Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
After the KDC decodes a FAST inner body, it does not check for a null
server. Prior to commit 39548a5b17bbda9eeb63625a201cfd19b9de1c5b this
would typically result in an error from krb5_unparse_name(), but with
the addition of get_local_tgt() it results in a null dereference. Add
a null check.
Reported by Joseph Sutton of Catalyst.
CVE-2021-37750:
In MIT krb5 releases 1.14 and later, an authenticated attacker can
cause a null dereference in the KDC by sending a FAST TGS request with
no server field.
(cherry picked from commit d775c95af7606a51bf79547a94fa52ddd1cb7f49)
ticket: 9008
version_fixed: 1.18.5
|
|
|
|
|
|
|
|
Commit 1cd2821c19b2b95e39d5fc2f451a035585a40fa5 altered the memory
management of krb5_gss_inquire_cred(), introducing defcred to act as
an owner pointer when the function must acquire a default credential.
The commit neglected to update the code to release the default cred
along the successful path. The old code does not trigger because
cred_handle is now reassigned, so the default credential is leaked.
Reported by Pavel Březina.
(a minimal alternative to commit 593e16448e1af23eef74689afe06a7bcc86e79c7)
ticket: 9016
version_fixed: 1.18.4
|
|
Since elements of the queue can be removed on out-of-memory errors,
the correct call is K5_TAILQ_FOREACH_SAFE, not K5_TAILQ_FOREACH.
Reported by Coverity.
(cherry picked from commit 8c88defb16b34937d5b72b4832c854ce2dbe32d1)
ticket: 9015
version_fixed: 1.18.4
|
|
Without locking, the principal pointer could be freed out from under
krb5_copy_principal() by another thread calling krb5_cc_initialize()
or krb5_cc_destroy().
(cherry picked from commit 1848447291c68e21311f441b0458ae53471d00d3)
ticket: 9014
version_fixed: 1.18.4
|
|
The function ec_verify() in src/kdc/kdc_preauth_ec.c contains a check
to avoid further processing if the armor key is NULL. However, this
check is bypassed by a call to k5memdup0() which overwrites retval
with 0 if the allocation succeeds. If the armor key is NULL, a call
to krb5_c_fx_cf2_simple() will then dereference it, resulting in a
crash. Add a check before the k5memdup0() call to avoid overwriting
retval.
CVE-2021-36222:
In MIT krb5 releases 1.16 and later, an unauthenticated attacker can
cause a null dereference in the KDC by sending a request containing a
PA-ENCRYPTED-CHALLENGE padata element without using FAST.
[ghudson@mit.edu: trimmed patch; added test case; edited commit
message]
(cherry picked from commit fc98f520caefff2e5ee9a0026fdf5109944b3562)
ticket: 9007
version_fixed: 1.18.4
|
|
Fix three Windows-specific argument type errors, including a crash bug
in the default replay cache type. Change the compiler flags to treat
several argument type warnings as errors.
The replay cache bug was reported by Thomas Wagner.
(cherry picked from commit 65b21aee6ab5e7d0851302b98647261c15c71c96)
ticket: 9005
version_fixed: 1.18.4
|
|
Set localstatedir and runstatedir in config/pre.in so that the default
runstatedir value of ${localstatedir}/run works. Reported by Mike
Jetzer.
(cherry picked from commit fd005a1967510004c9197f7da9f1d85ee81f4734)
ticket: 8975
version_fixed: 1.18.4
|
|
|
|
|
|
|
|
Mainline autoconf generates no shell code for AC_CONFIG_AUX_DIR().
Call it unconditionally to avoid a syntax error.
[ghudson@mit.edu: rewrote commit message]
(cherry picked from commit f78edbe30816f049e1360cb6e203fabfdf7b98df)
ticket: 8960
version_fixed: 1.18.3
|
|
The libkrb5 ASN.1 decoder supports BER indefinite lengths. It
computes the tag length using recursion; the lack of a recursion limit
allows an attacker to overrun the stack and cause the process to
crash. Reported by Demi Obenour.
