Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
|
|
In gss_krb5int_unseal_token_v3() and gss_krb5int_unseal_v3_iov(),
verify the Extra Count field of CFX wrap tokens against the encrypted
header. Reported by Jacob Champion.
In gss_krb5int_unseal_token_v3(), check for a decrypted plaintext
length too short to contain the encrypted header and extra count
bytes. Reported by Jacob Champion.
In kg_unseal_iov_token(), separately track the header IOV length and
complete token length when parsing the token's ASN.1 wrapper. This
fix contains modified versions of functions from k5-der.h and
util_token.c; this duplication will be cleaned up in a future commit.
CVE-2024-37370:
In MIT krb5 release 1.3 and later, an attacker can modify the
plaintext Extra Count field of a confidential GSS krb5 wrap token,
causing the unwrapped token to appear truncated to the application.
CVE-2024-37371:
In MIT krb5 release 1.3 and later, an attacker can cause invalid
memory reads by sending message tokens with invalid length fields.
(cherry picked from commit b0a2f8a5365f2eec3e27d78907de9f9d2c80505a)
ticket: 9128
version_fixed: 1.21.3
|
|
Commit 10eb93809b1af06e2b1147aee2e3e50058ba1bbd introduced a
formatting error in the SRV record descriptions. Fix it now.
[ghudson@mit.edu: wrote commit message]
(cherry picked from commit c5772bc916f8818070f9d78a2999bd5dfa0a68d5)
ticket: 9125
version_fixed: 1.21.3
|
|
If the KDC tries to encode a principal containing encode invalid UTF-8
sequences for inclusion in a PAC delegation info buffer, it will leak
a small amount of memory in enc_wchar_pointer() before failing. Fix
the leak.
(cherry picked from commit 7d0d85bf99caf60c0afd4dcf91b0c4c683b983fe)
ticket: 9115
version_fixed: 1.21.3
|
|
In get_primary_name(), use the proper function to free conn.
[ghudson@mit.edu: wrote commit message]
(cherry picked from commit 52fe67623b7205d91ceac855651e8c17f56b10c8)
ticket: 9109
version_fixed: 1.21.3
|
|
The PKCS7 ContentInfo content field and EncryptedContentInfo
encryptedContent field are optional. Check for null values in
cms_envelopeddata_verify() before calling pkcs7_decrypt(). Reported
by Bahaa Naamneh.
(cherry picked from commit 48ccd81656381522d1f9ccb8705c13f0266a46ab)
ticket: 9107
version_fixed: 1.21.3
|
|
Doxygen 1.9.7 avoids duplicating member definitions in the XML
documents for groups and header files (doxygen/doxygen#9797). This
change breaks the current Doxygen-REST bridge, which expects to find
memberdef elements in krb5_8hin.xml. To work around this problem,
remove the @group and @ref declarations in krb5.hin; they were not
translated into REST as it was.
Also remove a deprecated setting in Doxyfile.
(cherry picked from commit 6ed1f8e27eb624710c4aa152d8dee4cf2e528082)
ticket: 9104
version_fixed: 1.21.3
|
|
krb5_cccol_have_content() calls krb5_cc_get_principal() within a loop,
and frees the resulting principal on success or failure. Set princ to
null before each call to ensure we don't free a dangling pointer.
[ghudson@mit.edu: rewrote commit message; moved assignment for greater
clarity]
(cherry picked from commit 635c8cca65b745476d07c1f5ff701445db25c10d)
ticket: 9103
version_fixed: 1.21.3
|
|
Commit 9139a60c94c24e41109574e84e7cda9c2dc3fb38 added an unconditional
include of getopt.h, which is non-portable (it isn't present on HP-UX)
and unecessary for getopt(). The same commit also disabled the
include of unistd.h (which is necessary for getopt()), as sim_client
no longer indirectly includes autoconf. Make the unistd.h include
unconditional and remove the getopt.h include.
[ghudson@mit.edu: edited commit message]
(cherry picked from commit a6abaaf54925a4b63aff8c81da1a0af3a7c03466)
ticket: 9102
version_fixed: 1.21.3
|
|
|
|
|
|
|
|
|
|
|
|
When issuing a ticket for a TGS renew or validate request, copy only
the server field from the outer part of the header ticket to the new
ticket. Copying the whole structure causes the enc_part pointer to be
aliased to the header ticket until krb5_encrypt_tkt_part() is called,
resulting in a double-free if handle_authdata() fails.
[ghudson@mit.edu: changed the fix to avoid aliasing enc_part rather
than check for aliasing before freeing; rewrote commit message]
CVE-2023-39975:
In MIT krb5 release 1.21, an authenticated attacker can cause a KDC to
free the same pointer twice if it can induce a failure in
authorization data handling.
(cherry picked from commit 88a1701b423c13991a8064feeb26952d3641d840)
ticket: 9101
version_fixed: 1.21.2
|
|
|
|
|
|
In _xdr_kadm5_principal_ent_rec(), ensure that n_key_data matches the
key_data array count when decoding. Otherwise when the structure is
later freed, xdr_array() could iterate over the wrong number of
elements, either leaking some memory or freeing uninitialized
pointers. Reported by Robert Morris.
CVE-2023-36054:
An authenticated attacker can cause a kadmind process to crash by
freeing uninitialized pointers. Remote code execution is unlikely.
An attacker with control of a kadmin server can cause a kadmin client
to crash by freeing uninitialized pointers.
