Commit Graph

28559 Commits

Author SHA1 Message Date
Chris Lamb
2f3f88e53a Correct "allignment" typos.
Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

(cherry-picked from Samba commit 8fcc49ecd44e69d7f9ada212c63896e0dcf488a4)
2018-09-10 14:42:18 -04:00
Chris Lamb
9c2351eb25 Correct "paramaters" typos.
Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

(cherry-picked from Samba commit e0366ea49d5daa8fbf8b2ca22b1d3c77cc2daf9a)
2018-09-10 14:42:18 -04:00
Andrew Bartlett
d99b8acd1c do not dereference NULL pointer modules if we do not have dlopen
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2018-09-10 14:40:51 -04:00
Gary Lockyer
1c8cae58cc heimdal: Use #ifdef HAVE_DLOPEN around functions and variables used by HAVE_DLOPEN
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
2018-09-10 14:40:51 -04:00
Viktor Dukhovni
492910ec1e Don't lose error status in kadm5_s_init_with_context
If either krb5_parse_name() or _kadm5_acl_init() fail
we could return success and a NULL kadm5_handle.
2018-08-05 14:37:04 -04:00
Jeffrey Altman
0f91fefe42 Update ipropd_slave.c 2018-07-29 19:51:10 -04:00
Daria Phoebe Brashear
ee6f7402ca ipropd_slave: open hdb around kadm5_log_init in case recovery needed
log_init in the event a log is found will do recovery. kadm5_log_replay
will call methods which expect an hdb_db to be set but without this
none is
2018-07-29 19:51:10 -04:00
Jeffrey Altman
1d4ebc0df7 lib/krb5: restore krb5_context_data field ordering to match 7.x
The struct krb5_context_data field can be passed to plugins
which might not be aware of the new structure layout.  To
reduce the risk of data corruption, fields must never be
removed, modified or reordered.  Old unused fields are marked
deprecated and new fields are appended to the end of the structure.

This change moves two fields that were added to master which
are not present in Heimdal 7.x:

fe43be8558 added config_include_depth.

5b39bd7c1d added no_ticket_store.

Change-Id: I28b157e128732324972c99b246a93a828bc077c1
2018-06-08 12:00:38 -04:00
Simon Wilkinson
3046fb914e krb5/crypto: Fix compiler error in new iovec CTS code
Some versions of gcc can't follow the logic in the encryption path
of the _krb5_evp_encrypt_iov_cts code, and believe that it is
possible for the lastpos structure to be used uninitialised.

This isn't actually possible. On entry to the loop, remaining is
guaranteed to be both greater than, and a multiple of blocksize.
In order to exit the loop, remaining must be set to 0. If
cursor.current.length >= remaining, then we set remaining to 0 and
also set lastpos. Otherwise, we calculate the number of whole blocks
in the current iovec, which must be less than remaining, and subtract
that from remaining. Remaining must still be a multiple of and greater
than or equal to blocksize. If remaining == blocksize, we set lastpos,
and set remaining to 0. Otherwise we consume a single block, and go
around again. All of the paths which may set remaining to 0 also
set lastpos, so lastpos must be populated when the loop terminates.

Coverity has a similiar misconception, albeit with ivec2, which is
mistaken for the same reasons.
2018-05-28 08:37:22 -04:00
Simon Wilkinson
f0bc313cef krb5/crypto: Fix a couple of places where return codes weren't
The recent iovec changes introduced a couple of places where return
codes were being incorrectly discarded. Fix them so errors get back
to callers.
2018-05-25 23:46:09 -04:00
Jeffrey Altman
e5b6a3390a Windows: add hcrypto headers to SDK
Create and populated the contents of the out/sdk/inc/hcrypto directory.

Change-Id: I9512b67b9adfee807b303471c4b7b977ad186ae7
2018-05-25 11:37:42 -04:00
Simon Wilkinson
8e301d44b1 krb5: Use iovecs for krb5_decrypt_iov_ivec
When we have an underlying iovec encryption function, use iovecs for
checksum-then-encrypt alogrithms in decrypt_iov_ivec, rather than
coalescing iovecs into a single memory buffer.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
a1c8f029b7 krb5: Add a verify mode for the HMAC_SHA1 checksum
Add a verify operation for this checksum. If a verify operation isn't
defined, then the verify_checksum code has to dynamically allocate and
free a block of memory for the computed checksum, which can be a
significant overhead when performing bulk data encryption.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
c611a23d77 krb5: Add EVP iovec encryption routines
Add iovec routines for both padded CBC, and CTS EVP based encryption.

These routines go to great lengths to minimise the number of times
we call EVP_Cipher. With some EVP implementations (such as OpenSSL's
AES-NI) there is a significant entrance and exit overhead from this
routine, due to the use of SIMD vectors for the ivec.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
57f7373583 krb5: Add an optional encrypt_iov function to encryption types
Add a encrypt_iov function pointer to all of our encryption types
which can be used to implement an iovec based encryption routine.

