Commit Graph

16369 Commits

Author SHA1 Message Date
Roland C. Dowdeswell
2656659fc2 Fix a typo in a comment. 2012-05-21 17:12:16 +01:00
Roland C. Dowdeswell
ac18aa10dc Eliminate unused variable warning. 2012-05-21 13:33:42 +01:00
Nicolas Williams
a3947acb38 Fix segfault in MIT dump entry parsing code 2012-05-19 21:57:53 -05:00
Roland C. Dowdeswell
21b7863935 kadm5_s_get_principals() is a read only operation, so open the HDB in r/o mode. 2012-05-18 17:13:30 +01:00
Roland C. Dowdeswell
fde1d8cb72 Fix locking issues in DB3 HDB backend.
Multiple concurrent writers would cause the HDB to become corrupted
as the locking was not sufficient to prevent these sorts of issues
from occurring.  We fix this in a similar way to the prior DB1 patch.
2012-05-18 13:03:23 +01:00
Roland C. Dowdeswell
1f63d6e4dc Fix locking issues in DB1 HDB backend.
Multiple concurrent writers would cause the HDB to become corrupted
as the locking was not sufficient to prevent these sorts of issues
from occurring.  We have changed the locking to obtain the appropriate
kind of lock on database open and to hold that lock until the
database closes.  We need to do this as Berkeley DB 1.85 will cache
information from the database in memory and if if this information
is updated without our knowledge then our later writes will corrupt
the database.  We speculate that there would be issues with a single
writer and reader but did not reproduce them.
2012-05-18 12:39:08 +01:00
Marco Molteni
894008ab82 Add doxygen and source comments to some functions of the krb5 API
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2012-05-09 08:15:42 +02:00
Nicolas Williams
57f1545a46 Add support for writing to KDB and dumping HDB to MIT KDB dump format
Before this change Heimdal could read KDBs.  Now it can write to
    them too.

    Heimdal can now also dump HDBs (including KDBs) in MIT format, which
    can then be imported with kdb5_util load.

    This is intended to help in migrations from MIT to Heimdal by
    allowing migrations from Heimdal to MIT so that it is possible
    to rollback from Heimdal to MIT should there be any issues.  The
    idea is to allow a) running Heimdal kdc/kadmind with a KDB, or
    b) running Heimdal with an HDB converted from a KDB and then
    rollback by dumping the HDB and loading a KDB.

    Note that not all TL data types are supported, only two: last
    password change and modify-by.  This is the minimum necessary.
    PKINIT users may need to add support for KRB5_TL_USER_CERTIFICATE,
    and for databases with K/M history we may need to add KRB5_TL_MKVNO
    support.

    Support for additional TL data types can be added in
    lib/hdb/hdb-mitdb.c:_hdb_mdb_value2entry() and
    lib/hdb/print.c:entry2mit_string_int().
2012-05-03 14:24:18 -05:00
Roland C. Dowdeswell
2c5ec44d39 Look for auth_to_local in the default realm's realm section...
...rather than the authenticated principal's realm section.  We do
this both to maintain compatibility with MIT and because it makes
more sense.  We should likely also fix the auth_to_local_names as
cursory inspection reveals that it has the same incompatibility.
2012-04-19 23:43:12 +01:00
Jeffrey Altman
9be792055c generated files must #include config if supported
The source files generated by compile_et and asn1-compile must
begin with:

  #ifdef HAVE_CONFIG_H
  #include <config.h>
  #endif

This permits conditional includes based on HAVE_STDINT_H and
HAVE_UNISTD_H to work.

Change-Id: Iefe25317ac3cb1970793748b8318174bcd7a087f
2012-04-10 17:17:33 -04:00
Jeffrey Altman
8e2762f907 Fix Windows build of mcache.c
Commit c04aa9e082 specified the
mutex type, pthread_mutex_t, directly instead of using the
abstraction, HEIMDAL_MUTEX.

