aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2009-12-06Make the libk5crypto hash_provider interface take crypto_iov listsGreg Hudson29-490/+297
instead of lists of krb5_data. Make the base HMAC APIs take crypto_iov lists and drop the _iov variants. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23450 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-06In the built-in des3 provider, remove the unused version ofGreg Hudson1-29/+3
validate_and_schedule, and drop the _iov suffix from the one we do use. (Cleanup from r23444.) git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23449 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-05Make the alloc_data and k5alloc convenience functions work if theGreg Hudson1-3/+5
caller requests zero bytes, by allocating one byte instead. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23448 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-05Remove tests for sched.h, kdb_db.h, kdc.c. None of these are used in the treeEzra Peisach1-1/+1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23447 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-04Remove some code paths in crypto-length which are dead now that theGreg Hudson1-11/+2
internal interface can't return an error. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23446 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-04Remove CRC32_SHIFT4 code as we are unlikely to ever need itGreg Hudson3-47/+0
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23445 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-04Consolidate the IOV and non-IOV encryption/decryption code paths, andGreg Hudson82-4037/+1092
drop the _iov suffix from most encryption- and decryption-related functions. The enc_provider encrypt and decrypt functions take IOVs, as do the enctype entries in etypes.c, and there are no separate encrypt_iov or decrypt_iov functions. aead_provider is gone. Enctype functions now take pointers to the enctype entry instead of pointers to the enc/hash/aead providers; this allows dk_encrypt and dk_decrypt to be polymorphic in the length function they use now that AES and DES3 can't differentiate by aead provider. aes_string_to_key needed to be moved into the krb/ fold for this since it's an enctype function; it was duplicated between builtin/ and openssl/ before. This leaves openssl/aes empty; the build system currently demands that all modules have the same directory structure, so the directory and Makefile will stick around for now. Three separate copies of the derive_random logic are also now consolidated into one. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23444 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-03Revert r23442. Revert r23436 changes unrelated to comment reformattingTom Yu2-12/+141
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23443 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-03Update export list to reflect changes in r23436Tom Yu1-2/+0
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23442 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-03Reformat new commentsKen Raeburn2-28/+40
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23441 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-03fix slow behavior on Mac OS X with link-local addressesKen Raeburn2-20/+96
When using my previous patch, if a local hostname like "foobar.local" is looked up, you may get back a link-local IPv6 address. However, the KDC seems to be unable to respond from that address, resulting in a ~1s delay for each KDC exchange while waiting for the client to fail over to another address (in my case, another IPv6 address). Create a new object for holding whatever auxiliary information might be needed to properly transmit the response to the client. Currently, that only means the interface index number under IPv6. Fill it in on receipt, always; copy it back to the pktinfo structure when transmitting, ONLY if the local source address is link-local. If an error occurs while transmitting the reply, print both the remote destination address and the local source address. Use getnameinfo instead of inet_ntop. Apply the same changes to kadmind, to keep the versions of network.c more or less in sync. ticket: 6591 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23440 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-03allow testing even if name->addr->name mapping doesn't workKen Raeburn3-13/+25
Many of the tests are set up to fail if the local hostname can't be mapped to an address and back to a name again. If the name results in an address, and we can get a fully-qualified name or something that looks like it, though, we should be able to just go ahead and run some tests. This is also closer to the current behavior of sname_to_principal when reverse DNS is enabled. ticket: 6590 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23439 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-03Sense of POINTERS_ARE_ALL_THE_SAME test was backwardsKen Raeburn1-3/+3
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23438 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-03Temporarily define UINT16_TYPE and UINT32_TYPE so the load/storeKen Raeburn1-24/+15
functions don't need excessive conditionals internally. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23437 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-02Reformat new block comment per coding styleGreg Hudson1-152/+26
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23436 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-02Actually record dependencies of crypto testsKen Raeburn1-1/+152
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23435 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-02Check ALL_DEP_SRCS, not SRCS, to decide what to put into the deps fileKen Raeburn1-1/+1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23434 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-02update dependenciesKen Raeburn4-18/+32
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23433 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-02Perform the AES-CBC XOR operations 4 bytes at a time, using the helperKen Raeburn1-2/+18
functions for loading and storing potentially-unaligned values. Improves bulk AES encryption performance by 2% or so on 32-bit x86 with gcc 4. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23432 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-02Add store_{16,32,64}_n functions, for potentially-unaligned, native-order valuesKen Raeburn1-0/+29
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23431 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-02Speed up the per-block loops of AES, DES3, and DES IOV encryption byGreg Hudson5-197/+160
avoiding function calls and copies in the case where the next block is wholly contained within the current buffer. To do this, introduce two new inline functions in aead.h called iov_next_block and iov_store_block. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23430 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-02Remove t_kperf on make cleanGreg Hudson1-1/+1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23429 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-02Clean up the AES enc_provider code a bit. Chiefly, work with unsignedGreg Hudson1-80/+64