CVE-2020-28196:
In MIT krb5 releases 1.11 and later, an unauthenticated attacker can
cause a denial of service for any client or server to which it can
send an ASN.1-encoded Kerberos message of sufficient length.
(cherry picked from commit 57415dda6cf04e73ffc3723be518eddfae599bfd)
ticket: 8959
version_fixed: 1.18.3
|
|
Attempting to renew the MSLSA cache can commonly fail with
KRB5_CC_NOTFOUND due to LSA policy. Do not display an error popup in
this case. Also fix a logic error in the existing suppressions.
(cherry picked from commit bfd407703a938573610af3f17aad4d5ebad615fd)
ticket: 8939
version_fixed: 1.18.3
|
|
CLeashView::RenewTicket() falls back to an ImportTicket or InitTicket
operation if ticket renewal fails. A 2004 commit (from the old
pismere repository) added code to heuristically determine whether
Leash's cache was imported by comparing the MSLSA cache principal name
to ticketinfo.Krb5.principal. Commit
9bc411e72fce5bed3ed00ae5b09f8c239309bae0 broke this code by removing
the call to initialize ticketinfo.Krb5 and by making
ticketinfo.Krb5.principal ephemeral. The strcmp() call now crashes
the process with a null dereference.
Fix the crash by removing the heuristic detection of imported tickets,
using the current value of m_importedTickets (which should be correct
unless Leash was restarted after the tickets were obtained) to decide
whether to import or initialize tickets.
(cherry picked from commit 7fc4cdae79d0689afed32f9bcfeb28f410a9d79c)
ticket: 8938
version_fixed: 1.18.3
|
|
In kdb5_ldap_util, set lockdown_keys on the special principals when
creating an LDAP KDB, as we do in kdb5_util when creating a regular
KDB.
(cherry picked from commit 6cdf7d82e74f21fb8a37efe6b1bba45744f891ba)
ticket: 8936
version_fixed: 1.18.3
|
|
In get_mech_set(), check the length before reading the first byte, and
decrease the length by the tag byte when reading and verifying the
sequence length.
In get_req_flags(), check the length before reading the first byte,
and check the context tag length after decoding it.
(cherry picked from commit 64f4b75a22212681ca293f8f09ddd24b0244d5b4)
ticket: 8933
version_fixed: 1.18.3
|
|
Windows Remote Management, when used with an RC4 session key, appears
to generate GSS wrap tokens with no padding instead of the expected
one byte (RFC 4757 section 7.3). These tokens cannot be decoded with
gss_unwrap() or a STREAM buffer (even with Microsoft SSPI), but SSPI
allows them to be decoded using explicit IOVs with either a
zero-length padding buffer or no padding buffer. Allow these cases to
work in kg_fixup_padding_iov(). (It is already possible to make this
work with HEADER | DATA | DATA, but only by
accident--kg_fixup_padding_iov() doesn't find a data buffer because
kg_locate_iov() only looks for singleton buffers, so it exits early.)
(cherry picked from commit 3f204ddd567715ef360b4bb0b32961b6a9877f9d)
ticket: 8926
version_fixed: 1.18.3
|
|
In krb5kdc and kadmind, reinitialize the DB state after daemonizing,
to prevent using an LMDB environment in a different process than it
was created. Otherwise the daemon's reader table slot appears to be
stale and can be claimed by another process.
In kadmind, this change means that global_server_handle changes value
after the loop setup. Add an extra level of pointer indirection so
that the handle passed to the loop remains valid.
kdb_init_hist() is now called twice by kadmind. Change it to avoid
leaking hist_princ on the second invocation.
(cherry picked from commit 38b98a14433b8858a3ca5979a0afa194df0df1e9)
ticket: 8918
version_fixed: 1.18.3
|
|
When loading a principal entry in process_k5beta7_princ(), set the
KADM5_PW_EXPIRATION mask bit so that the password expiration time is
set on the principal entry. Add a regression test.
Reported (with fix) by Glenn Machin.
