diff options
Diffstat (limited to 'src/lib/krb5/ccache/ChangeLog')
-rw-r--r-- | src/lib/krb5/ccache/ChangeLog | 303 |
1 files changed, 303 insertions, 0 deletions
diff --git a/src/lib/krb5/ccache/ChangeLog b/src/lib/krb5/ccache/ChangeLog index 0b44b4d..bc7ca4f 100644 --- a/src/lib/krb5/ccache/ChangeLog +++ b/src/lib/krb5/ccache/ChangeLog @@ -1,3 +1,306 @@ +2004-09-01 Jeffrey Altman <jaltman@mit.edu> + + * cc_mslsa.c: + - Fix MITPrincToMSPrinc to prevent writing to the output + buffer if the input won't fit. + - Add internal UnicodeStringToMITPrinc function + - Rename internal MSPrincToMITPrinc to ExternalNameToMITPrinc + - Rename internal PurgeMSTGT to PurgeAllTickets + - Add internal PurgeTicket2000 + - Add internal PurgeTicketXP + - Since tickets can only be requested via KDC Opt Flags it is + not possible to specifically request the Initial ticket. If + more than one ticket exists which matching service names, + enctypes, and ticket flags the initial ticket flag may not be + set. If the caller requested the initial ticket, set the flag + manually. + - Add preliminary support for krb5_lcc_set_flags + - Modify krb5_lcc_initialize to return success + - Modify krb5_lcc_get_principal to support an LSA cache + which does not contain a TGT when krb5_lcc_resolve is + called. + - Implement krb5_lcc_remove_cred + + +2004-07-25 Jeffrey Altman <jaltman@mit.edu> + + * cc_mslsa.c: is_windows_xp() should test for major version + > 5 not >= 5. + +2004-07-15 Alexandra Ellwood <lxs@mit.edu> + + * ccdefault.c (krb5_cc_default, krb5int_cc_default) + Removed default_ccprincipal field from krb5_context + +2004-07-07 Jeffrey Altman <jaltman@mit.edu> + + * cc_mslsa.c: Fix thread safety + +2004-07-07 Jeffrey Altman <jaltman@mit.edu> + + * cc_mslsa.c: When obtaining a TGT from MSLSA, do not ignore + the cache if the requested enctype is the NULL enctype. + +2004-06-29 Jeffrey Altman <jaltman@mit.edu> + + * cc_mslsa.c: + - is_windows_2000() indicates the OS is Windows 2000 or higher + - is_windows_xp() indicates the OS is Windows XP or higher which + indicates that PKERB_QUERY_TKT_CACHE_EX_RESPONSE and + PKERB_TICKET_CACHE_INFO_EX are available. + - does_retrieve_ticket_cache_ticket() checks to see if a Microsoft + private fix is available which adds a new Cache Flag, + KERB_RETRIEVE_TICKET_CACHE_TICKET, which when set causes the + requested ticket to be stored in the LSA cache even when the + TicketFlags and EncType are not set to 0. + - KerbExternalTicketMatch() is a test to determine if two + Microsoft External Tickets are identical + + use the KerbQueryTicketCacheExMessage LSA call on XP or higher + + specify the KERB_RETRIEVE_TICKET_CACHE_TICKET flag when it is + available + = The combination of both + items will cause the ClientRealm + to be displayed properly for all cross realm tickets obtained + via the MSLSA + + +2004-06-21 Jeffrey Altman <jaltman@mit.edu> + + * cc_mslsa.c: Comment out call to FormatMessage() which fails + horribly on non-English systems. We do not need the output + or printf statements as part of a library. Therefore, we + will ignore this for the time being. When we decide we + want to log event to the Event Log then we can properly + implement this function. + +2004-06-18 Jeffrey Altman <jaltman@mit.edu> + + * cc_mslsa.c: Enforce acceptable enctypes by checking against + the default_tgs_enctypes list instead of the permitted_enctypes + list; only enforce the desired enctype when retrieving tickets + to deliver to an application. do not enforce when attempting + to determine the current principal name. this is important + because specifying an enctype results in a TGS_REQ being sent + to the KDC; close memory leak of krb5_cred objects in + krb5_lcc_retrieve(). + +2004-05-25 Jeffrey Altman <jaltman@mit.edu> + + * cc_mslsa.c: GetMSTGT(). Initialize pTicketRequest to NULL + to prevent it being freed prior to allocation. Add krb5_context + parameter to allow krb5_get_permitted_enctype() to be called + instead of using a hardcoded list of enctypes which may change + in the future. + krb5_lcc_get_name(): fix return value if Kerberos is not supported. + +2004-05-15 Jeffrey Altman <jaltman@mit.edu> + + * cc_mslsa.c: The FAILED() macro only considered an error + to