Commit Graph

16991 Commits

Author SHA1 Message Date
Nicolas Williams
7b2107fd2d Fix lib/krb5/test_plugin.c test
The resolver plugin doesn't have a way to say "and stop here", so the
lookup done in lib/krb5/test_plugin.c can produce more results than used
to be expected, and indeed nowadays it does.  The fix is to ensure that
we have the desired results and ignore the others.
2016-04-15 10:27:07 -05:00
Nicolas Williams
f064f2d14b Add seed operation for unix RAND method 2016-04-15 00:16:18 -05:00
Nicolas Williams
2f0c45f784 Add thread-locals for WIN32 2016-04-15 00:16:17 -05:00
Nicolas Williams
490337f4f9 Make OpenSSL an hcrypto backend proper
This adds a new backend for libhcrypto: the OpenSSL backend.

Now libhcrypto has these backends:

 - hcrypto itself (i.e., the algorithms coded in lib/hcrypto)
 - Common Crypto (OS X)
 - PKCS#11 (specifically for Solaris, but not Solaris-specific)
 - Windows CNG (Windows)
 - OpenSSL (generic)

The ./configure --with-openssl=... option no longer disables the use of
hcrypto.  Instead it enables the use of OpenSSL as a (and the default)
backend in libhcrypto.  The libhcrypto framework is now always used.

OpenSSL should no longer be used directly within Heimdal, except in the
OpenSSL hcrypto backend itself, and files where elliptic curve (EC)
crypto is needed.

Because libhcrypto's EC support is incomplete, we can only use OpenSSL
for EC.  Currently that means separating all EC-using code so that it
does not use hcrypto, thus the libhx509/hxtool and PKINIT EC code has
been moved out of the files it used to be in.
2016-04-15 00:16:17 -05:00
Nicolas Williams
9df88205ba Fix double-free in lib/hx509/crypto.c 2016-04-15 00:16:16 -05:00
Nicolas Williams
6bbe7f0ffa Implement EVP_CIPH_CTRL_INIT 2016-04-15 00:16:16 -05:00
Nicolas Williams
8033eb298b lib/hcrypto/evp.c: missing MD guards 2016-04-15 00:16:16 -05:00
Nicolas Williams
5c2a3cb25a Always build hcrypto 2016-04-15 00:16:16 -05:00
Nicolas Williams
0f138cf2d5 Add missing hcrypto rename macros 2016-04-15 00:16:15 -05:00
Nicolas Williams
d494f2f679 hcrypto-pkcs11: fix MD4 block size 2016-04-15 00:16:15 -05:00
Nicolas Williams
0b3055fdad hcrypto-pkcs11: rc2_cbc is variable length 2016-04-15 00:16:15 -05:00
Nicolas Williams
1e6f88f721 Fix hcrypto evp_md cleanup call protocol 2016-04-15 00:16:14 -05:00
Nicolas Williams
d3f9bea491 Fix lib/gssapi/ntlm/crypto.c includes 2016-04-15 00:16:14 -05:00
Nicolas Williams
2d52e52401 Always build lib/sqlite in maintainer mode 2016-04-15 00:16:14 -05:00
Nicolas Williams
9f2642acae Fix lib/base/test_base rwlock test 2016-04-15 00:16:14 -05:00
Nicolas Williams
4b37c27515 Make aes-test.c more useful 2016-04-15 00:16:13 -05:00
Jeffrey Altman
15a2537a79 lib/ntlm: double quote backslash in error tables
The error string

  missing @ or \ in name

must have the backslash double quoted as

  missing @ or \\\\ in name

because of how compile_et parses the input and generates its output.
Otherwise, when compiling the generated ntlm_err.c a warning will
be produced because of invalid quoting of a space.

Change-Id: I994d3eb896098914702e418a0ef5cad783d16a5a
2016-04-13 19:38:34 -05:00
Jeffrey Altman
cc62c1a4ae lib/krb5: fix srv_find_realm invalid gTLD test
In srv_find_realm() the conditional for testing whether an entry
is the invalid gTLD response was inverted.  Refactor the conditional
into a helper function is_invalid_tld_srv_target().  Use the helper
to simplify the conditional making it easier to confirm that the
test is correct.

Change-Id: I3220753b5585ac535862c4617030377c7a1f4bbe
2016-04-13 18:52:55 -05:00
Jeffrey Altman
1007d104fa lib/kadm5: do not prototype imported _krb5_put_int
The function _krb5_put_int() is a private function exported from
lib/krb5.  Its declaration should come from krb5-private.h.  A local
declaration will not result in the proper import qualifiers on
Windows.

