Commit Graph

111 Commits

Author SHA1 Message Date
Luke Howard
ed4fe65794 base: change ret fieldname to error_code in request struct 2022-01-20 17:23:24 +11:00
Nicolas Williams
1e634df8a5 base: Context has to be optional in for path tok. exp.
We call path token expansion functions with a NULL context in CCAPI
(lib/krb5/acache.c).  We only need the context for errors.
2022-01-19 23:32:22 -06:00
Nicolas Williams
82e00128a2 base: Context has to be opt. in for error functions
This is needed so that it can be optional for path token expansion,
which has to have the context be optional for ccapi (lib/krb5/acache.c),
which in some cases calls path token expansion functions w/ a NULL
context.
2022-01-19 23:30:55 -06:00
Joseph Sutton
ef059b8831 heimdal:base: Don't perform arithmetic on a NULL pointer
Doing so is undefined behaviour.

Change-Id: Ic57baac0fc5fb06945c0dfbd5d4eb913a12fc13d
Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2022-01-18 00:31:45 -05:00
Nicolas Williams
b9a915c163 base: Fix various coverity warnings 2022-01-17 16:23:36 -06:00
Nicolas Williams
ad4e055831 base: Add r->kv not-null check before using it 2022-01-17 10:58:40 -06:00
Jeffrey Altman
14cb8eef60 lib/base: heim_audit_trail init all fields of 'kvb' before use
Change-Id: I7a3cdb038eb441a394a41c52a488ed98f87dbebd
2022-01-16 15:36:02 -05:00
Jeffrey Altman
f341fa7721 prevent unintended sign extension errors
When an unsigned char is shifted << 24 bits its type will be
promoted to signed 32-bits.   If the value is then assigned to
an unsigned 64-bit value sign extension will occur.

Prevent the unwanted sign extension by explicitly casting the
value to unsigned long before shifting.

Change-Id: Iabeac0f17dc3229a2dc89abe71960a8ffbf523f8
2022-01-16 00:23:05 -05:00
Luke Howard
867457871a krb5: make krb5_pac a heim_object_t
Make krb5_pac a heim_object_t and use heim_retain() (i.e. reference count +1)
as the copy constructor for the type decoration.

Note: this assumes that PACs included in naming attributes are immutable.
2022-01-15 18:54:57 +11:00
Nicolas Williams
ed0fd1263a base: Fix warnings 2022-01-14 12:01:33 -06:00
Nicolas Williams
69b3c5368c base: Context should optional in more error funcs 2022-01-14 12:01:33 -06:00
Luke Howard
2520c30b28 base: harmonize implementation/headers
heim_retain() should both accept and return a heim_object_t; harmonize this
across header and implementation
2022-01-08 17:40:22 +11:00
Luke Howard
97cca6f921 base: use uintptr_t for hash type
Use uintptr_t for hash type; this is consistent with CoreFoundation, which uses
32-bit integers on 32-bit platforms for the hash code, and 64-bit integers on
64-bit platforms. (libheimbase is modelled on CoreFoundation.)

