maybe" because CA operators should really verify and authorize all
requested attributes, and should acknowledge that they have, and the
simplest way to do this is to make them add all the corresponding
CLI arguments to the hxtool ca command, but too, that is
error-prone, thus it's not clear yet which approach is best.
Perhaps interactively prompt for yes/no for each attribute.)
- add additional SAN types:
- iPAddress (useless?)
- dNSSrv (useful!)
- directoryName (useless, but trivial)
- uniformResourceIdentifier (useful)
- it would be nice if the ASN.1 compiler could generate print
functions..., and/or even better, to-JSON functions
- it would be nice if we had a known-OID db, including the names of the
types they refer to in certificate extensions, otherName SANs and CSR
attributes, then we could generate a CSR and certificate printer for
all known options even when they are not supported by the rest of
Heimdal
- and we could also get friendly names for OIDs, and we could
resolve their arc names
- longer term, we could also stand to add some ASN.1 information
object system functionality, just enough to make
lib/hx509/asn1_print awesome by being able to automatically decode
all heim_any and OCTET STRING content (better than its current
--inner option)
The fix involves:
- Removing HAVE_STRFTIME from config.h.w32
- Adding strftime.c to the makefile
- Defining timezone and tzname to their windows equivalent
for the compile of this module
95eb83c424 ("roken: Add roken_get_username() and friends")
failed to copy the username C-String NUL terminator. As a result
a "DOMAIN\user" is returned as "userIN\user".
Change-Id: I10027e4eef18364074eecf385fa9fab1ae68dbe7
The rk_UNCONST macro exists because neither __DECONST nor uintptr_t
are available on all platforms (for example, AIX).
Change-Id: Ie36f0dd7a9ce454d411761ee4dbd6fc1f7c6692c
b10ad7eb57
("roken: strtoll.c negation is a no-op on unsigned integer")
broke strtoll() by failing to assign 'ret' in the success case.
Change-Id: I30535d83a2bef305140f1a6bd1ed2eeba23db9b9
strtoull() returns an unsigned long long. However, then the input
string represents a negative number the return value is supposed to
be the unsigned representation of the negative value. Before applying
the negation the value must be cast to (long long).
Change-Id: Icf9e75400ff736819b1f7e0e6fb3c8abd707a23a
strtoll() returns a signed long long not an unsigned long long.
When applying the negation for negatives the value must be cast
from unsigned to signed and then stored in a signed variable
before returning it.
Change-Id: If568afd2509d27c7bf206ca59d32ca150cb34857
__declspec not _declspec
Include "err.h" not <err.h>
Include "roken.h" before "err.h"
Indent "#if" as "# if" within roken.h.in when CPP rules must be copied
into the generated "roken.h".
Correct verr() attribute to be ROKEN_LIB_NORETURN_FUNCTION.
Change-Id: I4289ecaba4a097175b4a5a1cde529b59038c72e3
fix breakage introduced by 6341132175
("roken: fix build breakage, AT_HWCAP2 may be undefined (#446)").
Detected by Coverity.
Change-Id: Iefdb73d4392e5184a69a99208945ece6b7b8ecb3
When WIN32 is undefined an unreachable code warning was generated
since "/bin/sh" is returned as the default resposne.
Change-Id: I757c9d05db62c1d52fee0e510259098d73273a84
When arc4random() is available, rk_random_init() does not have to
call arc4random_stir(). ac4random_stir() will be called as a result
of the first call to arc4random().
Change-Id: I6f4a3be7c39752746657945ed15896472908f889
We add roken_get_{shell, username, appdatadir, homedir}() functions. These use
a combination of secure_getenv(), getpwuid_r(), getlogin_r(), or various WIN32
functions to get this information.
Use roken_get_appdatadir() instead of roken_get_homedir() when looking for
dotfiles.
We no longer use it since removing ftp from appl/.
Note that expansion of ~username/ couldn't have been working because
k_getpwnam() was being called with an unsigned short * that was forcibly
cast to char *, but it really was shorts, not chars... Anyone who ever
feels like reviving lib/roken/glob.[ch] will want to fix that...
The Solaris auxval test fails, because Solaris uses different preprocessor
symbols (and numbers) for its UID and GID auxval types.
Note that issuid() could simply be an alias of issetugid() on Solaris, so
perhaps this is not necessary.
In VC15 GetVersionEx has been deprecated. In order to continue to
support Win2K use the undeprecated VerifyVersionInfoW API
(available since Win2K).
Inline helper functions used in latest Win10 SDK to simplify code.
GetSystemTimeAsFileTime() has 16ms precision.
GetSystemTimePreciseAsFileTime() has <1ns precision but is only available
on Windows 8 or later.
This change dynamically loads GetSystemTimePreciseAsFileTime() if it is
available.
Change-Id: Ib9c616c01948384e6b256ac9b6023f1e39673613
despite the fact that the called function returns void,
returning a result here throws an error with solaris cc.
just call the function and don't return
if when we need to determine if getauxval sets errno, we determine it doesn't
after getting a 0 return code, make sure we return a value, since we didn't
previously. fall through to code we'd otherwise have called in this case
above.
