Commit Graph

27071 Commits

Author SHA1 Message Date
Nicolas Williams
f4ba41ebdd Pluggable libheimbase interface for DBs and misc libheimbase enhancements
[Code reviewed by Love Hörnquist Åstrand <lha@kth.se>]

    Added heim_db_*() entry points for dealing with databases, and
    make krb5_aname_to_localname() use it.

    The following enhancements to libheimbase are included:

     - Add heim_data_t and heim_string_t "reference" variants to
       avoid memory copies of potentially large data/strings.

       See heim_data_ref_create() and heim_string_ref_create().

     - Added enhancements to heim_array_t to allow their use for
       queues and stacks, and to improve performance.  See
       heim_array_insert_value().

     - Added XPath-like accessors for heim_object_t.  See
       heim_path_get(), heim_path_copy(), heim_path_create(), and
       heim_path_delete().  These are used extensively in the DB
       framework's generic composition of ACID support and in the
       test_base program

     - Made libheimbase more consistent with Core Foundation naming
       conventions.  See heim_{dict, array}_{get, copy}_value() and
       heim_path_{get, copy}().

     - Added functionality to and fixed bugs in base/json.c:
        - heim_serialize();
        - depth limit for JSON parsing (for DoS protection);
        - pretty-printing;
        - JSON compliance (see below);
        - flag options for parsing and serializing; these are needed
          because of impedance mismatches between heim_object_t and
          JSON (e.g., heim_dict_t allows non-string keys, but JSON
          does not; heimbase supports binary data, while JSON does
          not).

     - Added heim_error_enomem().

     - Enhanced the test_base program to test new functionality and
       to use heim_path*() to better test JSON encoding.  This
       includes some fuzz testing of JSON parsing, and running the
       test under valgrind.

     - Started to add doxygen documentation for libheimbase (but doc
       build for libheimbase is still incomplete).

    Note that there's still some incomplete JSON support:

     - JSON string quoting is not fully implemented;

     - libheimbase lacks support for real numbers, while JSON has
       it -- otherwise libheimbase is a superset of JSON,
       specifically in that any heim_object_t can be a key for an
       associative array.

    The following DB backends are supported natively:

     - "sorted-text", a binary search of sorted (in C locale), flat
       text files;

     - "json", a backend that stores DB contents serialized as JSON
       (this is intended for configuration-like contents).

    The DB framework supports:

     - multiple key/value tables per-DB
     - ACID transactions

    The DB framework also natively implements ACID transactions for
    any DB backends that a) do not provide transactions natively, b)
    do provide lock/unlock/sync methods (even on Windows).  This
    includes autocommit of DB updates outside transactions.

    Future DB enhancements may include:

     - add backends for various DB types (BDB, CDB, MDB, ...);

     - make libhdb use heim_db_t;

     - add a command-line tool for interfacing to databases via
       libheimbase (e.g., to get/set/delete values, create/copy/
       backup DBs, inspect history, check integrity);

     - framework-level transaction logging (with redo and undo
       logging), for generic incremental replication;

     - framework-level DB integrity checking.

