Commit Graph

17578 Commits

Author SHA1 Message Date
Noel Power
965bb515ed PY3: iterkeys -> keys
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from Samba commit d20e85d008e1b7badbea5ada8b22639f7767a097)
2018-12-14 16:39:55 -06:00
Noel Power
f7c2860a36 PY3: dict has no iterkeys method
Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from Samba commit c6884138e4c1aec80e8f99ef0978b43919ae9d3a)
2018-12-14 16:39:55 -06:00
Andrew Bartlett
de4fbc9514 lib/krb5: Do not re-send the AS-REQ if fast was disabled
Without this, in an AS-REQ that has no local key for FAST
we would send the AS-REQ again, which can bump the bad
password count on the KDC twice.

So only try again if FAST was actually tried.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2018-12-14 16:38:43 -06:00
Olly Betts
7ad6c01a8d Fix assorted typos 2018-12-14 17:30:14 -05:00
Quanah Gibson-Mount
8d8920b079 Fixes https://github.com/heimdal/heimdal/issues/376 2018-12-14 16:03:34 -05:00
Rod Widdowson
136f8fb550 Windows: Avoid using deprecated function.
In VC15 GetVersionEx has been deprecated. In order to continue to
support Win2K use the undeprecated VerifyVersionInfoW API
(available since Win2K).

Inline helper functions used in latest Win10 SDK to simplify code.
2018-12-14 06:38:59 -05:00
Benjamin Kaduk
e21866f7a2 GSS unwrap: wipe copy of DES key when done with it
Zero out the DES_cblock structure instead of the (not yet used at this point
in the function) key schedule.  The contents could potentially be left
on the stack in the case of an error return from _gssapi_verify_pad().
2018-12-14 06:18:26 -05:00
CUI Hao (Lab)
0f7fc0fba6 Correct "princial" typos. 2018-10-08 08:46:37 -04:00
Romain Fihue
b0e4fcd257 hdb-mitdb: Commit 57f1545a broke support of REQUIRES_PWCHANGE during MIT DB imports 2018-10-03 20:03:03 -04:00
Benjamin Kaduk
56fe2f8620 Clear DES key (schedule) in unwrap BAD_MIC case
We generally clear out the cryptographic key and key schedule from
local variables before relinquishing control flow, but this case was
missed.  Reported by jhb@FreeBSD.org.
2018-09-22 13:25:00 -04:00
Jeffrey Altman
1feff82129 roken: gettimeofday using GetSystemTimePreciseAsFileTime
GetSystemTimeAsFileTime() has 16ms precision.

GetSystemTimePreciseAsFileTime() has <1ns precision but is only available
on Windows 8 or later.

This change dynamically loads GetSystemTimePreciseAsFileTime() if it is
available.

Change-Id: Ib9c616c01948384e6b256ac9b6023f1e39673613
2018-09-19 00:30:42 -04:00
Simon Wilkinson
07b3e6fd74 Allow zero-length encrypt IOVs in _krb5_evp_encrypt_iov_cts()
The iovec encryption code doesn't handle 0 length iovecs correctly.
Instead of just skipping them, _krb5_evp_encrypt_iov_cts() will spin
on the 0 length iovec.

Modify the _krb5_evp_iov_cursor_expand helper so that iovec expansion
simply skips 0 length iovecs, and make _krb5_evp_iov_cursor_nextcrypt
do the same.