Change-Id: Iedfc46163140cf23014d357cc8ccc9f0e6224327
2012-04-10 15:41:23 -04:00
Love Hörnquist Åstrand
c04aa9e082 more mutex locking from Jaudeep Padhye 2012-04-05 23:10:33 -07:00
Samuel Thibault
fbf44ea51d Fix compilation of kafs on Hurd.
kafs now defines two ioctls, define the GNU _IOT constants.

This was originally submitted to the Debian Heimdal package:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=483281

Signed-Off-By: Jelmer Vernooij <jelmer@debian.org>

Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
2012-04-05 22:55:01 -07:00
Russ Allbery
39460d0045 Remove duplicate __gss_krb5_mechanism_oid_desc definition
__gss_krb5_mechanism_oid_desc is now defined in gssapi/gssapi_oid.h,
so remove the definition in gssapi/gssapi_krb5.h in favor of including
that header.

Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
2012-04-05 22:55:01 -07:00
Roland C. Dowdeswell
67d9094665 Allow hxtool to process multiple --pk-init-principal args. 2012-04-05 20:20:19 +01:00
Viktor Dukhovni
eee3333b76 Handle multiple SANs correctly in KDC pkinit certs
Signed-off-by: Roland C. Dowdeswell <elric@imrryr.org>
2012-04-05 20:20:00 +01:00
Simon Wilkinson
10133ece1a hcrypto: Use correct size for memset in md2
md2.c was doing memset(m, 0, sizeof(m)), and so was only clearing
the first 4 bytes of the passed md2 structure in MD2_Final. Fix
this to clear the entire structure, as expected.
2012-03-31 19:06:59 -04:00
Nicolas Williams
ef9012aef5 Fix ipropd-slave assert when doing del_enctype
Change a paranoid heim_assert into something better.  Update block
    comment.

    Next commit: add a test for del_enctype and iprop.
2012-03-15 18:57:32 -05:00
Nicolas Williams
3f86831c6c Fix earlier fix for not passing forwardable and friends in TGS-REQs 2012-03-14 23:45:31 -05:00
Jeffrey Altman
8257cc2232 Plugin functions should be KRB5_LIB_CALL
Plugin functions should be KRB5_LIB_CALL for speed on Windows.

Change-Id: Iaa4dcf73fd2e29e3f95feede5217eac4eaded4e2
2012-03-13 23:56:11 -04:00
Jeffrey Altman
cb6f7ea40e do not include stdint.h unprotected
In most cases stdint.h should be inherited from roken.h.
In those cases where it cannot be, it must be protected by
  #ifdef HAVE_STDINT_H

