oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
31,062 Commits 4 Branches 2 Tags
d2047065bd32bed524d518815ae617a849554bde
Commit Graph

18381 Commits

Author SHA1 Message Date
Nicolas Williams d2047065bd kdc: Fix kinit of principal aliases 2026-01-20 13:48:25 -06:00
Nicolas Williams b02d4d4569 krb5: Add SOCKS4a test 2026-01-20 12:57:01 -06:00
Nicolas Williams 31651f8e61 krb5: Add socksdrawer for testing SOCKS4 2026-01-20 12:57:01 -06:00
Taylor R Campbell c768567929 krb5_set_password: Use target principal for SOCKS4a userid. 
This enables Tor stream isolation.
 2026-01-20 12:57:01 -06:00
Taylor R Campbell 5c5cb66c05 krb5: Set principal as proxy userid when getting creds. 
This enables Tor stream isolation.
 2026-01-20 12:57:01 -06:00
Taylor R Campbell 7321fd71c6 krb5: Default TCP transport to KDC when SOCKS4a proxy is configured. 
Default of UDP transport doesn't work over SOCKS4a anyway, so this
makes configuration with socks4a_proxy easier.
 2026-01-20 12:27:05 -06:00
Taylor R Campbell 3b0d00c743 New option [libdefaults] socks4a_proxy. 
All network traffic to KDC goes through the SOCKS4a proxy if it is
configured.

This is deliberately kept simple -- and is not generalized to SOCKS4
or SOCKS5 or other types of proxies -- so it is easy to audit for
network and DNS leaks.  (SOCKS4 works in IP addresses, and so invites
DNS leaks.  SOCKS5 can be OK, if used judiciously, but takes more
work to implement.)

This only affects krb5_sendto -- the other initiator of network
traffic in libkrb5, krb5_change_password, will be fixed to respect
socks4a_proxy in a subsequent commit.

XXX Need to figure out where the socks4a.c code should go.

fix https://github.com/heimdal/heimdal/issues/1151
 2026-01-20 12:27:05 -06:00
Michael Richardson a0dcf9bffd if a CSR has multiple extRequests, keep only last 
The code already keeps the last entry, but it leaks the previous copies.  @nicowilliams noticed this.
 2026-01-19 00:18:47 -06:00
Nicolas Williams 76db37d833 sanon: Do not acquire creds for GSS_C_NO_NAME 2026-01-18 23:47:40 -06:00
fossdd d233bf84d7 Use <poll.h> insted of <sys/poll.h> 
Acording to POSIX <poll.h> should be used instead of <sys/poll.h>.

Libcs like musl libc added a redict due maintain compat with older
glibcs and added the following warning:

	/usr/include/sys/poll.h:1:2: warning: #warning redirecting incorrect #include <sys/poll.h> to <poll.h> [-Wcpp]
	    1 | #warning redirecting incorrect #include <sys/poll.h> to <poll.h>
	      |  ^~~~~~~

Ref: https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/poll.h.html
 2026-01-18 23:27:57 -06:00
Nicolas Williams bbfc116686 gsskrb5: display_name(NO_NAME) should not crash (fix #1288) 2026-01-18 20:48:42 -06:00
Nicolas Williams fa43b2d3c4 asn1: Fix UB in two tests 2026-01-18 19:06:17 -06:00
Nicolas Williams a1dfcc8453 krb5: Constify krb5_kuserok() 2026-01-18 19:06:17 -06:00
Nicolas Williams 10732be94c gss: Constify gss_str_to_oid() 2026-01-18 19:06:17 -06:00
Taylor R Campbell 5589cf96c7 Sprinkle const and rk_UNCONST throughout the tests. 2026-01-18 19:06:17 -06:00
Taylor R Campbell 56a6e7261b kadm5: Sprinkle const and rk_UNCONST for private string not modified. 2026-01-18 19:06:17 -06:00
Taylor R Campbell 5373ab492f ipc: rk_UNCONST for private string not modified. 2026-01-18 19:06:17 -06:00
Taylor R Campbell a9f37d2597 libroken: Make roken_detach_prep take const char *special_arg. 
Requires an internal rk_UNCONST because of annoying execvp type, but
that's better than rk_UNCONST in all the call sites.
 2026-01-18 19:06:17 -06:00
Taylor R Campbell 5fec8989b5 gssapi: Sprinkle const and rk_UNCONST to pacify -Wwrite-strings. 
All for read-only krb5_data or gss_buffer_desc.
 2026-01-18 19:06:17 -06:00
Taylor R Campbell 9c1b2e963b krb5: Sprinkle const and rk_UNCONST to pacify -Wwrite-strings. 
Mostly for read-only iov or krb5_data.
 2026-01-18 19:06:17 -06:00
Taylor R Campbell 29da785a64 kadm5: Note strict aliasing violation. 2026-01-18 19:06:17 -06:00
Taylor R Campbell 0eb423022f hdb: Label unconst abuse for read-only krb5_data. 2026-01-18 19:06:17 -06:00
Taylor R Campbell 82225829a0 gss_preauth: Label unconst abuse with rk_UNCONST. 2026-01-18 19:06:17 -06:00
Taylor R Campbell cdd1fb8fc4 gssapi/sanon: Sprinkle const and rk_UNCONST. 2026-01-18 19:06:17 -06:00
Taylor R Campbell bbf6150cfd gssapi: Make gss_duplicate_oid{,_set} take gss_const_OID_t. 2026-01-18 19:06:17 -06:00
Taylor R Campbell 04dcda3628 gssapi/spnego: Sprinkle const and rk_UNCONST. 2026-01-18 19:06:17 -06:00
Taylor R Campbell 137939e0d2 gssapi: Make gss_add_buffer_set_member take gss_const_buffer_t. 
`const gss_buffer_t' was probably meant to be gss_const_buffer_t.

