oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
31,064 Commits 3 Branches 2 Tags
253a001ebcf4e65b482f203c092a048508c5e6bb
Commit Graph

2144 Commits

Author SHA1 Message Date
Nicolas Williams
112a82dd25 kdc: Fix memset_s() calls (fix #1296) 2026-01-20 16:05:36 -06:00
Taylor R Campbell
5589cf96c7 Sprinkle const and rk_UNCONST throughout the tests. 2026-01-18 19:06:17 -06:00
Taylor R Campbell
adeae8336c kdc: Sprinkle const and rk_UNCONST. 2026-01-18 19:06:17 -06:00
Taylor R Campbell
29a791f8f4 kdc: rk_UNCONST for literal shell.version. 
I assume this is used read-only by ASN1_MALLOC_ENCODE.
 2026-01-18 19:06:17 -06:00
Taylor R Campbell
294ab3ae5d kdc: Sprinkle rk_UNCONST. 2026-01-18 19:06:17 -06:00
Taylor R Campbell
3c2b7b865b kdc: Note strict aliasing violations. 2026-01-18 19:06:17 -06:00
Nicolas Williams
167849d621 kdc: Replace token validator plugin system 2026-01-18 19:06:16 -06:00
Nicolas Williams
cbe156d927 Use OpenSSL 3.x _only_ and implement RFC 8636 
- No more OpenSSL 1.x support
 - Remove 1DES and 3DES
 - Remove NETLOGON, NTLM (client and 'digest' service)
 2026-01-18 19:06:16 -06:00
Nicolas Williams
7439820618 hcrypto, otp: Remove hcrypto and otp! 
We must switch to OpenSSL 3.x, and getting lib/hcrypto to provide
OpenSSL 3.x APIs is too large an undertaking.  Plus the hcrypto backend
is not safe, not secure (probably has timing leaks galore), and no one
has the resources to make it a world-class crypto library, so it just
has to go.
 2026-01-18 16:09:31 -06:00
Nicolas Williams
567704f20e httpkadmind: Add -A option for async HDB writes 2026-01-18 16:09:31 -06:00
Nicolas Williams
1bc19c6c04 kdc: Fix NULL deref 2026-01-18 16:09:30 -06:00
Nicolas Williams
2a69918515 kdc: Quiet some MSVC false positive warnings 2026-01-18 16:08:40 -06:00
Nicolas Williams
52e805f3f9 kdc: Session key enctype selection needs to check the service supported enctypes 2026-01-18 16:08:40 -06:00
Ivan Korytov
5cf652bf35 kdc: Fix memory leak of encrypted preauthentication data 
Deallocate r->ek.encrypted_pa_data after response was sent to client.

Signed-off-by: Ivan Korytov <korytovip@basealt.ru>
Reviewed-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
 2025-10-09 12:33:43 -04:00
Stefan Metzmacher
50067e8171 kdc: clear et->flags.ok_as_delegate if cross-realm krbtgt does not have it 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2025-04-16 10:27:45 -04:00
Stefan Metzmacher
225d1c4c0e kdc: Constrained delegation requires a local delegating server 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15837

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2025-04-16 10:27:19 -04:00
Stefan Metzmacher
c0f63fba5c kdc: KRB5_ANON_REALM needs 'const Realm' 
Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2025-04-16 10:25:39 -04:00
Jo Sutton
6b08c05258 kdc: Enforce hardware authentication for accounts requiring it 
Signed-off-by: Jo Sutton <josutton@catalyst.net.nz>
 2024-07-06 16:08:56 -04:00
Jeffrey Altman
c753ed5b7f kdc: APPLE disable enable-pkinit by default as documented 
commit 4d48b172ab ("add pkinit
configration for btmm") introduced automatic configuration of
the 'pkinit_kdc_identity' and 'pkinit_kdc_friendly_name' on macOS
but also modified the default for the 'enable_pkinit' setting
such that pkinit is enabled on all __APPLE__ platforms overriding
the [kdc] enable-pkinit setting obtained from the configuration.

This change modifies the enable-pkinit behavior on __APPLE__ platforms
to match those on every other platform.  __APPLE__ platforms will
continue to auto-configure the [kdc] pkinit_identity and
[kdc] pkinit_anchors if they are not specified in the configuration.
 2024-06-16 23:27:37 -04:00
Jeffrey Altman
2d89b4c27c kdc: -Wcalloc-transposed args 
warning: 'calloc' sizes specified with 'sizeof' in the earlier argument
and not in the later argument [-Wcalloc-transposed-args].