       We could store a MAC of the XOR of a hash function applied to
       {key, value} for every entry in the DB, then use this to check
       DB integrity incrementally during incremental replication, as
       well as for the whole DB.
2012-02-05 16:26:32 -06:00
Roland C. Dowdeswell
df73c96b74 Populate creds in get_new_tickets before actually using it.
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
git2svn-syncpoint-master
2012-01-29 20:58:12 -08:00
Nicolas Williams
9323ca9341 Fix krb5_kuserok() ~/.k5login check for luser==root 2012-01-18 23:24:22 -06:00
Nicolas Williams
6dd66df594 Make master build on Windows
Add strtoll()/strtoull() to lib/roken
    Add stdint.h to lib/roken (Windows only)
    Add logic to detect whether to use lib/roken's stdint.h based on
        Visual Studio version
    Add include of stdint.h in generated ASN.1 code
    Export missing symbols for 64-bit integers in lib/asn1
    Export missing symbols for FAST
    Add missing sources to kdc/NTMakefile
    Fix issue in kuserok
    Fix bsearch issues
2012-01-17 12:10:14 -06:00
Patrik Lundin
10bca3892d Add missing "Debugging Kerberos problems" to menu.
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2012-01-15 21:56:37 +01:00
Nicolas Williams
11763aecc7 There's no HEIM_BOOL_TRUE; use heim_bool_create(1) instead 2012-01-13 16:18:50 -06:00
Roland C. Dowdeswell
74db6a120f Change #elseif to #elif.
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2012-01-10 22:54:50 +01:00
Love Hornquist Astrand
0f9f9d3ab6 add strtoll.c 2012-01-10 22:54:16 +01:00
Love Hornquist Astrand
07a88f4b5a use no-store 2012-01-10 22:54:16 +01:00
Love Hornquist Astrand
9b0bc022f1 support kgetcred 2012-01-10 22:54:16 +01:00
Love Hornquist Astrand
a372712fd0 test tgs-req too 2012-01-10 22:54:16 +01:00
Love Hornquist Astrand
0d7d3e4ab5 allow overriding default krb5_config_file 2012-01-10 22:54:16 +01:00
Andrew Bartlett
7a89f14aa5 Revert "make paranoia check less paranoid" - check that key types strictly match
This reverts commit c25af51232 because
otherwise we could attempt to check a CKSUMTYPE_HMAC_SHA1_96_AES_256 key with a
KRB5_ENCTYPE_ARCFOUR_HMAC_MD5 key.

Andrew Bartlett

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2012-01-10 22:54:16 +01:00
Andrew Bartlett
cdc04ce0ff make hmac-md5 the keyed checksum type for arcfour-hmac-md5
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2012-01-10 22:54:16 +01:00
Andrew Bartlett
5ce504c1fb use ETYPE_DES3_CBC_SHA1 for the verify step in verify_mic_des3
This allows a strict link between checksum types and key types to be
enforced.

Andrew Bartlett

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2012-01-10 22:54:16 +01:00
Jeffrey Altman
81db1ebce2 Correct d68aee90ed
in any case.  Both EAI_NODATA and WSANO_DATA can exist at the
same time.

Change-Id: I4378d8d3a5471a472a9b32632b0c70a1d717b951
2012-01-10 10:19:27 -05:00
Jeffrey Altman
d68aee90ed Windows: translate WSANO_DATA to HEIM_EAI_NODAT
Change-Id: I9116ab68b1f2ac4417577125df1efc5a1b42c89e
2012-01-08 17:10:01 -05:00
Nicolas Williams
7d7624f7f7 Fix CVE-2011-4862 Buffer overflow in libtelnet/encrypt.c in telnetd
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4862
    http://security.freebsd.org/advisories/FreeBSD-SA-11:08.telnetd.asc
    http://security.freebsd.org/patches/SA-11:08/telnetd.patch
2011-12-28 17:50:30 -06:00
Russ Allbery
5ca056969a Close memory leak in the client kadmin library
kadm5_c_destroy was not freeing the kadm5_client_context, just its
contents.  Also free the context itself.

Signed-off-by: Nicolas Williams <nico@cryptonector.com>
2011-12-22 18:36:17 -06:00
Nicolas Williams
d769eced7b Plugin symbols can't have '-' in them... Also add example to krb5-plugin.7 2011-12-22 17:44:47 -06:00
Russ Allbery
911c993757 Fix reauthentication after password change in init_creds_password
When retrying authentication after a password change of an expired
password, use the new password instead of the original one.  Also,
pass in the correct length for the new password buffer to
change_password and zero the buffer that holds the new password on
function exit.

Signed-off-by: Russ Allbery <rra@stanford.edu>
Signed-off-by: Nicolas Williams <nico@cryptonector.com>
2011-12-22 14:53:08 -06:00
Russ Allbery
0f81a468a3 Link kdc-tester with libheimbase directly
It directly uses symbols provided by that library.