Original bug report and tests from Andrew Bartlett <abartlet@samba.org>
2018-09-18 19:23:31 -04:00
Jeffrey Altman
d570541e3d Update accept_sec_context.c 2018-09-17 18:12:25 -04:00
Markus Moeller
635ac1aa85 Free context in case of error 2018-09-17 18:12:25 -04:00
Markus Moeller
7b4ea9c42f Fix context etype leaks 2018-09-17 18:12:25 -04:00
Günther Deschner
27c6c1e177 s4-heimdal: Fix the format-truncation errors.
../lib/com_err/compile_et.c: In function ‘generate_h’:
../lib/com_err/compile_et.c:138:33: error: ‘%s’ directive output may be truncated writing up to 127 bytes into a region of size 126 [-Werror=format-truncation=]
     snprintf(fn, sizeof(fn), "__%s__", hfn);
                                 ^~     ~~~
../lib/com_err/compile_et.c:138:5: note: ‘snprintf’ output between 5 and 132 bytes into a destination of size 128
     snprintf(fn, sizeof(fn), "__%s__", hfn);
     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../lib/com_err/compile_et.c: In function ‘main’:
../lib/com_err/compile_et.c:234:35: error: ‘.h’ directive output may be truncated writing 2 bytes into a region of size between 1 and 128 [-Werror=format-truncation=]
     snprintf(hfn, sizeof(hfn), "%s.h", Basename);
                                   ^~
../lib/com_err/compile_et.c:234:5: note: ‘snprintf’ output between 3 and 130 bytes into a destination of size 128
     snprintf(hfn, sizeof(hfn), "%s.h", Basename);
     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../lib/com_err/compile_et.c:235:35: error: ‘.c’ directive output may be truncated writing 2 bytes into a region of size between 1 and 128 [-Werror=format-truncation=]
     snprintf(cfn, sizeof(cfn), "%s.c", Basename);
                                   ^~
../lib/com_err/compile_et.c:235:5: note: ‘snprintf’ output between 3 and 130 bytes into a destination of size 128
     snprintf(cfn, sizeof(cfn), "%s.c", Basename);
     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13437

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Jun  8 13:23:51 CEST 2018 on sn-devel-144
(cherry picked from Samba commit 7ddbf6035dfec6806536f99d0257245f70661363)
2018-09-10 21:18:39 -04:00
Chris Lamb
7f834b63cc Correct "explicity" typos.
Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from Samba commit 45b14b18fe3f01ae8ea22afcd112205b8a4cf9bc)
2018-09-10 14:42:18 -04:00
Chris Lamb
6d4da04566 Correct "existence" typos.
Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from Samba commit 5482e5426e09667d26e04dd0c6e0107e46e1028f)
2018-09-10 14:42:18 -04:00
Chris Lamb
946caad7d0 Correct "extention" typos.
Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from Samba commit afa9bb4ac55d616fe7816e3830bab5e3a51aed7a)
2018-09-10 14:42:18 -04:00
Chris Lamb
aa119d1792 Correct "doesnt" typos.
Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
(cherry picked from Samba commit c4feed0b8cb6df71e14a30c07e4b5560368f54cc)
2018-09-10 14:42:18 -04:00
Chris Lamb
276476c595 Correct "updateing" typos.
Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

(cherry-picked from Samba commit fccdf34a0f7ebe510769743a99b9ef2da2a20045)
2018-09-10 14:42:18 -04:00
Chris Lamb
18619449e9 Correct "unavaible" typos.
Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

(cherry-picked from Samba commit 5c20790272456e547afb0ad72fb9284e2f14de30)
2018-09-10 14:42:18 -04:00
Chris Lamb
2f3f88e53a Correct "allignment" typos.
Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

(cherry-picked from Samba commit 8fcc49ecd44e69d7f9ada212c63896e0dcf488a4)
2018-09-10 14:42:18 -04:00
Chris Lamb
9c2351eb25 Correct "paramaters" typos.
Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>