Change-Id: I46cbaeab1d65939468f84179aeeef7e4f898b0bb
2012-03-13 23:54:27 -04:00
Love Hörnquist Åstrand
25e533421a wrap SOL_SOCKET, SO_PEERCRED in ifdef __linux__ 2012-03-11 10:18:43 -07:00
Love Hörnquist Åstrand
faf39cf6ce wrap __weak_alias with _LIBC 2012-03-11 10:13:47 -07:00
Love Hörnquist Åstrand
979de1dfd0 wrap __weak_alias with _LIBC 2012-03-11 10:13:42 -07:00
Love Hörnquist Åstrand
472141be03 log each error message that is on a very high debug level 2012-03-10 10:23:57 -08:00
Love Hörnquist Åstrand
7b411b3993 fixup logic for prompting for password 2012-03-10 09:59:34 -08:00
Roland C. Dowdeswell
92b243a638 We must unlock before close. 2012-03-07 11:17:26 +00:00
Love Hörnquist Åstrand
a20fe9b0ad assert refcount != 0 2012-03-06 19:50:15 -08:00
Roland C. Dowdeswell
0c0a4ff071 Add require-pwchange flag to HDB and honour it if present in mit-db:.
Also remove +requires_pwchange on passwd changes.
2012-03-06 11:39:20 +00:00
Roland C. Dowdeswell
6de861263a Provide support for enctype aliases for ease of use.
This should be compatible with MIT krb5 at least from my memory.
2012-03-06 09:34:43 +00:00
Love Hörnquist Åstrand
4d749f20e6 make header rebuilding work with automake 2012-02-29 22:03:00 -08:00
Love Hörnquist Åstrand
25fc1a6464 rebuild krb5-protos.h and krb5-private.h if in maintainer-mode 2012-02-29 21:56:07 -08:00
Love Hörnquist Åstrand
65987846fd make bind principal a common function 2012-02-28 00:03:20 -08:00
Roland C. Dowdeswell
5b2d65fa2b We need to remove +requires_pwchange on passwd changes. 2012-02-27 11:04:24 +00:00
Roland C. Dowdeswell
0da84c0c3a Add require-pwchange flag to HDB and honour it if present in mit-db:. 2012-02-27 10:19:54 +00:00
Roland C. Dowdeswell
91f2de8d1a Remove libedit's aclocal.m4 and ltmain.sh as they are generated. 2012-02-25 20:33:52 +00:00
Roland C. Dowdeswell
932c4c1859 We use a struct defined in sys/un.h. 2012-02-25 17:19:44 +00:00
Roland C. Dowdeswell
12b24ad876 Add a server side implementation of kadm5_create_principal_3(). 2012-02-24 18:56:30 +00:00
Roland C. Dowdeswell
800a4e5c94 We're free(3)ing the wrong ptr, here. 2012-02-24 18:56:29 +00:00
Roland C. Dowdeswell
1017d42b18 We honour settings to specify the location of the KDB and stash file. 2012-02-24 18:56:25 +00:00
Roland C. Dowdeswell
e8779d5d4a Add -Wshadow and deal with the warnings. 2012-02-21 11:17:55 +00:00
Roland C. Dowdeswell
cc47c8fa7b Turn on -Wextra -Wno-sign-compare -Wno-unused-paramter and fix issues.
We turn on a few extra warnings and fix the fallout that occurs
when building with --enable-developer.  Note that we get different
warnings on different machines and so this will be a work in
progress.  So far, we have built on NetBSD/amd64 5.99.64 (which
uses gcc 4.5.3) and Ubuntu 10.04.3 LTS (which uses gcc 4.4.3).

Notably, we fixed

	1.  a lot of missing structure initialisers,

	2.  unchecked return values for functions that glibc
	    marks as __attribute__((warn-unused-result)),

	3.  made minor modifications to slc and asn1_compile
	    which can generate code which generates warnings,
	    and

	4.  a few stragglers here and there.

We turned off the extended warnings for many programs in appl/ as
they are nearing the end of their useful lifetime, e.g.  rsh, rcp,
popper, ftp and telnet.

Interestingly, glibc's strncmp() macro needed to be worked around
whereas the function calls did not.

We have not yet tried this on 32 bit platforms, so there will be
a few more warnings when we do.
2012-02-20 19:45:41 +00:00
Nicolas Williams
8ce8cb509a Fix a compiler warning in lib/roken/snprintf.c on 32-bit Ubuntu 2012-02-16 18:47:58 -06:00
Nicolas Williams
f13924f267 Fix TGS client to request renewable/forwardable/proxiable if possible
This is necessary because some applications actually need or run
    better with renewable service tickets.  kca is an example
    application; AFS tokens are also another example.
2012-02-16 18:47:58 -06:00
Love Hörnquist Åstrand
a802c4799d Log client status changes 2012-02-15 21:05:05 -08:00
Love Hörnquist Åstrand
bf37778dbd make ipropd_slave tell its status in a status file
The ipropd_slave will log its status to /var/heimdal/ipropd-slave-status
if its connecting, up to date, or disconnected.