Modify krb5_encrypt_iov so that it calls the iovec based routine
if it is available.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
62a8fc89bc krb5: Use iovec checksum in krb5_encrypt_iov_ivec
Use the iovec checksum routines in krb5_encrypt_iov_ivec. This
still marshalls all of the iovecs together to perform the encryption
operation, but this change halves the amount of time spent on
data marshalling in this function.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
c45c0d3c66 krb5: Actually 0 padding
When we decide we need to zero the padding iovec, do so with 0, not
with the length that we've determined.

This had no effect because we zero the padding properly later, but it
should be fixed, so that things still work when the later memset() goes
away.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
550067f6d0 krb5: Expand list of vector types that are hashed
So that we can eventually use iovec hashes with encrypt, as well
as sign operations, add CRYPTO_TYPE_HEADER and CRYPTO_TYPE_PADDING
to the list of iovecs which will be hashed.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
2d84fc65bb hcrypto: Make more buffers persist across HMAC operations
If we don't change MD algorithm across two calls to HMAC_Init_ex
using the same context, don't bother reallocating all of our buffers.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
b9b8e76376 krb5: Stash the HMAC context in the krb5_crypto object
Store the EVP HMAC context in the krb5_crypto object so that we
don't have to allocate it for every hashing operating we perform.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
e50faea7f0 krb5: Store a digest context in the crypto structure
Creating and destroying an EVP_CTX_MD structure with every hash
operation is very expensive. Speed things up by caching one within
the krb5_crypto structure. krb5_crypto can already only be safely
used by one thread at a time - adding a message digest context here
shouldn't introduce any further threading risks.

Users of the stashed context must be careful to ensure that they
call no other hash functions whilst they are in the middle of using
the context.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
fa1e998b53 krb5: Implement krb5_verify_checksum_iov with iovecs
Instead of flattening the iovecs passed into
krb5_verify_checksum_iov, create a new internal verify_checksum_iov
function which passes iovecs down onto the individual ->verify or
->checksum functions.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
152a23f2ce krb5: Reorder checks in _key_schedule
_krb5_find_enctype is a moderately expensive operation, as it
does a linear search of the enctype lists. Avoid calling it
in _key_schedule when we already have a key schedule in place.

This change makes the most common check the first in the function.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
aedc1fd4bd krb5: Use iovecs throughout krb5_create_checksum_iov
Rather than flattening the iovecs supplied to
krb5_create_checksum_iov into a malloc()'d memory block, refactor
the function so that they can be passed straight through to the
backend hash functions.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
c2271cfbfb krb5: Use EVP HMAC() function for HMAC-SHA1
Use the EVP HMAC() function that we use for SHA2 HMACs for SHA1 as
well.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
9a66752926 test_rfc3961: Add performance tests for HMAC-SHA1
Add a selection of performance tests for HMAC-SHA1 to the
RFC3961 library tests.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
8f947638c7 krb5: Use iovecs internally for checksum verification
When verifying checksums, pass iovecs through to the individual
verify routines.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
ca756f0f7f krb5: Use iovecs for internal checksum handling
Modify the signature of the checksum operation in the
krb5_checksum_type structure so that it processes iovecs rather than
solid blocks of data.

Update all of the implementations of these functions for all of the
checksum types that we support so that they process iovecs, either
by iterating through the iovec in each function, or by calling
_krb5_evp_digest_iov or _krb5_evp_hmac_iov()

Update callers of these functions so that they turn their single blocks
of data into a single iovec of the correct type before calling checksum
2018-05-23 09:54:27 -04:00
Simon Wilkinson
3484f092e5 krb5: Add _krb5_evp_hmac_iov
Add a function which will perform an HMAC over a set of iovecs,
using the hcrypto provided HMAC functions.

Join contiguous iovecs together before passing them to the hash
function so we make as few calls into the hash as possible.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
cb632bfdeb krb5: Add _krb5_evp_digest_iov
Add a function which can apply an EVP message digest algorithm over
a set of iovecs to produce a signature.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
eb5eae59a4 krb5: Add _krb5_crypto_iov_should_sign helper function
Add a helper function which contains the knowledge about whether
a particular portion of a krb5_crypto_iovec should be signed or not.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
c1eb9828f4 hcrypto: Add HMAC_CTX_new and HMAC_CTX_free
Add a pair of functions which can be used to allocate and free
an HMAC_CTX structure on the heap. This means that the caller doesn't
need to know the size of the underlying structure.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
ae62cc2341 test_rfc3961: Add HMAC tests
Add some HMAC-SHA1 tests using the test vectors in RFC2202
2018-05-23 09:54:27 -04:00
Luke Howard
927185e732 IPC: Solaris doors backend: avoid using TLS where possible
Optimistically delay using thread-local storage for the door reply
buffer until we actually need to allocate from the heap.
2018-05-14 12:14:59 +10:00
Luke Howard
c5db6e691a IPC: Solaris doors backend: fix uninitialized variables
When replying to a door call, if allocating the buffer using malloc()
fails, we return EAGAIN to the client to avoid it hanging, using a
variable on the stack. However in this case the code did not reset the
reply length, which would result in it reading past the end of the stack.
At the expense of a goto, this patch uses the same path for returning an
error as if it was generating by the application.