be a failure if the value is negative. ConstructTicketRequest() + returns positive errors. Do not use FAILED() to test the result. + Fix a potential leak of LSA allocated memory. Fix a leak of + LocalAlloc memory. + +2004-04-13 Jeffrey Altman <jaltman@mit.edu> + + * ccbase.c: + Since we have to reserve all the single letter + prefixes make them apply to all platforms + +2004-04-13 Jeffrey Altman <jaltman@mit.edu> + + * ccbase.c: + On Windows, if there is a ccache name provided without + a prefix but which appears to start with a drive letter, + treat it as a FILE: ccache instead of failing with a + ccache type unknown error. + +2004-04-06 Jeffrey Altman <jaltman@mit.edu> + + * cc_mslsa.c: + In at least one case on Win2003 it appears that it is possible + for the logon session to be authenticated via NTLM and yet for + there to be Kerberos credentials obtained by the LSA on behalf + of the logged in user. Therefore, we are removing the test + for IsKerberosLogon() within krb5_lcc_resolve() + which was meant to avoid the need to perform GetMSTGT() when + there was no possibility of credentials being found. + +2004-03-31 Jeffrey Altman <jaltman@mit.edu> + + * cc_mslsa.c: Add IsWindows2000() function and use it to return + errors whenever the MSLSA: ccache type is used on platforms + older than Windows 2000. This is needed to prevent calls to + the functions loaded from ADVAPI32.DLL and SECUR32.DLL which + do not exist on the Windows 9x platforms. + +2004-03-18 Jeffrey Altman <jaltman@mit.edu> + + * cc_mslsa.c: + Add missing return statements in krb5_lcc_start_seq_get() + + Return error if principal name cannot be determined during + krb5_lcc_resolve() + + * cc-int.h: + New file - Add prototypes for cc internal functions + + * cc_retr.c - include cc-int.h + +2004-02-04 Jeffrey Altman <jaltman@mit.edu> + + * cc_mslsa.c: + Remove reference to <ntstatus.h> as it is not present in the August 2001 + Platform SDK used by Pismere. Instead copy the error value. + +2004-02-02 Jeffrey Altman <jaltman@mit.edu> + + * cc_msla.c: + GetMSCacheTicketFromCacheInfo() uses the tktinfo->TicketFlags as the + value to assign to TicketRequest->TicketFlags. This field is blindly + inserted into the kdc-options[0] field of the TGS_REQ. If there are + bits such as TRANSIT_POLICY_CHECKED in the TicketFlags, this will result + in an unknown TGS_OPTION being processed by the KDC. + + This has been fixed by mapping the Ticket Flags to KDC options. + We only map Forwardable, Forwarded, Proxiable, and Renewable. The others + should not be used. + +2004-02-02 Jeffrey Altman <jaltman@mit.edu> + + * cc_mslsa.c: the MSLSA code was crashing on Pismere machines when + logging on with cross realm credentials. On these machines there are + 8 tickets within the LSA cache from two different realms. One of the + krbtgt/CLIENT-REALM@CLIENT-REALM tickets (not the Initial ticket but + a Forwarded ticket) is inaccessible to the ms2mit.exe and leash32.exe + processes. The attempt to access the ticket returns a SubStatus code + of STATUS_LOGON_FAILURE (0xC000006DL) which is supposed to mean that + the logon attempt was invalid due to bad authentication information. + kerbtray has no problem listing this ticket. The other seven tickets + in the cache including the Initial Ticket are accessible. Modified + krb5_lcc_next_cred() to skip to the next ticket if an attempt to read + a single ticket fails. + +2004-01-31 Jeffrey Altman <jaltman@mit.edu> + + * cc_mslsa.c: Optimize the get next logic by storing a handle to + the MS TGT in the lcc_cursor data structure + +2004-01-31 Jeffrey Altman <jaltman@mit.edu> + + * cc_mslsa.c: Do not return tickets to the caller if they contain + NULL session keys. This is to prevent useless TGTs from being + placed into the MIT credential cache. + +2004-01-30 Jeffrey Altman <jaltman@mit.edu> + + * cc_mslsa.c: As per extensive conversations with Doug Engert we have + concluded that MS is not specifying a complete set of domain information + when it comes to service tickets other than the initial TGT. What happens + is the client principal domain cannot be derived from the fields they + export. Code has now been added to obtain the domain from the initial + TGT and use that when