See also: e1a244f Make it possible to include krb5_locl.h in kadm5

Change-Id: I53e7aeea9f2f34cab105f2e331f3c6522847ccfe
2016-04-11 16:01:27 -05:00
Nicolas Williams
e1a244f0aa Make it possible to include krb5_locl.h in kadm5
This and ffc525aad1 are the correct fix
rather than f1d73a8e46.  The next commit
reverts f1d73a8 by re-applying ffc525a.
2016-04-11 16:00:12 -05:00
Jeffrey Altman
f1d73a8e46 Revert "lib/kadm5: do not prototype imported _krb5_put_int"
krb5_locl.h cannot be included from within lib/kadm5 in the
current UNIX builds.  Reverting this change which is necessary
to properly build on Windows until an alternate solution is
agreed upon.

This reverts commit ffc525aad1.
2016-04-11 14:40:57 -05:00
Jeffrey Altman
278cd63306 lib/hdb: hdb_method functions !KRB5_LIB_CALL
The hdb_method functions cannot be KRB5_LIB_CALL as lib/hdb is not
lib/krb5.  KRB5_LIB_CALL will be inconsistently defined.

This inconsistency resulted in crashes of test_hdbplugin on 32-bit
Windows.

Change-Id: I4cf8d3ef76f31a3cae923df234a19610d956e7ee
2016-04-11 00:33:42 -05:00
Jeffrey Altman
ffc525aad1 lib/kadm5: do not prototype imported _krb5_put_int
The function _krb5_put_int() is a private function exported from
lib/krb5.  Its declaration should come from krb5-private.h.  A local
declaration will not result in the proper import qualifiers on
Windows.

Change-Id: I53e7aeea9f2f34cab105f2e331f3c6522847ccfe
2016-04-10 19:04:30 -05:00
Jeffrey Altman
924f7b9190 lib/krb5: Windows API:krb5cc ccache fallback
If there is no MSLSA: credential cache principal, then try to
fallback to the MIT default MIT credential cache name, API:krb5cc.

Change-Id: I8f981c5401b4f962cf808e7b0dc782e42bc03023
2016-04-10 17:05:07 -05:00
Jeffrey Altman
1b95a70e4f lib/krb5: krb5_cc_set_default_name Windows MSLSA:
If there is no default credential cache obtained from the registry
or from configuration files, then check to see if there is a valid
principal available from the MSLSA: credential cache.  If so, use
"MSLSA:" as the default credential cache.  This will simply configuration
for users on domain joined Windows machines when logged in using a
domain account.

Change-Id: I4c4392e0fdcec89aff3d258ce1b753e6458e3eec
2016-04-10 17:05:07 -05:00
Jeffrey Altman
338b4a1fba lib/krb5: reformat krb5_cc_set_default_name
Remove unnecessary levels of indentation.

Switch the conditional from "(e == NULL)" to "(p == NULL)" since it
the variable 'p' that is actually used to store the name of the
default credential cache.

Change-Id: Id884e2cd80b42e47d3c219ac3777161087467a14
2016-04-10 17:05:07 -05:00
Jeffrey Altman
eb1545382a lib/krb5: fallback Windows default ccname to HLKM
Windows queries the default ccache name via the registry.  Prior
to this change only the HKEY_CURRENT_USER hive.  Fallback to
HKEY_LOCAL_MACHINE if there is no "ccname" value specified for the
user.  This permits system or domain administrators to set the
default ccache to MSLSA: for all users.

Change-Id: Ide3b51358f8fc6944ca698e4a68295be9463d4e0
2016-04-10 17:05:07 -05:00
Jeffrey Altman
13568961ec krb5: DNS A record fallback test for invalid gTLD
As per
https://www.icann.org/en/system/files/files/name-collision-mitigation-01aug14-en.pdf
prior to a new top-level domain being put into service there is controlled
interuption service which will return explicit responses to DNS A, MX, SRV, and TXT
queries that can be used to detect private namespace collisions.

When performing fallback_get_hosts() check the AF_INET responses to ensure
that they are not the gTLD name collision address 127.0.53.53.  If so, add
an error message to the context and return KRB5_KDC_UNREACH.

Write a warning to the log (if any).

Change-Id: I2578f13948b8327cc3f06542c1e489f02410143a
2016-04-10 17:05:07 -05:00
Jeffrey Altman
4b45355162 krb5: DNS SRV records test for invalid gTLD
As per
https://www.icann.org/en/system/files/files/name-collision-mitigation-01aug14-en.pdf
prior to a new top-level domain being put into service there is a
controlled interuption service which will return explicit responses to DNS
A, MX, SRV, and TXT queries that can be used to detect private namespace collisions.

Modify SRV records lookups to detect the special hostname returned in the
SRV response, skip the response, and record an appropriate error if it is detected.

Write a warning to the log (if any).

