Commit Graph

17769 Commits

Author SHA1 Message Date
Jeffrey Altman
c59dd0b36c lib/hx509: hx509_request_get_san handle strpool on error
_hx509_unparse_utf8_string_name() and
_hx509_unparse_KRB5PrincipalName() can return a strpool even if
they fail.  The strpool must be passed through rk_strpoolcollect()
in order to return the contents to the caller of
hx509_request_get_san().

Change-Id: Ifda5620f4e9e00ca188aa138f692fccc12621ae8
2022-01-16 21:49:34 -05:00
Jeffrey Altman
708d9b4042 hx509_request_get_san can return an output string on failure
Tighten up all of the call sites of hx509_request_get_san()
to free the output string returned upon failure.

Use frees(&s) instead of free(s); s = NULL;.

Change-Id: I71035d7c1d2330a1a3a1b3b730cdd6ba1e6b7da3
2022-01-16 21:49:10 -05:00
Jeffrey Altman
3065730b8a lib/kadm5: find_db_spec do not leak 'info'
If a memory allocation failure occurs 'info' is leaked.

Change-Id: Ie9cfff3f7d63a1af8e053d47d5ff66411916a795
2022-01-16 21:03:00 -05:00
Jeffrey Altman
1247ca977c lib/kadm5: kadm5_ad_init_with_password_ctx free 'ctx'
kadm5_ad_destroy() frees the contents of the kadm5_ad_context
but not the kadm5_ad_context itself.

Change-Id: I70dc1fc0236166ed9725f681dfeb935f449e38cb
2022-01-16 20:09:12 -05:00
Jeffrey Altman
7c01b2af68 lib/kadm5: _kadm5_c_get_cred_cache free 'client'
If the cache principal name cannot be determined free the client
principal created from the input client name.

Change-Id: I75f96ef9f490bd9eb761a900e7a26250f1ac2b9c
2022-01-16 20:01:45 -05:00
Jeffrey Altman
f466b43975 lib/krb5: fallback_get_hosts free addrinfo if gTLD collision or error
If getaddrinfo() succeeds and returns the gTLD name collision
address the result is ignored but the allocated addrinfo was not
freed.

If allocation of the krb5_krbhst_info structure fails the addrinfo
would also be leaked.

Change-Id: I94111e081cba9548f57ad7b7e7cbea3faab7502c
2022-01-16 19:50:40 -05:00
Jeffrey Altman
9c27eaa079 lib/krb5: krb5_rc_store always fclose(f)
Change-Id: Ibc4864e97e6ada0ef09b0610669eabb1a52f896e
2022-01-16 19:37:44 -05:00
Jeffrey Altman
0a088b9b61 lib/krb5: make_pa_tgs_req do not pass ptr to in param to allocator
_krb5_mk_req_internal() accepts a (krb5_auth_context *) because
it can allocate and return a krb5_auth_context to the caller.
mkae_pa_tgs_req() should never be called with a non-NULL
krb5_auth_context but to avoid confusion, alter the signature
to accept a (krb5_auth_context *) instead of (krb5_auth_context)
so _krb5_mk_req_internal() is not called with a pointer to an
input parameter.

Change-Id: I6c2293529766eb06a9eebf41715533d8195b1f72
2022-01-16 19:31:34 -05:00
Jeffrey Altman
5838fcaa61 lib/krb5: build_logon_name use common 'out' do not leak 's2'
CHECK(ret, func(), label) jumps to the label if the function
returns non-zero.  As a result it bypasses the free(s2) call.
Use the common out label to free(s2).

Change-Id: I9a79df669e6407a82991f4a849fc16a0afaae561
2022-01-16 19:13:26 -05:00
Jeffrey Altman
6be242d46e lib/krb5: _krb5_pk_set_user_id free 'str' not 'name'
if der_print_hex_heim_integer() failed the wrong variable
would be freed.

Change-Id: I706c910423bd1f79fa7ce41af78c2f5bca24dfa5
2022-01-16 19:05:06 -05:00
Luke Howard
15f37ce09b krb5: fix hx509_free_error_string() usage
Fix build error in 7fb4698a: hx509_free_error_string() does not take a context
argument.