constructing the client principals for all tickets. + + This behavior can be turned off by setting a registry either on a per-user + or a system-wide basis: + + {HKCU,HKLM}\Software\MIT\Kerberos5 + PreserveInitialTicketIdentity = 0x0 (DWORD) + + +2004-01-06 Jeffrey Altman <jaltman@mit.edu> + + * cc_file.c, cc_memory.c: + Add stub implementations for unimplemented krb5_cc_remove_cred() + Returns KRB5_CC_NOSUPP + + * cc_mslsa.c: + Add implementation for krb5_cc_remove_cred(). Returns KRB5_CC_READONLY. + +2003-12-18 Jeffrey Altman <jaltman@mit.edu> + + * cc_retr.c: Extract the test to determine if a credential matches + a requested credential according to the specified fields into + a private function: krb5int_cc_creds_match_request() + + * cc_mslsa.c: Extend the functionality of krb5_lcc_retrieve() to + perform a MS Kerberos LSA ticket request if there is no matching + credential in the cache. The MS Kerberos LSA places the following + restriction on what tickets it will place into the LSA cache: + tickets obtained by an application request for a specific + set of kerberos flags or enctype will not be cached. + Therefore, we first make a request with no flags or enctype in + the hope that we will be lucky and get the right ones anyway. + If not, we make the application's request and return that ticket + if it matches the other criteria. + + Implemented a similar technique for krb5_lcc_store(). Since we + can not write to the cache, when a store request is made we + instead perform a ticket request through the lsa for a matching + credential. If we receive one, we return success. Otherwise, + we return the KRB5_CC_READONLY error. + + With these changes I am now able to operate entirely with the MSLSA + ccache as the default cache provided the MS LSA credentials are + for the principal I wish to use. Obviously, one cannot change + principals while the MSLSA ccache is the default. + +2003-12-15 Jeffrey Altman <jaltman@mit.edu> + + * cc_msla.c: Enable purging of the MS Kerberos LSA cache when the TGT + has expired. This will force the LSA to get a new TGT instead of + returning the expired version. + +2003-12-15 Jeffrey Altman <jaltman@mit.edu> + + * cc_mslsa.c: Perform a GetMSTGT() call as part of krb5_lcc_start_seq_get + to ensure that the tgt is refreshed + +2003-12-13 Jeffrey Altman <jaltman@mit.edu> + + * Makefile.in: Remove extranenous spaces in ##WIN32## constructs + defining MSLSA_SRC MSLSA_OBJ + +2003-12-12 Tom Yu <tlyu@mit.edu> + + * Makefile.in: Move ##WIN32## constructs from inside + backslash-continued lists, as it was breaking them. Move explicit + dependency information from under automatic dependencies. + +2003-12-11 Jeffrey Altman <jaltman@mit.edu> + + * Makefile.in, ccbase.c, cc_mslsa.c (new) + + Remove all of the code which was duplicated between ms2mit.c + and the KfW Leash libraries (and who knows how many applications + shipped by third parties) and use it as the basis for a new + krb5_ccache type, "MSLSA:". The "MSLSA:" ccache type is a + read-only ccache which can be used either as a monitor of the + contents of the Microsoft LSA cache or as a source for copying + the contents to another ccache type. The purpose of migrating + this code to the krb5_32.dll is to avoid the need for applications + to be consistently updated each time Microsoft makes a change + to the behavior of the LSA cache. Changes have occurred with + the release of 2000, XP, and 2003 so far. Also, the code for + working with the MS LSA cache is not well documented and many + mistakes were made in the original versions of the ms2mit.c + code base. Unfortunately, the ms2mit.c code has been copied + into many other applications. + + With access to this new ccache type, the ms2mit.c source file + is reduced from 890 lines to 80 lines including the copyright + banner. + +2003-11-26 Jeffrey Altman <jaltman@mit.edu> + + * cc_default.c: Add support for Leash Kinit Dialog on Windows to + krb5int_c_default() + +2003-07-22 Sam Hartman <hartmans@mit.edu> + + * ccbase.c: Always register the file credentials cache type. If + we do not, then when USE_CCAPI is defined, it will not be + available. + 2003-03-06 Alexandra Ellwood <lxs@mit.edu> * ccdefault.c: Remove Mac header goober and include |