Age | Commit message (Collapse) | Author | Files | Lines |
|
draft-ietf-krb-wg-pkinit-alg-agility-07 specifies
KDC_ERR_NO_ACCEPTABLE_KDF as 82, but this value conflicts with
KRB_AP_ERR_PRINCIPAL_UNKNOWN from RFC 6111. The former value has been
reassigned to 100 to fix the conflict. Use the correct value.
We believe that this error won't crop up in practice for a long time
(when SHA-2 has been superceded by other hash algorithms and people
are desupporting it), by which time implementations will mostly have
been upgraded to use the new value.
(cherry picked from commit 2938851a5ec77ab68bcd1f5cfd07991c7ccabea6)
ticket: 7725 (new)
version_fixed: 1.10.7
status: resolved
|
|
The lock inconsistency fixed here is quite possibly the same as
described in https://bugzilla.redhat.com/show_bug.cgi?id=586032 .
The problem is that ctx_unlock() fails to unlock the principal DB if
it fails to unlock the policy DB, and this happens when ctx_lock()
fails to lock the policy DB (likely because the caller is racing
against a kdb5_util load, which will be using a "permanent" lock,
meaning that the lock file will be unlinked after acquiring the
lock). The fix is to perform both unlock operations *then* handle
any errors that either or both might have returned.
(cherry picked from commit 29ee39baa919361ae08e26caab896890d5cb3eb4)
ticket: 7675 (new)
version_fixed: 1.10.7
status: resolved
|
|
|
|
|
|
An RFC 6113 KrbFastReq contains a padata sequence and a KDC-REQ-BODY,
neither of which contain the msg-type field found in a KDC-REQ. So
when we decode the FAST request, the resulting krb5_kdc_req structure
has a msg_type of 0. Copy msg_type from the outer body, since we make
use of it in further KDC processing.
(cherry picked from commit 3a447c5a8c95758501cf5a20c161a2d735a02f6d)
ticket: 7660 (new)
version_fixed: 1.10.6
status: resolved
|
|
Allow configuration to override the default dh_min_bits of 2048 to
1024. Disallow configuration of dh_min_bits < 1024, but continue to
default to 2048.
(cherry picked from commit cae44d2d014985022a001924dce4a56d12c63818)
ticket: 7659 (new)
version_fixed: 1.10.6
status: resolved
|
|
Some implementations don't send the required Q value in dh_params, so
allow it to be absent.
(cherry picked from commit ed77a25c53ed6afd41372838f205a98a561a89fb)
ticket: 7658 (new)
version_fixed: 1.10.6
status: resolved
|
|
The Acceptor Names project (#6855) extended krb5_rd_req so that it can
accept a "matching principal" in the server parameter. If the
matching principal has an empty realm, rd_req_decoded_opt attempted to
do transited checking with an empty server realm.
To fix this, always reset server to req->ticket->server for future
processing steps if we decrypt the ticket using a keytab.
decrypt_ticket replaces req->ticket->server with the principal name
from the keytab entry, so we know this name is correct.
Based on a bug report and patch from nalin@redhat.com.
(cherry picked from commit 57acee11b5c6682a7f4f036e35d8b2fc9292875e)
[tlyu@mit.edu: removed test due to k5test.py incompatibility]
ticket: 7649 (new)
version_fixed: 1.10.6
status: resolved
|
|
The kpasswd service provided by kadmind was vulnerable to a UDP
"ping-pong" attack [CVE-2002-2443]. Don't respond to packets unless
they pass some basic validation, and don't respond to our own error
packets.
Some authors use CVE-1999-0103 to refer to the kpasswd UDP ping-pong
attack or UDP ping-pong attacks in general, but there is discussion
leading toward narrowing the definition of CVE-1999-0103 to the echo,
chargen, or other similar built-in inetd services.
Thanks to Vincent Danen for alerting us to this issue.
CVSSv2: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:P/RL:O/RC:C
(cherry picked from commit cf1a0c411b2668c57c41e9c4efd15ba17b6b322c)
ticket: 7638 (new)
target_version: 1.10.6
status: resolved
|
|
|
|
|
|
If an iprop slave tries to load a dump from the master and it fails,
reset the ulog header so we take another full dump, instead of
reporting that the slave is current when it isn't.
[ghudson@mit.edu: commit message]
[tlyu@mit.edu: remove ulog_sync_header call]
(cherry picked from commit 74b3f961e15d2eee5bad93d2a224c10834bbaab8)
ticket: 7607 (new)
version_fixed: 1.10.5
status: resolved
|
|
Found by clang's warnings.