Signed-off-by: Nicolas Williams <nico@cryptonector.com>
2011-12-22 14:52:58 -06:00
Nicolas Williams
223af60018 Oops, forgot to actually add krb5-plugin.7
I use a shell alias that expands to git add -uv ..., and the -u
    means new files don't get added :(
2011-12-22 14:42:05 -06:00
Nicolas Williams
25e623a957 Fix doxygen comment in krb5_aname_to_lname() 2011-12-22 11:17:42 -06:00
Nicolas Williams
672f6285ce Add doxygen docs for some plugin structs 2011-12-22 11:17:21 -06:00
Nicolas Williams
8aa248370f Make the build system make and install section 7 manpages 2011-12-21 15:43:56 -06:00
Nicolas Williams
06974f27cb Add a krb5-plugin.7 manpage to document the plugin system 2011-12-21 13:59:37 -06:00
Love Hornquist Astrand
a66a23bb45 Apply old patch from me that handles client's behind NAT
Tested by Harald Barth and bugfix by Ragnar Sundblad
2011-12-15 22:00:00 -08:00
Love Hornquist Astrand
b6f3ca6712 add heim_show, sort lines 2011-12-15 21:51:06 -08:00
Love Hornquist Astrand
8e1b58e923 move function pointer to last argument 2011-12-15 21:48:33 -08:00
Love Hornquist Astrand
b780dddb9b add show 2011-12-15 21:48:20 -08:00
Love Hornquist Astrand
d05e64b967 move function pointer to last argument 2011-12-15 21:48:09 -08:00
Love Hornquist Astrand
8deda7a299 add show, move function pointer to last argument 2011-12-15 21:47:56 -08:00
Love Hornquist Astrand
9cfc014a66 name KRB5_PLUGIN_KUSEROK "kuserok-plugin" 2011-12-15 21:46:43 -08:00
Nicolas Williams
dd05873d0c Fix regression in ASN.1 int type generation
The 64-bit integer support changed the logic for deciding when an
    INTEGER should map to a signed or unsigned 32- or 64-bit integer
    type.  The upshot is that two places where we had {0, INT_MAX}
    ranges needed to be changed to be {0, UINT_MAX}.

    We need to tweak the integer type mapping logic to have a bias for
    unsigned integer types.  Unsigned is better.
2011-12-15 14:37:09 -06:00
Nicolas Williams
4630ef1bdc Fix kuserok.c:check_owner_file(), make tests/kdc/check-authz run 2011-12-14 18:01:35 -06:00
Love Hornquist Astrand
fb26e41d06 to utf8 2011-12-14 08:46:05 -08:00
Love Hornquist Astrand
477738a80d try w/o FAST if the KDC doesnt seem to handle it 2011-12-14 08:46:05 -08:00
Love Hörnquist Åstrand
2be0f1a1a4 check that we don't use negative size for arrays 2011-12-13 21:52:05 -08:00
Love Hörnquist Åstrand
2a551314a6 don't use negative size 2011-12-13 21:51:48 -08:00
Nicolas Williams
a222521e68 64-bit build fixes for ASN.1 compiler 64-bit integer support 2011-12-13 13:03:57 -06:00
Love Hornquist Astrand
449fb4775e check length of TESTuint64 2011-12-12 23:13:56 -08:00
Love Hornquist Astrand
80fd2959b9 check length of TESTuint64 2011-12-12 23:13:47 -08:00
Love Hornquist Astrand
9a4f8c3da7 add missing dependency 2011-12-12 23:11:21 -08:00
Love Hornquist Astrand
b91258ccdc better naming 2011-12-12 22:49:25 -08:00
Love Hornquist Astrand
a11ca3cb1b add rk_getpwnam_r 2011-12-12 21:55:06 -08:00
Love Hornquist Astrand
d453899462 split user and dir, use rk_getpwnam_r 2011-12-12 21:53:41 -08:00
Love Hornquist Astrand
167084b3e7 ident 2011-12-12 21:28:52 -08:00
Love Hornquist Astrand
54ce0a776c re-encode as utf8 2011-12-12 21:26:52 -08:00
Nicolas Williams
19d378f44d Add 64-bit integer support to ASN.1 compiler
ASN.1 INTEGERs will now compile to C int64_t or uint64_t, depending
    on whether the constraint ranges include numbers that cannot be
    represented in 32-bit ints and whether they include negative
    numbers.

    Template backend support included.  check-template is now built with
    --template, so we know we're testing it.

    Tests included.
2011-12-12 20:01:20 -06:00