Change-Id: Ib24713d2425f53eb69fc9ebfc7cc1af3272b6271
2022-01-17 10:24:44 +11:00
Jeffrey Altman
800515b033 lib/krb5: akf_add_entry do not leak 'fd'
5be5faa722
("Use all DES keys, not just des-cbc-md5, verify that they all are the same.")
introduced a common out but missed a code path.

Change-Id: I27c1913c8cf87600ae34c42874bfc9d49ae1d22e
2022-01-16 18:08:50 -05:00
Luke Howard
7432589757 krb5: zeros is static, does not need explicit initializer 2022-01-17 10:05:59 +11:00
Luke Howard
ab042dca36 gss_preauth: use memset rather than {0} to initialize cb 2022-01-17 10:05:59 +11:00
Jeffrey Altman
7fb4698aa3 lib/krb5: gen_priv_key do not leak error string
hx509_get_error_string() returns an allocated string that must
be freed with hx509_free_error_string().

Change-Id: Ib24713d2425f53eb69fc9ebfc7cc1af3272b6271
2022-01-16 17:48:13 -05:00
Jeffrey Altman
c844a1c62b lib/krb5: load_priv_key do not leak error string
hx509_get_error_string() returns an allocated string that must
be freed with hx509_free_error_string().

Change-Id: I58d160ce1b09c48b587e8adce74277f6da469ceb
2022-01-16 17:45:21 -05:00
Jeffrey Altman
c8956523a1 lib/krb5: scc_alloc do not leak 'freeme'
Introduce a common 'out' label to avoid leaking 'freeme'.

Change-Id: I8d58efc75125ee553b462372ad160394013f9a3a
2022-01-16 17:36:17 -05:00
Jeffrey Altman
5667e80742 lib/krb5: fkt_remove_entry do not leak 'emsg'
7ae2dfd853
("krb5: Fix error msg when removing keytab entries") allocated
'emsg' to prevent the leak but then forgot to use it in place
of the original krb5_get_error_message() call.

Change-Id: I0b5acdab54d75399be970837a421740f2ad7d73b
2022-01-16 17:12:34 -05:00
Jeffrey Altman
43592b2e78 lib/krb5: pa_gss_step do not leak 'from' if unparse cname fails
Change-Id: I9edcaab26b5197265dabc5feae0f83fd1c60686c
2022-01-16 17:07:05 -05:00
Jeffrey Altman
8eaecdaa59 lib/krb5: srv_find_realm do not leak 'r' if unreachable
Change-Id: I6e16676c9cb820d6a25820523608cb9854fa2ce4
2022-01-16 17:04:04 -05:00
Jeffrey Altman
e8ccb2b86b lib/kadm5: send_diffs() init 'ver'
warning: ‘ver’ may be used uninitialized in this function [-Wmaybe-uninitialized]

'ver' can be uninitialized if get_right() fails.

Change-Id: If6019cc3c491b8be321ff3e08f3d27292f0f1f95
2022-01-16 15:54:53 -05:00
Jeffrey Altman
c822b9bc96 gssapi/krb5: _gsskrb5_inquire_name init 'major'
If no attributes are indicated 'major' is unset.  Default to
GSS_S_UNAVAILABLE.

Change-Id: I277ebdebab0fb0322b702638c57548d1f4c4be3d
2022-01-16 15:54:47 -05:00
Jeffrey Altman
085cf47738 lib/krb5: get_cred_kdc use memset to initialize 'rep'
Change-Id: Icc211f165c7aff1b0268b4c6df12eb976df2f8bd
warning: missing braces around initializer [-Wmissing-braces]
warning: (near initialization for 'rep.kdc_rep') [-Wmissing-braces]
warning: missing initializer for field 'enc_part' of 'krb5_kdc_rep' [-Wmissing-field-initializers]
2022-01-16 15:39:11 -05:00
Jeffrey Altman
14cb8eef60 lib/base: heim_audit_trail init all fields of 'kvb' before use
Change-Id: I7a3cdb038eb441a394a41c52a488ed98f87dbebd
2022-01-16 15:36:02 -05:00
Jeffrey Altman
7ae24732c7 clang-format generated hdb, spnego and krb5 asn1.c files
Alphabetically sorted the $(spnego_files), $(gssapi_files), and $(gen_files_hdb)
lists.