(cherry picked from commit ef08b09c9459551aabbe7924fb176f1583053cdd)
ticket: 9099
version_fixed: 1.21.1
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
In the certauth pluggable interface, add an extended init method which
receives the realm list.
ticket: 9090 (new)
|
|
Recognize the Red Hat passkey preauth mechanism in trace messages, and
add a declaration for it in krb5.h.
[ghudson@mit.edu: edited comment and commit message]
ticket: 9093 (new)
|
|
The Oracle database wire protocol contains a cipher reinitialization
operation using the ticket session key. Add a query operation
(similar to GSS_C_INQ_SSPI_SESSION_KEY) to retrieve the ticket session
key rather than the subkey.
ticket: 9091 (new)
|
|
Fixes a warning from autoconf 2.70 that $as_echo is obsolete.
|
|
The ubuntu-18.04 image no longer works on Github Actions. Run most
jobs on ubuntu-latest instead.
libresolv-wrapper does not work on ubuntu-22.04 at this time
(Launchpad bug #2015570), so don't install it for now. The URI
discovery tests will be skipped until this is rectified.
For the doc build, move doc-newest-sphix to ubuntu-latest; the Ubuntu
version doesn't matter much for this build as it downloads sphinx from
pypi.org. Move the doc-older-sphinx to ubuntu-22.04 (currently the
same as ubuntu-latest), skipping ubuntu-20.04 as its version of
doxygen (1.18.17) doesn't correctly the type declaration for
krb5_const_principal.
|
|
|
|
In __delpair(), the assignment to next_key is not used unless DEBUG is
defined, and the debugging assert can never fail--next_realkey() will
always return n + 1 as we just checked KEY_OFF(pagep, n + 1). Remove
the variable, the assert, and the otherwise unused next_realkey()
function. This change eliminates a warning issued by clang 14.
|
|
clang 14 issues a warning for having the next line at the same
indentation level as the if body.
|
|
binutils 2.37 makes --with-symbol-versions the default for nm. In
export-check.pl, remove the default symbol versions in the nm output
if they are present.
ticket: 9092 (new)
|
|
The KDC uses the first local TGT key for the privsvr and full PAC
checksums. If this key is of an aes-sha2 enctype in a cross-realm
TGT, a Microsoft KDC in the target realm may reject the ticket because
it has an unexpectedly large privsvr checksum buffer. This behavior
is unnecessarily picky as the target realm KDC cannot and does not
need to very the privsvr checksum, but [MS-PAC] 2.8.2 does limit the
checksum key to three specific enctypes.
As a workaround, add a string attribute which can force the privsvr
key to use a specified enctype using key derivation when issuing
tickets to that principal. This attribute can be set on cross-realm
TGT entries when the target realm uses Active Directory and the local
TGT uses an aes-sha2 primary key.
ticket: 9089 (new)
|
|
In get_negTokenInit(), reject a zero-length mechTypes field before
copying it into *der_mechSet, to prevent allocating a zero-length GSS
buffer.
|
|
Use dynamic k5buf structures to replace the two uses of the TWRITE_
macros, and replace the uses of TREAD_ macros with the equivalent
pointer assignments.
|
|
Remove the DER implementations in lib/gssapi and use k5-der.h instead.
|
|
|
|
Remove the invariant that buf.data is always zero-terminated, to allow
marshalling of binary data into precisely allocated fixed regions.
Add k5_buf_cstring() to zero-terminate the buffer and retrieve the
data pointer. Adjust all callers that build C strings appropriately.
Add a k5_buf_add_byte() convenience wrapper alongside the integer
marshalling wrappers. Change k5_buf_init_fixed() to accept a void
pointer so it can more conveniently be used with uint8_t arrays.
|
|
|
|
ticket: 9088 (new)
|
|
Put the version and buffers directly in krb5_pac_data to avoid using a
variable-length array. Use k5input for krb5_pac_parse(). Adjust some
names and comments.
|
|
|
|
In krb5_dbe_def_encrypt_key_data(), when we free
key_data->key_data_contents[0], reset it to null so the caller doesn't
free it as well.
Since commit a06945b4ec267e8b80e5e8c95edd89930ff12103 this bug
manifests as a double-free during KDB creation if master key
encryption fails.
[ghudson@mit.edu: edited commit message]
ticket: 9086 (new)
tags: pullup
target_version: 1.20-next
|
|
In sim_client.c, remove the calls to krb5_gen_portaddr() and
krb5_gen_replay_name() as they don't do anything after commit
dcb853ac32779b173f39e19c0f24b0087de85771. Remove them, and include
krb5.h plus appropriate system headers rather than k5-int.h.
Also use a subkey when negotiating the auth context. Kerberos
application protocols should generally use subkeys to prevent
cross-connection replay attacks.
|
|
Commit d3356bc42191c1896ab06835a2fb245e00471420 (ticket 8927)
incorrectly tagged tMERIDIAN as <Number>. So while the lexer assigns
meridian values to the Meridian union field, the parser erroneously
reads them from the Number field. On 64-bit IBM zSystems (s390x),
this can result in using the most recently read number as a meridian
value, leading to an abort in ToSeconds().
Fix the tMERIDIAN token type to be <Meridian>.
[ghudson@mit.edu: edited commit message]
ticket: 9087 (new)
tags: pullup
target_version: 1.20-next
|