(cherry-picked from Samba commit e0366ea49d5daa8fbf8b2ca22b1d3c77cc2daf9a)
2018-09-10 14:42:18 -04:00
Andrew Bartlett
d99b8acd1c do not dereference NULL pointer modules if we do not have dlopen
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2018-09-10 14:40:51 -04:00
Gary Lockyer
1c8cae58cc heimdal: Use #ifdef HAVE_DLOPEN around functions and variables used by HAVE_DLOPEN
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
2018-09-10 14:40:51 -04:00
Viktor Dukhovni
492910ec1e Don't lose error status in kadm5_s_init_with_context
If either krb5_parse_name() or _kadm5_acl_init() fail
we could return success and a NULL kadm5_handle.
2018-08-05 14:37:04 -04:00
Jeffrey Altman
0f91fefe42 Update ipropd_slave.c 2018-07-29 19:51:10 -04:00
Daria Phoebe Brashear
ee6f7402ca ipropd_slave: open hdb around kadm5_log_init in case recovery needed
log_init in the event a log is found will do recovery. kadm5_log_replay
will call methods which expect an hdb_db to be set but without this
none is
2018-07-29 19:51:10 -04:00
Jeffrey Altman
1d4ebc0df7 lib/krb5: restore krb5_context_data field ordering to match 7.x
The struct krb5_context_data field can be passed to plugins
which might not be aware of the new structure layout.  To
reduce the risk of data corruption, fields must never be
removed, modified or reordered.  Old unused fields are marked
deprecated and new fields are appended to the end of the structure.

This change moves two fields that were added to master which
are not present in Heimdal 7.x:

fe43be8558 added config_include_depth.

5b39bd7c1d added no_ticket_store.

Change-Id: I28b157e128732324972c99b246a93a828bc077c1
2018-06-08 12:00:38 -04:00
Simon Wilkinson
3046fb914e krb5/crypto: Fix compiler error in new iovec CTS code
Some versions of gcc can't follow the logic in the encryption path
of the _krb5_evp_encrypt_iov_cts code, and believe that it is
possible for the lastpos structure to be used uninitialised.

This isn't actually possible. On entry to the loop, remaining is
guaranteed to be both greater than, and a multiple of blocksize.
In order to exit the loop, remaining must be set to 0. If
cursor.current.length >= remaining, then we set remaining to 0 and
also set lastpos. Otherwise, we calculate the number of whole blocks
in the current iovec, which must be less than remaining, and subtract
that from remaining. Remaining must still be a multiple of and greater
than or equal to blocksize. If remaining == blocksize, we set lastpos,
and set remaining to 0. Otherwise we consume a single block, and go
around again. All of the paths which may set remaining to 0 also
set lastpos, so lastpos must be populated when the loop terminates.

Coverity has a similiar misconception, albeit with ivec2, which is
mistaken for the same reasons.
2018-05-28 08:37:22 -04:00
Simon Wilkinson
f0bc313cef krb5/crypto: Fix a couple of places where return codes weren't
The recent iovec changes introduced a couple of places where return
codes were being incorrectly discarded. Fix them so errors get back
to callers.
2018-05-25 23:46:09 -04:00
Simon Wilkinson
8e301d44b1 krb5: Use iovecs for krb5_decrypt_iov_ivec
When we have an underlying iovec encryption function, use iovecs for
checksum-then-encrypt alogrithms in decrypt_iov_ivec, rather than
coalescing iovecs into a single memory buffer.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
a1c8f029b7 krb5: Add a verify mode for the HMAC_SHA1 checksum
Add a verify operation for this checksum. If a verify operation isn't
defined, then the verify_checksum code has to dynamically allocate and
free a block of memory for the computed checksum, which can be a
significant overhead when performing bulk data encryption.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
c611a23d77 krb5: Add EVP iovec encryption routines
Add iovec routines for both padded CBC, and CTS EVP based encryption.

These routines go to great lengths to minimise the number of times
we call EVP_Cipher. With some EVP implementations (such as OpenSSL's
AES-NI) there is a significant entrance and exit overhead from this
routine, due to the use of SIMD vectors for the ivec.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
57f7373583 krb5: Add an optional encrypt_iov function to encryption types
Add a encrypt_iov function pointer to all of our encryption types
which can be used to implement an iovec based encryption routine.