Added rules to execute clang-format when available on the included files.

Change-Id: If3cde862f3237bc7cd100bc82d4fbbf568f1a354
2022-01-16 15:11:22 -05:00
Nicolas Williams
bb791ee52c hcrypto: dlclose(dso) at ENGINE finish time 2022-01-16 14:08:22 -06:00
Nicolas Williams
febdcd4cbd cf: Make clang-format style common makefile macro 2022-01-16 14:07:03 -06:00
Nicolas Williams
940aea6653 gss: clang-format ASN.1 compiler outputs 2022-01-16 14:07:03 -06:00
Nicolas Williams
2065d02aaf hdb: clang-format ASN.1 compiler outputs 2022-01-16 14:07:03 -06:00
Nicolas Williams
fcfd380d15 asn1: Better clang-format / makefile pattern 2022-01-16 13:41:37 -06:00
Jeffrey Altman
32e1604e76 lib/ipc: heim_sipc_stream_listener 'ct' lifecycle
return failure if calloc() fails

do not leak 'ct' if called with invalid 'type'

Change-Id: I384f80a51c6ec1d0980cce645c41ff3f6006fd3e
2022-01-16 00:56:16 -05:00
Jeffrey Altman
041f6d5c7c lib\krb5: krb5_parse_address out of order parameters
fix the order of parameters passed to krb5_eai_to_heim_errno

Change-Id: I31271283f3f31fcb0345dd766bc511825ddd362d
2022-01-16 00:51:22 -05:00
Jeffrey Altman
363bc7d983 handle negative return values
do not pass negative values to malloc

do not pass negative values to strerror

do not pass negative values to ftruncate

do not pass negative values to fclose

Change-Id: I79ebef4e22edd14343ebeebb2ef8308785064fe8
2022-01-16 00:48:09 -05:00
Jeffrey Altman
f341fa7721 prevent unintended sign extension errors
When an unsigned char is shifted << 24 bits its type will be
promoted to signed 32-bits.   If the value is then assigned to
an unsigned 64-bit value sign extension will occur.

Prevent the unwanted sign extension by explicitly casting the
value to unsigned long before shifting.

Change-Id: Iabeac0f17dc3229a2dc89abe71960a8ffbf523f8
2022-01-16 00:23:05 -05:00
Jeffrey Altman
3707c52ea7 lib/hcrypto: ENGINE_by_dso do not leak handle
Must dlclose(handle) before returning even if 'engine' is
returned to caller.

Change-Id: I169044a768934e9b7774a323fe6c855fd07a09e4
2022-01-16 00:05:07 -05:00
Jeffrey Altman
19eae8b4a9 lib/hcrypto: BN_set_word return false if input 'bn' is NULL
If the input 'bn' is NULL then BN_bin2bn() will allocate and
return a BIGNUM which will then be leaked.   BN_set_word()
would then return true even though it didn't set the word
into a BIGNUM known to the caller.

Change-Id: I6681f548e6bfb330cec009ae7c18e6151016179e
2022-01-15 23:17:26 -05:00
Jeffrey Altman
2660580507 lib/otp: opt_md_init do not leak ctx if malloc fails
Change-Id: I21d7d50e11430bea18832854d817405b761c254c
2022-01-15 22:49:56 -05:00
Jeffrey Altman
fe76d53316 lib/asn1: pass correct size to mergesort_r
introduced by df3e08485b
("asn1: Add support for decoration w/ external types")

Change-Id: I6cd8b56766e4aabddb9c523cd3b4fe203d988afe
2022-01-15 22:45:59 -05:00
Nicolas Williams
a31db2af0d asn1: Allow CHOICEs to be decorated too
Prior to this commit only those C structs for SET and SEQUENCE types
could be decorated.  Now those for CHOICE types also can be decorated.