char blocks, casting input->data and output->data once each upon entry to the non-IOV encrypt and decrypt functions, rather than casting our working buffers each time we need to work with an outside function. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23428 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-02In t_kperf, generate a valid ciphertext when testing decryptionGreg Hudson1-0/+8
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23427 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-02Fix an incorrect length in the new krb5int_c_decrypt_aead_compatGreg Hudson1-1/+1
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23426 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-02Fixed the conflicting type "static krb5_error_code KRB5_CALLCONV" of ↵Zhanna Tsitkov1-30/+42
krb5_change_set_password and some reindentation/reformating git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23425 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-01Reindent and removed krb5_ prefix from static func nameZhanna Tsitkov1-67/+67
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23398 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-01Fix AES IOV decryption of small messagesGreg Hudson1-13/+8
AES messages never need to be padded because the confounder ensures that the plaintext is at least one block long. Remove a check in krb5int_dk_decrypt_iov which was rejecting short AES messages because it didn't count the header length. ticket: 6589 tags: pullup target_version: 1.7.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23397 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-01Make krb5int_c_decrypt_aead_compat more efficient by building theGreg Hudson1-23/+41
buffers explicitly rather than using stream decryption. Sidesteps some machinery and avoids copying the output. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23396 dc483132-0cff-0310-8789-dd5450dbe970
2009-12-01Fix the usage fallback in krb5int_arcfour_decrypt_iov. Factor out IOVGreg Hudson1-25/+29
encryption with a keyblock since this makes four uses of it in one file. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23395 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-30Mark and reindent tests, with some exclusionsTom Yu33-3608/+3644
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23394 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-30ReindentZhanna Tsitkov3-74/+55
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23393 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-30Mark and reindent util/supportTom Yu19-1249/+1274
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23392 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-30Remove some stray tabsGreg Hudson1-4/+4
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23391 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-30Use aead_dk instead of aead_old for des-hmac-sha1, since it usesGreg Hudson1-1/+1
dk_encrypt. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23390 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-30Fix ivec chaining for DES iov encryptionGreg Hudson1-2/+5
krb5int_des_cbc_decrypt_iov was using a plaintext block to update the ivec. Fix it to use the last cipher block, borrowing from the corresponding des3 function. The impact of this bug is not serious since ivec chaining is not typically used with IOV encryption in 1.7. ticket: 6588 tags: pullup target_version: 1.7.1 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23389 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-30Add an AEAD provider for enctypes which use krb5_old_encrypt andGreg Hudson6-17/+245
krb5_old_decrypt; this makes every enctype have an AEAD provider. To make this work, expose make_unkeyed_checksum_iov to other files (under the name krb5int_hash_iov) and make krb5int_c_padding_length take into account the header length. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23388 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-30In the des enc_provider decrypt_iov function, count header blocks asGreg Hudson1-1/+1
well as data and padding blocks when checking for correctly padded input. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23387 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-30Make the crc32 hash provider correctly chain multiple input buffers,Greg Hudson5-12/+13
so that it returns the same result if you pass it one big buffer or many small buffers containing the same data. To do this, change the contract of mit_crc32 so that the cksum parameter is in-out. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23386 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-30Stream decryption is handled in krb5_k_decrypt_iov; remove someGreg Hudson2-12/+0
lingering checks in the dk and raw aead providers from before that was introduced. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23385 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-30Fix memory leakSam Hartman1-1/+2
ticket: 6585 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23384 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-30Terminate the loop in find_authdata_1 if we get an error in one of theGreg Hudson1-1/+1
iterations. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23382 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-29Remove the non-iov entry point introduced in r23378, since it's easyGreg Hudson6-70/+13
to use the iov entry point at both call sites. Rename the iov entry point to remove the "_iov" suffix since it's no longer needed to disambiguate. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23381 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-29Avoid using strncpy in the production of the arcfour salt because itGreg Hudson1-4/+3
produces a (spurious) Coverity defect. Fix a memory leak in krb5int_arcfour_encrypt. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23380 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-29Add do-while(0) around multi-statement macros in f_tables.h for moreGreg Hudson1-44/+48
consistent and elegant emacs auto-formatting. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23379 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-28Create functional internal interfaces to allow GSSAPI to performGreg Hudson8-147/+143
arcfour encryption of GSS tokens. This factors out derivation of the usage and encryption keys, and removes the need for the provider structures to be visible to all of krb5 via k5-int.h. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23378 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-28Clean up the arcfour token encryption and decryption functions byGreg Hudson3-404/+272
making use of newer convenience functions and by factoring out the derivation of the usage and encryption keys. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23377 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-28Add a convenience inline function in k5-int.h to initialize aGreg Hudson1-0/+13
krb5_data structure with allocated memory. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23376 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-28Mark and reindent lib/cryptoGreg Hudson173-7792/+7932
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23374 dc483132-0cff-0310-8789-dd5450dbe970
2009-11-27Add krb5_key versions of the auth context key accessors, and use themGreg Hudson4-29/+51
to simplify the gss-krb5 code a little bit. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23372 dc483132-0cff-0310-8789-dd5450dbe970
generated by cgit v1.1 at 2024-07-09 00:22:42 +0000