XXX This changes the type of a public symbol -- does thiat require a
version bump?
 2026-01-18 19:06:17 -06:00
Taylor R Campbell 34dc2dda57 gssapi/mech: Sprinkle const and rk_UNCONST. 2026-01-18 19:06:17 -06:00
Taylor R Campbell 80545251a0 gssapi/krb5: Sprinkle some const, but mostly label unconst abuse. 2026-01-18 19:06:17 -06:00
Taylor R Campbell d17fed0c7f krb5/log: Note strict aliasing violation. 2026-01-18 19:06:17 -06:00
Taylor R Campbell c199e31fcd krb5/init_creds_pw.c: Label unconst abuse. 
API is just not type-safe here, bummer.
 2026-01-18 19:06:17 -06:00
Taylor R Campbell 18dcaf1ca7 krb5/get_cred: Sprinkle const and label & comment unconst abuse. 2026-01-18 19:06:17 -06:00
Taylor R Campbell 4cb23c61c7 krb5/fcache: Sprinkle const; note strict aliasing violation. 2026-01-18 19:06:17 -06:00
Taylor R Campbell 7726409b5c krb5/store: Label unconst abuse for read-only krb5_data. 2026-01-18 19:06:17 -06:00
Taylor R Campbell 9907e29baa krb5/pac: Label unconst abuse for iov. 2026-01-18 19:06:17 -06:00
Taylor R Campbell 709d317cc9 heim_openlog: Sprinkle const. 2026-01-18 19:06:17 -06:00
Taylor R Campbell 270e0d819c krb5/deprecated: Nix const abuse. 2026-01-18 19:06:17 -06:00
Taylor R Campbell 7ec6b6220d krb5/crypto: Label unconst abuse for iov. 2026-01-18 19:06:17 -06:00
Taylor R Campbell 6da033336e krb5/context: Sprinkle const and note strict aliasing violation. 2026-01-18 19:06:17 -06:00
Taylor R Campbell 5c694deee9 _krb5_load_plugins: Sprinkle const. 2026-01-18 19:06:16 -06:00
Taylor R Campbell 3cc4861888 heim_load_plugins: Sprinkle const. 2026-01-18 19:06:16 -06:00
Taylor R Campbell 9765e2522b asn1: Mitigate const abuse and omit needless casts. 
There's still an abusive rk_UNCONST in _asn1_encode_open_type, but
that will take more effort to untangle.
 2026-01-18 19:06:16 -06:00
Taylor R Campbell f494333624 base/json: Sprinkle const. 2026-01-18 19:06:16 -06:00
Taylor R Campbell a578088705 heim_data_ref_create: Use rk_UNCONST. 
This API is used for both const and non-const strings, depending on
whether there is a deallocator passed or not, so the C type system
can't distinguish this for us.

XXX Perhaps this should be two separate APIs, one which takes
const-qualified pointers and one which takes non-const-qualified
pointers.
 2026-01-18 19:06:16 -06:00
Taylor R Campbell f6d1dfd60f *.l: Fix old-style function definitions of yywrap. 2026-01-18 19:06:16 -06:00
Taylor R Campbell a1d92fefbc Use rk_UNCONST with putenv("...") to pacify -Wwrite-strings. 2026-01-18 19:06:16 -06:00
Taylor R Campbell 7223924aeb roken/hostent_find_fqdn.c: Fix unnecessary const abuse. 2026-01-18 19:06:16 -06:00
Taylor R Campbell ce43ff7b42 roken/getuserinfo.c: Fix various const abuse. 2026-01-18 19:06:16 -06:00
Nicolas Williams 1a82701a91 osx: Fix warnings/errors 2026-01-18 19:06:16 -06:00
Nicolas Williams 76fbb83e86 hx509: Add a JWT fuzzer 2026-01-18 19:06:16 -06:00