(cherry picked from commit 18796a2eb6c05706c6635453b3e425955aab93f4)
ticket: 7606 (new)
version_fixed: 1.10.5
status: resolved
|
|
By sending an unusual but valid TGS-REQ, an authenticated remote
attacker can cause the KDC process to crash by dereferencing a null
pointer.
prep_reprocess_req() can cause a null pointer dereference when
processing a service principal name. Code in this function can
inappropriately pass a null pointer to strlcpy(). Unmodified client
software can trivially trigger this vulnerability, but the attacker
must have already authenticated and received a valid Kerberos ticket.
The vulnerable code was introduced by the implementation of new
service principal realm referral functionality in krb5-1.7, but was
corrected as a side effect of the KDC refactoring in krb5-1.11.
CVSSv2 vector: AV:N/AC:L/Au:S/C:N/I:N/A:C/E:H/RL:O/RC:C
ticket: 7600 (new)
version_fixed: 1.10.5
status: resolved
|
|
|
|
|
|
Also update copyright years.
|
|
Correct three cases where the wrong expression was checked to see if
an allocation function returned null.
[ghudson@mit.edu: commit message, patch splitting]
[tlyu@mit.edu: omit inapplicable lib/kadm/srv/svr_principal.c change]
(back ported from commit a9ee4a040eeacab1d410ff9e4c862484b531c401)
ticket: 7582
version_fixed: 1.10.4
status: resolved
|
|
gssrpc raw services could not work because svcraw_create did not set
svcraw_private after allocating memory for it.
[ghudson@mit.edu: commit message, patch splitting]
(cherry picked from commit 5e3bf4ac6cb02601c5f10c5b2804fd5028c80119)
ticket: 7582 (new)
subject: Minor pointer management patches
|
|
Some versions of clang report an uninitialized variable warning (which
we treat as an error) in process_k5beta_record. Due to the if-ladder
style of the function, uninitialized tmpint values can be copied
around in certain error cases, although the garbage values would be
ultimately ignored. As a minimal fix, initialize the tmpint
variables.
(cherry picked from commit 1b7f7eef8a95bda0135159b2c06a168b56d9f42b)
ticket: 7581 (new)
version_fixed: 1.10.4
status: resolved
|
|
If no_host_referral is set in both [kdcdefaults] and the realm
subsection, we're supposed to concatenate their values. But the logic
in handle_referral_params would overwrite the value with the
non-concatenated realm value. Similar bugs of this nature were fixed
in 639c9d0f5a7c68dc98a2a452abc05ca32443cddf (r22037) but this one was
missed.
(cherry picked from commit 6338d039cbd0b138642e3b123ac58dc802d1d907)
ticket: 7580 (new)
version_fixed: 1.10.4
status: resolved
|
|
gss_str_to_oid wasn't outputting any bytes for a zero-valued arc. It
should output one byte with value 0.
[ghudson@mit.edu: commit message]
(cherry picked from commit 54fa4433df7412267375240aba40959e97ac4fe2)
ticket: 7579 (new)
version_fixed: 1.10.4
status: resolved
|
|
(cherry picked from commit 74bee54227deb64a41c2e79f57dd2a2c5ea010a3)
ticket: 7578 (new)
version_fixed: 1.10.4
status: resolved
|
|
Don't dereference a null pointer when cleaning up.
The KDC plugin for PKINIT can dereference a null pointer when a
malformed packet causes processing to terminate early, leading to
a crash of the KDC process. An attacker would need to have a valid
PKINIT certificate or have observed a successful PKINIT authentication,
or an unauthenticated attacker could execute the attack if anonymous
PKINIT is enabled.
CVSSv2 vector: AV:N/AC:M/Au:N/C:N/I:N/A:C/E:P/RL:O/RC:C
This is a minimal commit for pullup; style fixes in a followup.
[kaduk@mit.edu: reformat and edit commit message]
(cherry picked from commit c773d3c775e9b2d88bcdff5f8a8ba88d7ec4e8ed)
ticket: 7577 (new)
version_fixed: 1.10.4
status: resolved
|
|
Result code 0 used to be converted properly by krb5_set_password,
though not krb5_change_password; this changed in 1.10 when
krb5int_setpw_result_code_string was folded into
krb5_chpw_result_code_string. Restore the old behavior, and make it
apply to krb5_change_password as well, by making
krb5_chpw_result_code_string convert result code 0.