Swap the args.
 2024-06-04 06:22:37 -04:00
Daria Phoebe Brashear
d8c10e68a6 kdc: per-target CPPFLAGS do not have an _AM in the variable name 
when microhttpd is present, bx509d does not build because the
automake-emitted makefile is wrong
 2024-05-20 22:04:21 -04:00
Nicolas Williams
2e94b7855c doc: Clarify kdc --ports / [kdc] ports (fix #1223) 2024-01-16 11:28:35 -06:00
Joseph Sutton
597b59dfb7 kdc: Return NEVER_VALID error code if ticket will never be valid 
This matches the error generated by Windows.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2024-01-09 16:06:06 -06:00
Stefan Metzmacher
baf1930b6a kdc: don't fail salt_fastuser_crypto with r->req.req_body.cname == NULL for TGS-REQ 2024-01-09 16:06:06 -06:00
Joseph Sutton
4de8b3564e kdc: Fix leak with PK-INIT-Win2k 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2024-01-09 16:06:06 -06:00
Joseph Sutton
71fd391036 kdc: Fix spelling 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2024-01-09 16:06:06 -06:00
Taylor R Campbell
19505537fd Ensure all calls to rk_dns_lookup are headed by a block_dns check. 
Exception: In lib/kafs/common.c, we don't have a krb5_context in
which to check.
 2024-01-08 10:22:02 -06:00
Taylor R Campbell
fd77c4000d Ensure all calls to getaddrinfo are headed by a block_dns check. 
If block_dns is set, call getaddrinfo with AI_NUMERICHOST set and
AI_CANONNAME clear.

Some paths may not have set AI_CANONNAME, but it's easier to audit
this way when the getaddrinfo prelude is uniform across call sites,
and the compiler can optimize it away.
 2024-01-08 10:22:02 -06:00
Joseph Sutton
0e9e1a4f31 kdc: Make parameter const 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:37:56 -05:00
Joseph Sutton
ffac143401 kdc: Finish incomplete log message 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:37:56 -05:00
Joseph Sutton
9ba687cf22 kdc: Fix log message 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:37:56 -05:00
Joseph Sutton
68b475fa2e kdc: Finish incomplete warning message 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:37:56 -05:00
Joseph Sutton
079088e543 kdc: Fix incorrect log message 
‘list.len’ can be equal to zero.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:37:56 -05:00
Joseph Sutton
fbe89adf27 kdc: Fix spelling of error and log messages 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:34:35 -05:00
Joseph Sutton
560c9da844 kdc: Fix code spelling 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-28 21:34:35 -05:00
Joseph Sutton
9f05c65981 kdc: Specify client time in FAST inner KRB-ERROR 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
5de5e5f7f6 kdc: Use NULL to assign to pointers 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
f8ba91164c kdc: Don’t use uninitialized variable 
The call to free_KDCDHKeyInfo(), further down, could have caused heap
corruption.

Found by Coverity (Samba CID 1544611).

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Joseph Sutton
6f73fd8206 kdc: Remove pointer cast 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-11-02 20:19:54 -05:00
Nicolas Williams
2a38fa17b5 kdc: Add global disable_pac config param 2023-06-23 13:44:13 -05:00
Nicolas Williams
66445f4341 httpkadmind: Add auth-data-reqd attribute 2023-06-23 13:44:13 -05:00
Nicolas Williams
27cdf81995 kdc: Honor no-auth-data-reqd on cross-real TGTs 
Nowadays we use PACs instead of AD-SIGNEDPATH, so we want a PAC on every
TGT, but we don't necessarily want PACs on cross-realm TGTs.

Specifically, we don't interop well yet with AD when issuing cross-realm
TGTs with AD realms as the destination realm (see #1091).
 2023-06-23 13:44:13 -05:00
Joseph Sutton
da9cad2047 kdc: Overwrite ‘error_code’ only if we have an actual error 
‘r->error_code’ might have been set earlier, and we don’t want to
overwrite it with a successful error code.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-06-20 18:02:15 -05:00
Joseph Sutton
243207f10a kdc: Ensure that we emit a non-zero error code 
If ‘r->error_code’ was zero, we would turn it into an ERR_GENERIC error
and return that to the client. Now we return the actual error code
instead.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-06-20 18:02:15 -05:00
Joseph Sutton
af0b70fcc2 kdc: Fix discarded qualifiers warning 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-06-20 18:02:15 -05:00
Joseph Sutton
043b0d02c1 kdc: Don’t abort if krb5_generate_random_keyblock() fails 
There are a few reasons that this function could fail (e.g., failure to
allocate memory) besides random number generation being unavailable. No
other caller abort()s on failure like this.

Furthermore, krb5_generate_random_block(), which is called by
krb5_generate_random_keyblock(), already aborts if random generation
fails.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-06-20 18:02:15 -05:00
Joseph Sutton
43a4c01126 kdc: Fix missing space in log messages 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-06-20 18:02:15 -05:00
Joseph Sutton
4a699f2450 kdc: Remove trailing space from log message 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-06-20 18:02:15 -05:00
Joseph Sutton
cb69ce4382 kdc: Remove trailing space from log message 
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
 2023-06-20 18:02:15 -05:00
Joseph Sutton
d83802e2d4 kdc: Fix log message typo 2023-06-20 18:02:15 -05:00