Previously we used unsigned long, which would have the same behavior on
LP32/LP64 systems, but not on Windows (where unsigned long is 32-bits on 64-bit
platforms).
2022-01-06 17:21:06 +11:00
Luke Howard
d90718c9b6 base: set HEIM_JSON_F_NO_DATA_DICT in heim_audit_setkv_object()
Fixes pretty-printing data print to work with heim_audit_setkv_object() as well
as heim_audit_addkv_object().
2022-01-04 06:30:32 +00:00
Luke Howard
503cb27740 base: add heim_data_t support to heim_audit_trail()
Allow heim_audit_trail() to log heim_data_t types.
2022-01-04 17:17:56 +11:00
Luke Howard
2574648308 base: pretty-print heim_data_t when debug logging 2022-01-04 17:10:33 +11:00
Luke Howard
efdd0bda24 base: export heim_audit_addkv_{number,object} 2022-01-04 02:22:23 +00:00
Luke Howard
daf1eacfdb base: cast int64_t to long long
In heim_audit_{add,set}kv_number, cast int64_t to long long/use %lld format
string, to avoid compiler warnings.
2022-01-04 13:12:41 +11:00
Luke Howard
3b7a17e8b1 base: heim_audit_{add,set}kv_number should take int64_t
heim_number_t holds int64_t, not intptr_t; adjust heim_audit_{add,set}kv_number
accordingly. The libkdc wrapper functions were previously updated.
2022-01-04 12:35:57 +11:00
Luke Howard
81708f9f39 base: add heim_audit_addkv_{number,object} 2022-01-04 12:35:55 +11:00
Luke Howard
a8ff420b16 kdc: add attribute dictionary to kdc_request_t
Add a heim_dict_t to the KDC request structure for use by pre-authentication
mechanisms and plugins.
2022-01-04 12:27:43 +11:00
Luke Howard
b27026996a base: s/addkv_{bool,number,object}/setkv
Now heim_audit_addkv() correctly supports multiple values, the other functions
that (by design) replace existing values with a single value should use the
heim_audit_setkv prefix.

A subsequent commit could add variants that support multiple values for
non-string types.
2022-01-04 09:07:10 +11:00
Luke Howard
c8656863ba base: factor out addkv() array promotion logic 2022-01-04 09:07:10 +11:00
Luke Howard
77f33c1fde base: preserve multiple values in heim_audit_vaddkv()
Previously, if heim_audit_vaddkv() was called multiple times, values would be
concatenated; since changing the request kv type to a dictionary, only the most
recently set value was preserved.

Fix this by promoting multi-valued values to an array of values, which is
visualized in the same manner as it was prior to b1dcc1a4.
2022-01-03 16:35:36 +11:00
Luke Howard
2a2a83b712 base: fix string description of array-object type 2022-01-03 16:24:11 +11:00
Luke Howard
44a8cf1747 base: avoid unnecessary allocation of "reason" key
"reason" key is unused, don't allocate it
2022-01-03 16:19:49 +11:00
Nicolas Williams
3f2b1007a3 base: Fix test_base clang-13 build 2022-01-02 21:16:36 -06:00
Luke Howard
e15e711b13 kdc: remove auth_event_details audit key
The auth event details audit key (formerly, parameter to auth_status)
contained, variously, an encryption type name; a PKINIT client certificate
name; or, a GSS initiator name. Audit these instead using individual keys that
reflect the values' contents.
2022-01-02 15:25:52 +11:00
Luke Howard
cc0874d410 kdc: preserve value types in auditing
Preserve integer/boolean audit values as their native types; convert to strings
when logging only. This commit goes some way towards unifying the two auditing
APIs.
2022-01-02 15:25:52 +11:00
Luke Howard
b1dcc1a474 kdc: refactor Samba-specific auditing API in terms of existing API
Make Samba-specific HDB auth status API a wrapper on the existing auditing API,
with a view towards unifying the two APIs in a future commit.

The term "auth status" is replaced with "auth event", and the HDB auth_status
method is replaced with a more general purpose audit method which has access to
the entire request structure.
2022-01-02 15:25:52 +11:00
Luke Howard
32032dec7e base: heimbase-svc.h needs to include heimbase.h
heimbase-svc.h depends on heim_context from heimbase.h. Not all consumers also
remember to import heimbase.h (now that it is included by hdb.h).
2022-01-02 15:25:52 +11:00
Nicolas Williams
5e3c0a7ce0 base: Add ret to common svc req elements
We're logging SUCCESS even when the KDC sends error replies.  That's
because we're returning success to process_request() even when we send
errors to clients.  The error we want to send to the client, and that we
succeed or fail to send it, are different statuses.

To fix this we'll add a `ret` field to the common service request state
structure, HEIM_SVC_REQUEST_DESC_COMMON_ELEMENTS /
heim_svc_req_desc_common_s.
2021-12-27 10:16:58 +11:00
Luke Howard
47282cae34 krb5: import Heimdal-597.121.1 AS/TGS client
Sync with most changes in AS/TGS client from Apple's Heimdal-597.121.1
(opensource.apple.com).