[ghudson@mit.edu: commit message]
(cherry picked from commit 316bf74b4696058e2b60c95c9d0fc90d6c2c2ffe)
ticket: 7576 (new)
version_fixed: 1.10.4
status: resolved
|
|
In krb5_auth_con_initivector and mk_priv/rd_priv, stop assuming that
the enctype's block size is the size of the cipher state. Instead,
make and discard a cipher state to get the size.
(cherry picked from commit 8d01455ec9ed88bd3ccae939961a6e123bb3d45f)
ticket: 7575 (new)
version_fixed: 1.10.4
status: resolved
|
|
In kdc_util.c and spnego_mech.c, error returns from ASN.1 length
functions could be ignored because they were assigned to unsigned
values. In spnego_mech.c, two buffer size checks could be rewritten
to reduce the likelihood of pointer overflow. In dump.c and
kdc_preauth.c, calloc() could be used to simplify the code and avoid
multiplication overflow. In pkinit_clnt.c, the wrong value was
checked for a null result from malloc(), and the code could be
simplified.
Reported by Nickolai Zeldovich <nickolai@csail.mit.edu>.
(cherry picked from commit d3c5450ddf0b20855e86dab41735d56c6860156b)
[tlyu@mit.edu: omitted pkinit and kdb5_util fixes because they're not
conservative]
ticket: 7545 (new)
version_fixed: 1.10.4
status: resolved
|
|
If a PKINIT Diffie-Hellman reply contains no certificates in the
SignedData object, that may be because the signer certificate was a
trust anchor as transmitted to the KDC. Heimdal's KDC, for instance,
filters client trust anchors out of the returned set of certificates.
Match against idctx->trustedCAs and idctx->intermediateCAs to handle
this case. This fix only works with OpenSSL 1.0 or later; when built
against OpenSSL 0.9.x, the client will still require a cert in the
reply.
Code changes suggested by nalin@redhat.com.
(cherry picked from commit db83abc7dcfe369bd4467c78eebb7028ba0c0e0d)
ticket: 7544 (new)
version_fixed: 1.10.4
status: resolved
|
|
gcc 4.6.2 reportedly finds some spurious maybe-uninitialized warnings.
Suppress them. Patch from Eray Aslan with some adjustment.
(cherry picked from commit cc2f16af06800bf9882c1589d3d6e9b8f19b6d6f)
ticket: 7543 (new)
version_fixed: 1.10.4
status: resolved
|
|
asserts may be compiled out with -DNDEBUG, so it's wrong to use an
assert expression with an important side effect.
(We also have scores of side-effecting asserts in test programs, but
those are less important and can be dealt with separately.)
(cherry picked from commit 221cd4a23691601a14500bc00146c265b50bdc94)
ticket: 7542 (new)
version_fixed: 1.10.4
status: resolved
|
|
Recent versions of gcc can generate a maybe-uninitialized warning from
bison output instead of a regular uninitialized warning. Suppress
both. Fix from nalin@redhat.com.
(cherry picked from commit d4f98cdd40559620531622c9c6d988f6aa850bd0)
ticket: 7541 (new)
version_fixed: 1.10.4
status: resolved
|
|
Fail during configure time if the configure script can't locate the
"ar" program, instead of producing a delayed failure during build time
by running the "false" command. Some Solaris releases have ar in
/usr/ccs/bin, which is not in the default path for some users.
(cherry picked from commit 2c990e6418cd7cee7ca178a3175b07ed6a01ffae)
ticket: 7540 (new)
version_fixed: 1.10.4
status: resolved
|
|
As the file ccache implementation currently stands, we don't want to
turn off TC_OPENCLOSE on a file cache we're writing to, or it will be
opened read-only and stores to it will fail. Reported by Russ
Allbery.
(cherry picked from commit 0ae663d35b7dcbf2c469ad0688a67f4d1c0e425e)
ticket: 7538 (new)
version_fixed: 1.10.4
status: resolved
|
|
Use krb5int_copy_data_contents_add0 when copying a pa-pw-salt or
pa-afs3-salt value in pa_salt(). If it's an afs3-salt, we're going to
throw away the length and use strcspn in krb5int_des_string_to_key,
which isn't safe if the value is unterminated.
(cherry picked from commit f566fee75f2455d6e5e7ee4fcdf5a0d327808639)
ticket: 7537 (new)
version_fixed: 1.10.4
status: resolved
|
|
A host referral to the same realm we just looked up the principal in
is useless at best and confusing to the client at worst. Don't
respond with one in the KDC.
(back ported from commit ee0d5eac353a13a194759b72cb44203fda1bf0fa)
ticket: 7536 (new)
version_fixed: 1.10.4
status: resolved
|
|
Don't check for an agility KDF identifier in the non-draft9 reply
structure when we're building a draft9 reply, because it'll be NULL.
