The call to free_KDCDHKeyInfo(), further down, could have caused heap
corruption.
Found by Coverity (Samba CID 1544611).
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Nowadays we use PACs instead of AD-SIGNEDPATH, so we want a PAC on every
TGT, but we don't necessarily want PACs on cross-realm TGTs.
Specifically, we don't interop well yet with AD when issuing cross-realm
TGTs with AD realms as the destination realm (see #1091).
Bison must generate this unsolicited, but BSD yacc does not.
The makefiles for lib/com_err and lib/sl already did this; this
change just adds it to lib/asn1 and lib/hx509 too.
fix https://github.com/heimdal/heimdal/issues/1100
key_data is unused. Presumably this was copypasta from DB_seq in
hdb/db.c, where it is used for the Heimdal database format in which
the value may be missing a principal but it can be recovered from the
key. In contrast, the mit-krb5 format appears to always store the
principal in the value and _hdb_mdb_value2entry always retrieves it,
with no need for a key2principal fallback.
fix https://github.com/heimdal/heimdal/issues/1102
This way there is no truncation and no build failure due to
-Werror=format-truncation as is the default in some compilers, such
as gcc7.4 with -Wall -Werror.
This is presumably not space-constrained or performance-critical; the
very next thing it does is another asprintf and frees it immediately.
And uname is not usually under any adversary's control.
fix https://github.com/heimdal/heimdal/issues/1105
‘r->error_code’ might have been set earlier, and we don’t want to
overwrite it with a successful error code.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
If ‘r->error_code’ was zero, we would turn it into an ERR_GENERIC error
and return that to the client. Now we return the actual error code
instead.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
There are a few reasons that this function could fail (e.g., failure to
allocate memory) besides random number generation being unavailable. No
other caller abort()s on failure like this.
Furthermore, krb5_generate_random_block(), which is called by
krb5_generate_random_keyblock(), already aborts if random generation
fails.
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
This helps with certain automation tools, such as ansible, that usually
expect failure to be visible in stderr.
Other minor changes:
* replace "doesn't" with "does not" to keep messages consistent and
avoid escaping quotes in grep, etc.
* add newlines
Pretty sure it is not useful for applications to be able to write to
this.
However, caveat: this could break programs that expect to pass around
&heimdal_version or &heimdal_long_version to functions that expect
pointers to non-const objects even if they don't modify them.