(cherry picked from commit 778d3fd9de50ab0c87cf0031e1dd24a8ec4bd552)
ticket: 8882
version_fixed: 1.18.3
|
|
Commit d160bc733a3dbeb6d84f4e175234ff18738d9f66 (ticket 7045) added a
new thread key K5_KEY_GSS_SPNEGO_STATUS and registered it in SPNEGO
library initialization, but neglected to unregister it in
finalization. As a result, loading, unloading, and reloading
libgssapi_krb5 could throw an assertion failure if libkrb5support
remained loaded. Unregister the key in SPNEGO finalization and add a
test case.
Reported and investigated by Adam Dabrowski.
(cherry picked from commit 07ff54d0bb85109df114612bbbfa6559f4a1e0cb)
ticket: 8614
tags: pullup
target_version: 1.18-next
target_version: 1.17-next
|
|
Add missing kvno options to the kvno.rst synopsis and option
descriptions, and to the kvno usage message. Remove mention of '-h'
(help text), from kvno.rst as it is an implicit option.
Indicate the two exclusions (-u/-S and --u2u with the S4U2Self options)
and dependency (-P on S4U2Self) where they are missing.
Switch xusage() to print only a single localized string, rather than
running each line of output through localization separately.
Leave kvno -C undocumented for now, as the semantics of
KRB5_GC_CANONICALIZE are minimally useful and likely to change.
[ghudson@mit.edu: edited documentation and commit message]
(cherry picked from commit becd1ad6830b526d08ddaf5b2b6f213154c6446c)
ticket: 7476
tags: pullup
target_version: 1.18-next
|
|
|
|
|
|
Commit c2ca2f26eaf817a6a7ed42257c380437ab802bd9 (ticket 8851)
accidentally changed the SPNEGO acceptor code to filter mechanisms by
the obtainability of initiator credentials rather than acceptor
credentials, when the default acceptor credential is used.
(cherry picked from commit e25918cb9efd7361aa78d2d96cd097dd34fdf35d)
ticket: 8908
version_fixed: 1.18.2
|
|
Commit 570967e11bd5ea60a82fc8157ad7d07602402ebb took a shortcut in
get_local_tgt() by using the first key data entry in the TGT principal
entry. This is usually correct, but if the first key data entry has
an invalid enctype (such as a single-DES enctype), we can select a key
we can't use. Call krb5_dbe_find_enctype() instead. Reported by
Leonard Peirce.
(cherry picked from commit d7ed635e822e13b89fef93463d1d132b1e03b78f)
ticket: 8906
version_fixed: 1.18.2
|
|
Commit dcb853ac32779b173f39e19c0f24b0087de85771 removed some replay
cache functions that haven't been considered part of the libkrb5 API.
Some of these functions were used in OpenSSL (despite the lack of
prototypes) prior to the OpenSSL 1.1 release. Run-time linker errors
can occur if an OpenSSL 1.0.x (or earlier) libssl is used with a 1.18
libkrb5, even though the Kerberos code would likely never be used.
Add stubs for the four functions historically used in OpenSSL.
(cherry picked from commit 58109348cfa70c44b2b36233c18f9bb02a94cf26)
ticket: 8905
version_fixed: 1.18.2
|
|
Commit 24b844714dea3e47b17511746b5df5b6ddf13d43 (ticket 8845) added
releases of sc->internal_name and sc->deleg_cred before calling the
underlying mech's gss_accept_sec_context(), to avoid a potential leak
if the mech reports a value multiple times. Commit
c2ca2f26eaf817a6a7ed42257c380437ab802bd9 (ticket 8851) added a branch
which calls negoex_accept() instead of calling directly into the
underlying mech. If negoex_accept() doesn't call into the mech on the
last acceptor leg, the src_name and deleg_cred values from the final
mech call are lost.
Move the releases to the non-NegoEx branch. negoex_accept() already
does its own releases when it calls into the mech.
Reported by Luke Howard.
(cherry picked from commit b2fe66fed560ae28917a4acae6f6c0f020156353)
ticket: 8898
version_fixed: 1.18.2
|
|
|
|
|
|
|
|
|
|
(cherry picked from commit 74550f3deabb268a00b43fe0ac7debde0e108938)
ticket: 8896
version_fixed: 1.18.1
|
|
Commit d439e370b70f7af4ed2da9c692a3be7dcf7b4ac6 (ticket 8800) caused
ksu to ignore KRB5CCNAME from the environment. ksu uses euid
switching to access the source cache, and should honor KRB5CCNAME to
find the ccache to potentially authorize the su operation.