The master will now also confirm to slaves that are are in fact up to date
if they just restart, before there was no confirmation, the slave just didn't
get any deltas.
2012-02-15 20:59:54 -08:00
Roland C. Dowdeswell
0e92c9abd2 Take care of a compiler warning. 2012-02-15 10:58:00 +00:00
Roland C. Dowdeswell
88d3a31c17 make check fails if USER environment variable unset.
getxxyyy.c uses the USER environment variable to determine a user
to test getpwnam_r().  If this variable is unset then the test will
seg fault.  We work around this issue by defaulting to ``root'' if
USER is not set.  This is not perfect as root may not exist on the
system but given that user does exist on most systems, this is the
best default that we can choose if we have no other options available.
2012-02-14 09:30:05 +00:00
Nicolas Williams
f4ba41ebdd Pluggable libheimbase interface for DBs and misc libheimbase enhancements
[Code reviewed by Love Hörnquist Åstrand <lha@kth.se>]

    Added heim_db_*() entry points for dealing with databases, and
    make krb5_aname_to_localname() use it.

    The following enhancements to libheimbase are included:

     - Add heim_data_t and heim_string_t "reference" variants to
       avoid memory copies of potentially large data/strings.

       See heim_data_ref_create() and heim_string_ref_create().

     - Added enhancements to heim_array_t to allow their use for
       queues and stacks, and to improve performance.  See
       heim_array_insert_value().

     - Added XPath-like accessors for heim_object_t.  See
       heim_path_get(), heim_path_copy(), heim_path_create(), and
       heim_path_delete().  These are used extensively in the DB
       framework's generic composition of ACID support and in the
       test_base program

     - Made libheimbase more consistent with Core Foundation naming
       conventions.  See heim_{dict, array}_{get, copy}_value() and
       heim_path_{get, copy}().

     - Added functionality to and fixed bugs in base/json.c:
        - heim_serialize();
        - depth limit for JSON parsing (for DoS protection);
        - pretty-printing;
        - JSON compliance (see below);
        - flag options for parsing and serializing; these are needed
          because of impedance mismatches between heim_object_t and
          JSON (e.g., heim_dict_t allows non-string keys, but JSON
          does not; heimbase supports binary data, while JSON does
          not).

     - Added heim_error_enomem().

     - Enhanced the test_base program to test new functionality and
       to use heim_path*() to better test JSON encoding.  This
       includes some fuzz testing of JSON parsing, and running the
       test under valgrind.

     - Started to add doxygen documentation for libheimbase (but doc
       build for libheimbase is still incomplete).

    Note that there's still some incomplete JSON support:

     - JSON string quoting is not fully implemented;

     - libheimbase lacks support for real numbers, while JSON has
       it -- otherwise libheimbase is a superset of JSON,
       specifically in that any heim_object_t can be a key for an
       associative array.

    The following DB backends are supported natively:

     - "sorted-text", a binary search of sorted (in C locale), flat
       text files;

     - "json", a backend that stores DB contents serialized as JSON
       (this is intended for configuration-like contents).

    The DB framework supports:

     - multiple key/value tables per-DB
     - ACID transactions

    The DB framework also natively implements ACID transactions for
    any DB backends that a) do not provide transactions natively, b)
    do provide lock/unlock/sync methods (even on Windows).  This
    includes autocommit of DB updates outside transactions.

    Future DB enhancements may include:

     - add backends for various DB types (BDB, CDB, MDB, ...);

     - make libhdb use heim_db_t;

     - add a command-line tool for interfacing to databases via
       libheimbase (e.g., to get/set/delete values, create/copy/
       backup DBs, inspect history, check integrity);

     - framework-level transaction logging (with redo and undo
       logging), for generic incremental replication;

     - framework-level DB integrity checking.

       We could store a MAC of the XOR of a hash function applied to
       {key, value} for every entry in the DB, then use this to check
       DB integrity incrementally during incremental replication, as
       well as for the whole DB.
2012-02-05 16:26:32 -06:00
Nicolas Williams
9323ca9341 Fix krb5_kuserok() ~/.k5login check for luser==root 2012-01-18 23:24:22 -06:00