Nicolas Williams [Tue, 3 Jan 2023 02:50:24 +0000 (20:50 -0600)]
kdc: Quiet warning in FAST unwrap
I believe tgs_ac is not NULL at that location, but ac definitely isn't.
Nicolas Williams [Sat, 31 Dec 2022 06:51:16 +0000 (00:51 -0600)]
negoex: Quiet a static analyzer false positive
Nicolas Williams [Tue, 3 Jan 2023 02:38:24 +0000 (20:38 -0600)]
negoex: Fix use-after-free
Nicolas Williams [Tue, 3 Jan 2023 02:38:02 +0000 (20:38 -0600)]
spnego: Quiet warning in ret_spnego_context()
Nicolas Williams [Wed, 4 Jan 2023 02:48:28 +0000 (20:48 -0600)]
gsskrb5: Add missing error check in cred import
Nicolas Williams [Tue, 3 Jan 2023 02:36:26 +0000 (20:36 -0600)]
gsskrb5: Fix uninit var in acceptor
Nicolas Williams [Tue, 3 Jan 2023 02:34:13 +0000 (20:34 -0600)]
gsskrb5: Fix NULL deref in init_sec_context
Nicolas Williams [Wed, 4 Jan 2023 02:49:14 +0000 (20:49 -0600)]
gss: Fix leaks
Nicolas Williams [Fri, 30 Dec 2022 22:39:00 +0000 (16:39 -0600)]
kadm5: Fix clobbering of interruption code in kadm5_c_iter_principals()
Nicolas Williams [Sat, 31 Dec 2022 01:15:50 +0000 (19:15 -0600)]
kadm5: Export _kadm5 functions for fuzzing
Nicolas Williams [Wed, 4 Jan 2023 02:46:47 +0000 (20:46 -0600)]
hdb: Fix leak in virtual namespaced principals support
Nicolas Williams [Wed, 4 Jan 2023 02:44:30 +0000 (20:44 -0600)]
krb5: Always try mkdir in DIR: ccache (quiet [harmless] TOCTOU warning)
Nicolas Williams [Wed, 4 Jan 2023 02:45:45 +0000 (20:45 -0600)]
krb5: Fix return of pointer to local in krb5_sendauth() (never exercised)
We don't have a caller in-tree that exercises this path.
Nicolas Williams [Wed, 4 Jan 2023 02:45:15 +0000 (20:45 -0600)]
krb5: Fix leaks
Nicolas Williams [Tue, 3 Jan 2023 07:34:03 +0000 (01:34 -0600)]
krb5: Expand breadcrumb commentary in _krb5_get_host_realm_int()
Nicolas Williams [Tue, 3 Jan 2023 07:33:37 +0000 (01:33 -0600)]
krb5: Fix string read overrun (fix #1057)
Nicolas Williams [Sat, 31 Dec 2022 06:52:04 +0000 (00:52 -0600)]
krb5: Fix moduli open file leak
Nicolas Williams [Sat, 31 Dec 2022 06:51:46 +0000 (00:51 -0600)]
krb5: Fix FAST anon PKINIT leak
Nicolas Williams [Tue, 3 Jan 2023 02:31:48 +0000 (20:31 -0600)]
krb5: Quiet static analyzer warning in store.c
Nicolas Williams [Tue, 3 Jan 2023 02:31:20 +0000 (20:31 -0600)]
krb5: Fix ignored error in SCC: ccache
Nicolas Williams [Tue, 3 Jan 2023 02:30:38 +0000 (20:30 -0600)]
krb5: Quiet static analyzer warning in name canon rules
Nicolas Williams [Tue, 3 Jan 2023 02:30:16 +0000 (20:30 -0600)]
krb5: Quiet static analyzer warning in krbhst
Nicolas Williams [Tue, 3 Jan 2023 02:29:32 +0000 (20:29 -0600)]
krb5: Fix NULL deref in KCM: ccache
Nicolas Williams [Tue, 3 Jan 2023 02:29:05 +0000 (20:29 -0600)]
krb5: Fix krb5_copy_context() use-after-free copy-pasto
Nicolas Williams [Wed, 4 Jan 2023 02:41:45 +0000 (20:41 -0600)]
hx509: Fix harmless TOCTOU in load_crl()
Nicolas Williams [Wed, 4 Jan 2023 02:41:13 +0000 (20:41 -0600)]
hx509: Fix ENOMEM free of garbage encoding PKCS#10
Nicolas Williams [Wed, 4 Jan 2023 02:40:02 +0000 (20:40 -0600)]
hx509: Fix leak in templated certificates
Nicolas Williams [Wed, 4 Jan 2023 02:39:35 +0000 (20:39 -0600)]
hx509: Quiet static analyzer false positives
Nicolas Williams [Wed, 4 Jan 2023 02:43:15 +0000 (20:43 -0600)]
hcrypto: Fix integer undeflow in rsa-ltm.c
Nicolas Williams [Fri, 30 Dec 2022 22:38:55 +0000 (16:38 -0600)]
hcrypto: Fix warning in HMAC_Init_ex()
Nicolas Williams [Wed, 4 Jan 2023 02:38:00 +0000 (20:38 -0600)]
asn1: Fix ENOMEM leak in der_print_bit_string()
Nicolas Williams [Fri, 30 Dec 2022 22:38:38 +0000 (16:38 -0600)]
asn1: Remove unused variable assignment in main.c
Nicolas Williams [Wed, 4 Jan 2023 02:37:26 +0000 (20:37 -0600)]
base: Fix use-after-free in heim_path_vcreate()
Nicolas Williams [Wed, 4 Jan 2023 02:22:32 +0000 (20:22 -0600)]
base: Fix use-after-free db.c (mostly unused in prod)
We only use `db` for an2ln testing.