Modify krb5_encrypt_iov so that it calls the iovec based routine
if it is available.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
62a8fc89bc krb5: Use iovec checksum in krb5_encrypt_iov_ivec
Use the iovec checksum routines in krb5_encrypt_iov_ivec. This
still marshalls all of the iovecs together to perform the encryption
operation, but this change halves the amount of time spent on
data marshalling in this function.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
c45c0d3c66 krb5: Actually 0 padding
When we decide we need to zero the padding iovec, do so with 0, not
with the length that we've determined.

This had no effect because we zero the padding properly later, but it
should be fixed, so that things still work when the later memset() goes
away.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
550067f6d0 krb5: Expand list of vector types that are hashed
So that we can eventually use iovec hashes with encrypt, as well
as sign operations, add CRYPTO_TYPE_HEADER and CRYPTO_TYPE_PADDING
to the list of iovecs which will be hashed.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
2d84fc65bb hcrypto: Make more buffers persist across HMAC operations
If we don't change MD algorithm across two calls to HMAC_Init_ex
using the same context, don't bother reallocating all of our buffers.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
b9b8e76376 krb5: Stash the HMAC context in the krb5_crypto object
Store the EVP HMAC context in the krb5_crypto object so that we
don't have to allocate it for every hashing operating we perform.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
e50faea7f0 krb5: Store a digest context in the crypto structure
Creating and destroying an EVP_CTX_MD structure with every hash
operation is very expensive. Speed things up by caching one within
the krb5_crypto structure. krb5_crypto can already only be safely
used by one thread at a time - adding a message digest context here
shouldn't introduce any further threading risks.

Users of the stashed context must be careful to ensure that they
call no other hash functions whilst they are in the middle of using
the context.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
fa1e998b53 krb5: Implement krb5_verify_checksum_iov with iovecs
Instead of flattening the iovecs passed into
krb5_verify_checksum_iov, create a new internal verify_checksum_iov
function which passes iovecs down onto the individual ->verify or
->checksum functions.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
152a23f2ce krb5: Reorder checks in _key_schedule
_krb5_find_enctype is a moderately expensive operation, as it
does a linear search of the enctype lists. Avoid calling it
in _key_schedule when we already have a key schedule in place.

This change makes the most common check the first in the function.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
aedc1fd4bd krb5: Use iovecs throughout krb5_create_checksum_iov
Rather than flattening the iovecs supplied to
krb5_create_checksum_iov into a malloc()'d memory block, refactor
the function so that they can be passed straight through to the
backend hash functions.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
c2271cfbfb krb5: Use EVP HMAC() function for HMAC-SHA1
Use the EVP HMAC() function that we use for SHA2 HMACs for SHA1 as
well.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
9a66752926 test_rfc3961: Add performance tests for HMAC-SHA1
Add a selection of performance tests for HMAC-SHA1 to the
RFC3961 library tests.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
8f947638c7 krb5: Use iovecs internally for checksum verification
When verifying checksums, pass iovecs through to the individual
verify routines.
2018-05-23 09:54:27 -04:00
Simon Wilkinson
ca756f0f7f krb5: Use iovecs for internal checksum handling
Modify the signature of the checksum operation in the
krb5_checksum_type structure so that it processes iovecs rather than
solid blocks of data.

Update all of the implementations of these functions for all of the
checksum types that we support so that they process iovecs, either
by iterating through the iovec in each function, or by calling
_krb5_evp_digest_iov or _krb5_evp_hmac_iov()

Update callers of these functions so that they turn their single blocks
of data into a single iovec of the correct type before calling checksum
2018-05-23 09:54:27 -04:00
Simon Wilkinson
3484f092e5 krb5: Add _krb5_evp_hmac_iov
Add a function which will perform an HMAC over a set of iovecs,
using the hcrypto provided HMAC functions.

Join contiguous iovecs together before passing them to the hash
function so we make as few calls into the hash as possible.
2018-05-23 09:54:27 -04:00