Also, ensure that reply->length is set to zero when returning an error;
it shouldn't affect the client as it will not read this in the event of
a non-zero return code, but it avoids leaking uninitialized memory.
2018-05-13 21:15:21 +10:00
Luke Howard
defde8be68 IPC: do not use alloca() in Solaris doors backend 2018-05-13 17:50:30 +10:00
Luke Howard
73fde33757 KCM: restore support for Solaris doors IPC mechanism (#379)
This patch restores support for the Solaris doors IPC mechanism, removed
from KCM when lib/ipc was added.
2018-05-13 15:31:13 +10:00
Luke Howard
fef64ade9f IPC: fail gracefully in heim_ipc_cred_get_XXX if cred is NULL (#382) 2018-05-12 14:42:25 +10:00
Luke Howard
0c51e7c6ab IPC: use getpeerucred() API correctly (#382)
The ucred_t argument must be initialized to zero otherwise it is assumed to
point to allocated memory. Also, the logic is inverted: getpeerucred()
returns zero on success, not failure.
2018-05-12 14:40:56 +10:00
Luke Howard
bd2c2eb8bd hcrypto WinCNG backend: zero rgb{Hash,Key}Object on reinit
In the interest of being paranoid, when a WinCNG crypto or digest
context is being reinitialized, zero out the backing store as well
as destroying the handle.
2018-05-12 13:54:15 +10:00
Luke Howard
934d5e09bf hcrypto PKCS#11 backend: Call C_Initialize() on every hcrypto call
This is required as the PKCS#11 library needs to be reinitialized after
forking. This was causing a problem with ipropd.

This fix appears to incur a repeatable 10ms performance penalty on aes-test.

Caching the initialization status using a once control and invalidating it
on fork provided no measurable performance benefit on Solaris 11. Other
approaches would not be thread-safe or would involve more intrusive code
changes, such as exposing heimbase's atomics.
2018-05-12 13:45:30 +10:00
Luke Howard
3224a282a6 hcrypto WinCNG backend: don't leak handles on crypto reinit
Similar fix to a88d0066, but for the WinCNG EVP backend. However this
is just a fix for leaking handles if the same EVP context is used with
a new key; there is no functionality issue as cipherstate is maintained
directly in the EVP context, not internally by WinCNG.
2018-05-11 21:31:34 +10:00
Luke Howard
bd0b6f8c2b hcrypto WinCNG backend: don't leak handles on digest reinit
Similar fix to 9518f296, but for the WinCNG EVP backend.
2018-05-11 21:06:27 +10:00
Luke Howard
9518f2965b hcrypto PKCS#11 backend: don't leak sessions on digest reinit
Clients of the EVP API can reinitialize message digest contexts
without destroying them. The PKCS#11 backend assumed they were
only used once, and was leaking session handles upon reinitialization.
This fix disposes of any existing PKCS#11 message digest context
in the initialization method.
2018-05-11 20:45:10 +10:00
Luke Howard
6a1bb95323 hcrypto PKCS#11 backend: allow digest update with NULL (#378)
In the PKCS#11 backend, add an assertion check to p11_md_update()
to validate that the data length is zero if the data is NULL.
2018-05-11 13:50:38 +10:00
Luke Howard
590be3d7da hcrypto PKCS#11 backend: allow digest update with NULL (#378)
Some callers of EVP_DigestUpdate (such as libntlm) pass NULL as the
data argument. PKCS#11 returns CKR_ARGUMENTS_BAD which may poison
the context. Pass an empty string to C_DigestUpdate work around this.
2018-05-11 13:16:44 +10:00
Luke Howard
a88d00660e Fix PKCS#11 hcrypto backend regression (#314, #315, #316, #317)
81c778e broke the PKCS#11 hcrypto backend broke for many cases as it did
not support cipherstate resetting. (Prior to 81c778e, which was to fix #194,
the PKCS#11 backend did not support cipherstate chaining across invocations.)

hcrypto backends that maintain cipherstate independently of the hcrypto
context IV field need to set EVP_CIPH_ALWAYS_CALL_INIT to avoid the two
diverging. Their init function should support resetting the cipherstate
independently of key scheduling.
2018-05-11 13:11:31 +10:00
Matt Selsky
a2822719e6 Fix typos in setup documentation 2018-04-19 15:54:31 -04:00
Daria Phoebe Brashear
44f90c2025 libedit: makelist should default to awk, but not force it
solaris needs gawk; we should allow the makefile to override awk
with gawk (or whatever else)
2018-04-19 15:52:06 -04:00
Daria Phoebe Brashear
d9425fecdf heim_verbose can't be used mid-stanza in shell commands
Solaris make won't allow @echo in a shell command string as there is no
command called @echo, and it passes the whole shell command to the shell
without poaching off the @ itself first
2018-04-19 13:12:59 -04:00