Nicolas Williams [Fri, 30 Dec 2022 22:38:30 +0000 (16:38 -0600)]
base: Remove unused variable assignment in JSON string parsing
Nicolas Williams [Fri, 30 Dec 2022 22:38:13 +0000 (16:38 -0600)]
wind: Check for integer overflow in idn-lookup utility
Nicolas Williams [Sat, 31 Dec 2022 06:50:10 +0000 (00:50 -0600)]
sl: Fix leak
Nicolas Williams [Wed, 4 Jan 2023 02:21:47 +0000 (20:21 -0600)]
roken: Fix FD and memory leaks in rk_undumptext()
Nicolas Williams [Wed, 4 Jan 2023 02:19:47 +0000 (20:19 -0600)]
roken: Fix base32/64 decode slowness
Nicolas Williams [Wed, 4 Jan 2023 02:18:17 +0000 (20:18 -0600)]
roken: Quiet warnings at mergesort callers
Some static analyzers can't tell that mergesort_r() isn't outputting
freed memory.
Nicolas Williams [Sat, 31 Dec 2022 01:16:51 +0000 (19:16 -0600)]
roken: Move an #endif in issuid() to avoid dead code
Nicolas Williams [Fri, 30 Dec 2022 22:38:07 +0000 (16:38 -0600)]
roken: Fix leak in new undump_not_file()
Brian May [Thu, 25 Aug 2022 23:15:13 +0000 (09:15 +1000)]
Build rk_closefrom even if including in libc
Nicolas Williams [Sat, 31 Dec 2022 01:15:16 +0000 (19:15 -0600)]
kdc: Make path to MIT Kerberos for testing configurable
Nicolas Williams [Sat, 31 Dec 2022 01:15:06 +0000 (19:15 -0600)]
cf: Make path to MIT Kerberos for testing configurable
Nicolas Williams [Tue, 3 Jan 2023 03:51:36 +0000 (21:51 -0600)]
GHA: Fix Coverity build
Nicolas Williams [Fri, 30 Dec 2022 04:27:42 +0000 (22:27 -0600)]
krb5: Fix(?) st_nlink check in fcache.c
We have a check for symlinks and hardlinks so that we refuse to open
ccaches through symlinks or which have hardlinks. This check is too
strict, checking for `st_nlink != 1`, which runs into trouble when a
ccache is mounted as a file into a container, in which case `stat(2)`
reports it as having zero links.
The fix is to check for `st_nlink > 1`:
- if (sb2.st_nlink != 1) {
+ if (sb2.st_nlink > 1) {
krb5_set_error_message(context, EPERM, N_("Refuses to open hardlinks for caches FILE:%s", ""), filename);
Though I question the utility of the hardlink check. MIT Kerberos
doesn't have it.
Brian May [Wed, 23 Nov 2022 22:02:08 +0000 (09:02 +1100)]
Increment hcrypto library version
Nicolas Williams [Thu, 29 Dec 2022 18:20:19 +0000 (12:20 -0600)]
kadm5: Fix #1055
Nicolas Williams [Fri, 23 Dec 2022 00:14:07 +0000 (18:14 -0600)]
kadm5: Add better fuzz inputs
Nicolas Williams [Thu, 22 Dec 2022 23:55:13 +0000 (17:55 -0600)]
krb5: Better checking for storage EOF
Nicolas Williams [Thu, 22 Dec 2022 05:42:34 +0000 (23:42 -0600)]
kadm5: Add a fuzzer input for test_marshall
TODO:
- Add more inputs.