We could further extend this to SET OF and SEQUENCE OF types if it
proves useful.
2022-01-15 21:09:12 -06:00
Jeffrey Altman
1685c34b0d remove (krb5_enctype) cast for ETYPE_xxx
Now that ETYPE_xxx names are macros to the KRB5_ENCTYPE_xxx
symbols there is no longer a need to cast to (krb5_enctype).

Change-Id: Ib561f6e45346abac7a53eb1db0bfef60ee3bcb74
2022-01-15 22:05:50 -05:00
Jeffrey Altman
90e51a3d18 krb5.h: do not use anonymous enum for alternate E[NC]TYPE names
Use of an anonymous enum for ETYPE_xxx and ENCTYPE_xxx alternative
names results in loss of the original KRB5_ENCTYPE_xxx type.
Use CPP macros instead.

Change-Id: I84620aabd672db1d2cd0ff7a65f3ae8b34c0c684
2022-01-15 22:05:50 -05:00
Jeffrey Altman
7145a8e908 gssapi/mech: mech_locl.h roken.h must be included earlier
If included roken.h should be immediately following config.h.
Doing so ensures that all platform specific headers are
included in the proper order and avoids unnecessary includes
of headers managed by roken.h.

Change-Id: I27f11b42300b6ebcfbcc8d2c53915e96b6eec1d9
2022-01-15 21:24:10 -05:00
Luke Howard
867457871a krb5: make krb5_pac a heim_object_t
Make krb5_pac a heim_object_t and use heim_retain() (i.e. reference count +1)
as the copy constructor for the type decoration.

Note: this assumes that PACs included in naming attributes are immutable.
2022-01-15 18:54:57 +11:00
Luke Howard
5a952ee7b5 krb5: decorate PrincipalNameAttrs with krb5_pac
Add krb5_pac to PrincipalNameAttrs to avoid needing to re-parse it each time
gss_get_name_attribute() is called.
2022-01-15 18:54:57 +11:00
Luke Howard
0e8c4ccc6e hdb: eliminate hdb_entry_ex
Remove hdb_entry_ex and revert to the original design of hdb_entry (except with
an additional context member in hdb_entry which is managed by the free_entry
method in HDB).
2022-01-15 18:54:57 +11:00
Luke Howard
c5551775e2 hdb: decorate HDB_entry with context member
Decorate HDB_entry with context and move free_entry callback into HDB structure
itself. Requires updating hdb_free_entry() signature to include HDB parameter.
A follow-up commit will consolidate hdb_entry_ex (which has a single hdb_entry
member) into hdb_entry.
2022-01-15 18:54:57 +11:00
Jeffrey Altman
923067e099 lib/kadm5: kadm_connect do not close 's' more than once
If 's' is closed before exiting, it must be set to rk_INVALID_SOCKET.

Change-Id: I63caf992aa3a6b2c86c918a660025fc054d396d6
2022-01-14 23:21:16 -05:00
Nicolas Williams
a4e6c33780 asn1: Fix double-free in asn1parse.y 2022-01-14 22:16:50 -06:00
Jeffrey Altman
9f3004bfd5 gssapi/krb5: _gsskrb5_export_sec_context copy/paste error
80f3194a76
("gssapi/krb5/{export,import}_sec_context: make smaller tokens.")
stored the source principal when it should have stored the target
principal.

Change-Id: Ife6b137f9fe8f63cdb78b4212f74d502080ec2a2
2022-01-14 23:01:30 -05:00
Luke Howard
4891d713fb bn_s_mp_rand_platform.c: s_read_urandom: correctly handle split read
s_read_urandom has a while loop to handle read() that returns less
than the full buffer (either due to EINTR or because more than the
atomic guarantee from urandom was requested). However, the target
of the read was always the base pointer p instead of the updated
pointer q, so in the end less than the requested randomness is returned.

Use q instead of p in the read() call.

Upstream pull request:
https://github.com/libtom/libtommath/pull/512

Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2022-01-15 13:38:18 +11:00