Change-Id: I47e049b617e39e49939bc92d513a547de1d04624
2016-04-10 17:05:07 -05:00
Jeffrey Altman
b0e7dc5106 krb5: DNS TXT records test for invalid gTLD
As per
https://www.icann.org/en/system/files/files/name-collision-mitigation-01aug14-en.pdf
prior to a new top-level domain being put into service there is a
controlled interuption service which will return explicit responses to DNS
A, MX, SRV, and TXT queries that can be used to detect private namespace collisions.

Modify the signature of copy_txt_to_realm() to accept a krb5_context so
that meaningful errors can be recorded.

Write a warning to the log (if any).

Change-Id: I51ff8feed4f9d2af8b956bd4ba26e1c4644247c2
2016-04-10 17:05:07 -05:00
Nicolas Williams
c80816f9c3 krb5_context: embed mutex in structure
Instead of allocating a separate mutex object on the heap,
include the HEIMDAL_MUTEX in the krb5_context structure.

Change-Id: If6db484177410487176985e43e3b43e0f2166518
2016-04-10 17:05:07 -05:00
Jeffrey Altman
1dcfceb090 lib/base: add tests for mutex and rwlock
Add a basic set of tests for the HEIMDAL_MUTEX and HEIMDAL_RWLOCK
abstraction using both static and dynamic initialization.

Change-Id: Iaeb16e5dfcf00d29be7eaa4f2e6970c4f1268fb0
2016-04-10 17:05:07 -05:00
Jeffrey Altman
1953b0bd39 krb5: pricipal -> principal
fix the spelling errors

Change-Id: I6769ecc50009c11a296766961c1873f4836f33a7
2016-04-10 17:05:07 -05:00
Jeffrey Altman
0f97855826 hcrypto: config/roken cleanup
All source files in lib/hcrypto should be built the same way.
Since this source directory is dependent on libroken then all source
files must be built using the roken.h declarations and included headers.

Also, there is no config.h in the local directory so angle brackets
include of quotes should be used.

Finally, because roken.h includes stdio.h, stdlib.h, stdarg.h, limits.h,
strings.h, sys/types.h, etc., do not include them separately.

Start all source files with

  #include <config.h>
  #include <roken.h>

Change-Id: I09ab47f8a5472018efe6c8b59a0e51fde8f24724
2016-04-10 17:05:07 -05:00
Nicolas Williams
62f982a87b Comment why no ccache hard-links 2016-03-29 11:47:26 -05:00
Love Hörnquist Åstrand
0cf82c0235 Merge pull request #163 from aaptel/patch-1
lib/gssapi/mech/gss_compare_name.c: fix memcmp() call
2016-03-10 11:25:31 +01:00
aaptel
c868b6ac0b lib/gssapi/mech/gss_compare_name.c: fix memcmp() call
Make memcmp() compare the name1 and name2 value instead of comparing
name1 with itself.

The memcmp() is only executed if the left-hand side of the || is false
i.e. when both length are equal so the length argument is correct (no out-of-bounds reads).
2016-03-10 10:51:58 +01:00
aaptel
08a2d1a320 lib/krb5/pac.c: fix NULL check typo 2016-03-10 10:33:53 +01:00
Nicolas Williams
a114690bde Fix HDB two-phase commit for LDAP backend
We can't replay log entries when recovering if the backend is shared by
writers with separate logs (or no logs at all), i.e., on other hosts.
2016-02-29 22:12:51 -06:00
Nicolas Williams
d5bc673e31 Fix HDB two-phase commit for /dev/null log 2016-02-29 19:13:14 -06:00
Nicolas Williams
2b6bc1a7dc asn1_compile: fix null deref bug 2016-02-29 19:13:13 -06:00
Nicolas Williams
649c4824b0 kadm5: fix leak in set_keys 2016-02-29 19:13:12 -06:00
Nicolas Williams
97425a44a2 hx509/crypto.c: fix invalid pointer deref 2016-02-29 19:13:11 -06:00
Nicolas Williams
1236238cde kadm5/log.c: missing error checking 2016-02-29 19:13:11 -06:00
Nicolas Williams
8394778f92 master: quieten static analyzers 2016-02-29 19:13:11 -06:00
Nicolas Williams
2734102cc7 slave: quieten static analyzer false positives 2016-02-29 19:13:11 -06:00
Nicolas Williams
2415a5ee1d ipropd-slave: missing error check 2016-02-29 19:13:11 -06:00
Nicolas Williams
cfd9d59a15 ipropd-master: missing error check 2016-02-29 19:13:10 -06:00
Nicolas Williams
e625bb6ef6 Remove busted precheck in create_s.c 2016-02-29 19:13:10 -06:00
Nicolas Williams
2b5ddafab5 HDB sqlite backend: fix error NULL deref 2016-02-29 19:13:10 -06:00