Add a helper function init_ksu_context() to create the ksu context,
with explicit code to honor KRB5CCNAME using
krb5_cc_set_default_name().
(cherry picked from commit 8b1fff99f59f779bf7f7261f17b835576e20d35d)
ticket: 8895
version_fixed: 1.18.1
|
|
Always use six digits with leading 0s to format the microseconds in
trace log timestamps; otherwise a small value appears as too large of
a fraction of a second.
(cherry picked from commit 734bf341da54e09add9160e65ea7308072b97f13)
ticket: 8894
version_fixed: 1.18.1
|
|
Correct documentation spelling errors detected using codespell.
Reported by Jens Schleusener.
(cherry picked from commit 022f2cbc7f5abc9fbefa0d68b6025216c1b59353)
ticket: 8891
version_fixed: 1.18.1
|
|
Use the int128_t and uint128_t types defined by edwards25519.c, rather
than [un]signed __int128 which does not compile with gcc 4.4.
Reported by Norm Green.
(cherry picked from commit dd5d6e5e39be6cf7fe9d54a79e824f8cb7301177)
ticket: 8888
version_fixed: 1.18.1
|
|
(cherry picked from commit 366c64897d55c86cdc616d2d1cf4617ff8a07a99)
ticket: 8886
version_fixed: 1.18.1
|
|
MS-SFU errata from 2019/12/09 indicates that legacy constrained
delegation should be prefered over resource-based constrained
delegation, which results slight diferences.
Also clarify that in the get_authdata_info KDB method, the PAC must be
verified and checked for user sensitivity for S4U2Proxy. Document
that the client name should only be provided in the cross-realm
S4U2Proxy case.
[ghudson@mit.edu: clarified comments and commit message]
(cherry picked from commit cf6b710518bd6da8c491ee4020a9ad8ded321d66)
ticket: 8884
version_fixed: 1.18.1
|
|
Fix the dnsglue.c PRIMARY_DOMAIN macro not to call strdup() with a
null pointer if no DNS search path is configured.
(cherry picked from commit cd82bf377e7fad2409c76bf8b241920692f34fda)
ticket: 8881
version_fixed: 1.18.1
|
|
Commit cbdbc8d00d31344fafe00e0fdf984e04e631f7c4 checked for
__GLIBC__PREREQ instead of __GLIBC_PREREQ, thus accidentally reverting
the workaround introduced in commit
bf5953c549a6d279977df69ffe89b2ba51460eaf. Fix the typo.
(cherry picked from commit b009cca2026b615ef5386faa4c0230bc27c4161d)
ticket: 8880
version_fixed: 1.18.1
|
|
Commit bf5953c549a6d279977df69ffe89b2ba51460eaf caused a build failure
on non-glibc Linux build environments. Change the conditionalization
so that __GLIBC_PREREQ will only be used if it is defined.
[ghudson@mit.edu: simplified conditionals; rewrote commit message]
(cherry picked from commit cbdbc8d00d31344fafe00e0fdf984e04e631f7c4)
ticket: 8880
version_fixed: 1.18.1
|
|
In update_ldap_mod_auth_ind(), if there is no string attribute value
for require_auth, check for krbPrincipalAuthInd attributes that might
need to be removed. (This will only work if the entry is loaded and
then modified, but that is the normal case for an existing entry.)
Move the update_ldap_mod_auth_ind() call inside the tl-data
conditional (which should perhaps be a check for KADM5_TL_DATA in the
mask instead). A modification which did not intend to update tl-data
should not remove the krbPrincipalAuthInd attributes.
Change get_int_from_tl_data() to to zero its output so that it can't
leave a garbage value behind if it returns 0 (as it does if no
KDB_TL_USER_INFO tl-data is present).
Based on a patch by Glenn Machin.
(cherry picked from commit 6d9da7bb216f96cbdd731aa894714bd84213a9d0)
ticket: 8877
version_fixed: 1.18.1
|