Changes include:

 - FAST support in TGS client
 - Refactored pre-auth client to be more easily extensible
 - Pin KDC host and AD site name in API calls

Note the completely refactored TGS client loop is not imported as that was
considered too intrusive.
2021-12-14 09:03:42 +11:00
Nicolas Williams
63034f36ae base: Fix doxygen comments 2021-11-30 11:42:00 -05:00
Nicolas Williams
5f63215d0d Always perform == or != operation on cmp function result
Although not required to address bad code generation in
some versions of gcc 9 and 10, a coding style that requires
explicit comparison of the result to zero before use is
both clearer and would have avoided the generation of bad
code.

This change converts all use of cmp function usage from

```
    if (strcmp(a, b) || !strcmp(c, d)) ...
```

to

```
    if (strcmp(a, b) != 0 || strcmp(c, d)) == 0
```

for all C library cmp functions and related:

 - strcmp(), strncmp()
 - strcasecmp(), strncasecmp()
 - stricmp(), strnicmp()
 - memcmp()

Change-Id: Ic60c15e1e3a07e4faaf10648eefe3adae2543188
2021-11-24 22:30:44 -05:00
Nicolas Williams
341848a27b base: Fix leak on ENOMEM 2021-10-11 13:58:15 -05:00
Luke Howard
ab3d52e1a2 base: use correct calling convention for log_file()
Use the correct HEIM_CALLCONV calling convention when setting log_file()
callback, otherwise Windows build fails.
2021-08-11 19:09:08 +10:00
Nicolas Williams
e479695c61 base: Make heim_audit_trail() safer when ENOMEM 2020-09-07 22:04:59 -05:00
Nicolas Williams
5e078cdf6e base: Fix logging bug 2020-09-07 22:04:59 -05:00
Nicolas Williams
a649acf540 base: Add debug tracing to plugin code 2020-09-07 22:04:59 -05:00
Nicolas Williams
4772674e57 base: Make *_log_msg() use contextual log dest 2020-09-07 22:04:59 -05:00
Nicolas Williams
e2264e8374 base: Make log facility opaque, ref-counted 2020-09-07 22:04:59 -05:00
Nicolas Williams
7208217410 base: Make log reopen option thread-safe 2020-09-07 22:04:59 -05:00
Nicolas Williams
faee4626fb base: Fix leak in heim_string_create_with_format() 2020-09-07 22:04:59 -05:00
Luke Howard
bb7b4f7a94 base: use atomic load/store in reference counting
Use the new atomic load and store macros for testing and setting reference
count overflow.
2020-07-14 09:35:14 +10:00
Luke Howard
4986ebcb67 base: rename heim_base_atomic_{max,type} to ...integer_{max,type}
Rename heim_base_atomic_max to heim_base_atomic_integer_max (ditto with _type)
in order to better reflect their usage, now we have a separate
heim_base_atomic() macro for making an atomic version of any type.
2020-07-14 09:35:14 +10:00
Luke Howard
9ba00949dd base: add atomic init, load and store macros
Add new macros for atomic initialization, load and store, with ordering
semantics equivalent to <stdatomic.h>
2020-07-14 09:35:14 +10:00
Luke Howard
cbb2ceb018 base: use <stdatomic.h> for atomics, where present
C11 introduces a new set of atomic APIs in <stdatomic.h>. If available, use
those in preference to compiler- or platform-specific intrinsics.
2020-07-14 09:35:14 +10:00
Luke Howard
932605c01e base: heim_base_exchange_{32,64} for platforms without atomics
heim_base_exchange_32() and heim_base_exchange_64() inline functions for
platforms without atomics were missing (these are very inefficient but,
clearly rarely used given the lack of build error reports)
2020-07-14 09:35:14 +10:00
Luke Howard
fcfca367cf base: move atomic macros into separate header
Move the atomic macros into a distinct header, heimbase-atomics.h, in
preparation for the introduction of additional macros
2020-07-14 09:35:14 +10:00