The KDC plugin for PKINIT can dereference a null pointer when handling
a draft9 request, leading to a crash of the KDC process. An attacker
would need to have a valid PKINIT certificate, or an unauthenticated
attacker could execute the attack if anonymous PKINIT is enabled.
CVSSv2 vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:P/RL:O/RC:C
[tlyu@mit.edu: reformat comment and edit log message]
(back ported from commit cd5ff932c9d1439c961b0cf9ccff979356686aff)
ticket: 7527 (new)
version_fixed: 1.10.4
status: resolved
|
|
In get_in_tkt.c, a time offset is computed between the KDC's auth_time
and the current system time after the reply is decrypted. Time may
have elapsed between these events because of a gak_fct invocation
which blocks on user input. The resulting spurious time offset can
cause subsequent TGS-REQs to fail and can also cause the end time of
the next AS request to be in the past (issue #889) in cases where the
old ccache is opened to find the default principal.
Use the system time, without offset, for the request time of an AS
request, for more predictable kinit behavior. Use this request time,
rather than the current time, when computing the clock skew after the
reply is decrypted.
(cherry picked from commit 37b0e55e21926c7875b7176e24e13005920915a6)
ticket: 7528 (new)
version_fixed: 1.10.4
status: resolved
|
|
|
|
|
|
Release builds, not beta. Update reltag/reltail where
appropriate, and bump the buildlevel.
|
|
|
|
Bump versions where appropriate, and drop buildlevel back to zero
for the new version.
While here, remove KRB5_RELTAG and KRB5_RELDATE from
src/windows/kerberos.ver as they are unused and merely serve
to cause confusion with the values in src/patchlevel.h.
[tlyu@mit.edu: update patchlevel.h too]
|
|
We omit the patchlevel if it is zero, but the check whether
the patchlevel was zero was checking the wrong variable, and thus
always succeeding.
(cherry picked from commit de80646215b623b1ce16fe8a2c2db85bba531532)
ticket: 7481
status: resolved
|
|
Improve accessibility by actually enabling access keys for ribbon
elements (tap alt and follow the onscreen hints for keys to press),
instead of just underlining a letter in the name of each element.
Supply an underlined letter in the text of each element, corresponding
to this access key, even if there is not a shortcut key bound to that
element. While here, fix conflicting assignment to 'R' on the 'options'
tab (between "Renewable Until" and "Automatic Ticket Renewal") by
making "Automatic Ticket Renewal" use 'T'. Microsoft's UI recommendations
seem to say that access keys should be easy to locate when searching
through the menu, and thus using the first letter of the first or
second word is advisable.
The Ribbon XML Reference seems to indicate that these elements should
be "keytip" elements, but MSVS creates "keys" elements, which seem
to work, whereas "keytip" does not. Apparently 'F' is standard for
the application button menu (which contains exit). Access keys work
somewhat poorly for us in this menu, as they appear on top of the text
of the menu items, since we have no icons here.
(cherry picked from commit eacf40bdc52ae3c43dad58429086c39a8ce4d395)
ticket: 7441
status: resolved
|
|
A big pile of XML on one line is not very readable.
Use 'xmllint --format' to make things more sane.
(cherry picked from commit 1e362883dddc36bfb63b253e66485bbd8a1a50f7)
ticket: 7478
status: resolved
|
|
The AboutBox dialog as specified in the resource file is larger than
the one we display; the dialog init routine marks several things as
non-visible, moves the 'OK' button up to where the now-invisible items
were, and shrinks the dialog's bounding rectangle.
However, the edit boxes containing copyright and version information
seem to always present as being on top of the 'OK' button, and their
background causes the button to appear almost invisible with the current
repositioning.
To keep the 'OK' button visible, reduce the amount that it is moved
(and the amount the dialog is shrunk) so that the button does not overlap
with the edit box.
(cherry picked from commit ceb486df4301608d5b2462011fed6534e60721bd)
ticket: 7443
status: resolved
|
|
|
|
Remove the potentially misleading "experimental" annotation on the
description of the Camellia encryption feature.
ticket: 7438 (new)
version_fixed: 1.10.4
status: resolved
|
|
Changes in r25660 inadvertently failed to insert TGS-REPs into the
lookaside cache. Call finish_dispatch_cache() at the end of
dispatch() to handle this case.
(cherry picked from commit 22206a061dfe55db5cbe2c70190b3bd923d9e615)
ticket: 7388
version_fixed: 1.10.4
status: resolved
|
|
|