Nicolas Williams [Thu, 22 Dec 2022 04:46:07 +0000 (22:46 -0600)]
roken: Use calloc() for overflow det. in hex_encode
Using calloc() means setting errno on overflow instead of not.
Stefan Metzmacher [Thu, 22 Dec 2022 10:45:10 +0000 (11:45 +0100)]
heimbase-atomics: let heim_base_atomic_* use 'long' instead of 'int' on AIX
As the atomics are signed on AIX, we better try to use the largest
possible max value.
The 'int' API uses 32-bit values for both 32-bit and 64-bit binaries:
typedef int *atomic_p;
int fetch_and_add(atomic_p addr, int value);
The 'long' API uses 32-bit values for 32-bit binaries and 64-bit values
for 64-bit binaries:
typedef long *atomic_l;
long fetch_and_addlp(atomic_l addr, long value);
So we better use the 'long' API in order to avoid any potential
problems with the heim_base_atomic_integer_max magic value, where
INT[32]_MAX would be a little bit low compared to 64-bit pointer space.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 22 Dec 2022 10:36:06 +0000 (11:36 +0100)]
heimbase-atomics: fix heim_base_atomic_* on AIX
The API looks like this on AIX:
typedef int *atomic_p;
int fetch_and_add(atomic_p addr, int value);
The strange thing is that the xlc compiler ignores missing arguments by
default. (It warns but doesn't fail to compile)
As a result the value argument was just uninitialized memory,
which means that the ref_cnt variable of struct heim_base,
gets unpredictable values during heim_retain() and heim_release(),
resulting in memory leaks.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Nicolas Williams [Thu, 22 Dec 2022 00:23:32 +0000 (18:23 -0600)]
bx509d: Fix tests skipping on OS X
Nicolas Williams [Wed, 21 Dec 2022 23:57:41 +0000 (17:57 -0600)]
kadm5: Add test_marshall program
The lib/kadm5/test_marshall program allows one to construct and check
encodings for various struct types for which we have
{kadm5,krb5}_{ret,store}_<type>() functions.
Currently supported are:
- krb5_keyblock
- krb5_principal
- krb5_times
- krb5_address
- krb5_addresses
- krb5_authdata
- krb5_creds
- krb5_key_data
- krb5_tl_data
- kadm5_principal_ent_rec
With this we'll be able to a) construct test vectors, b) use those to
drive fuzzing with AFL or other fuzzers.
Nicolas Williams [Wed, 21 Dec 2022 04:22:06 +0000 (22:22 -0600)]
roken: Add rk_undumptext() and support ttys and such
Add rk_undumptext(), which NUL-terminates the contents it reads.
rk_undumptext(), and now also rk_undumpdata(), can read from regular and
non-regular files (e.g., ttys, pipes, devices, but -on Windows- not
sockets).
This means that `asn1_print` can now read from `/dev/stdin`, which can
be a pipe.
There's a way to set a limit on how much to read from non-regular files,
and that limit defaults to 10MB.
At any rate, the rk_dumpdata(), rk_undumpdata(), and rk_undumptext() functions
really do not belong in lib/roken but in lib/base. There are other utility
functions in lib/roken that don't belong there too. A rationalization of the
split between lib/roken and lib/base is overdue. And while we're at it -lest I
forget- it'd be nice to move all the krb5_storage functions out of lib/krb5 and
into lib/base, as those could come in handy for, e.g., implementing OpenSSH
style certificates and other things outside the krb5 universe.
Nicolas Williams [Wed, 21 Dec 2022 04:19:39 +0000 (22:19 -0600)]
roken: Do not use net_read() for regular files!
The bug fixed herein almost certainly means that PKINIT was never
working on Windows, since lib/hx509 uses rk_undumpdata() to read regular
files containing certificates and keys, but then since rk_undumpdata()
was using net_read(), that can't have worked. On Windows net_read()
insists on the FD being a socket, and because of winsock, the namespaces
of socket and file descriptors on Windows are distinct.
Nicolas Williams [Tue, 20 Dec 2022 00:06:24 +0000 (18:06 -0600)]
kadmind: Fix uninitialized heap pointer use (#1051)
Nicolas Williams [Mon, 19 Dec 2022 23:54:11 +0000 (17:54 -0600)]
doc: Fix dvi/pdf/ps build
Nicolas Williams [Mon, 19 Dec 2022 22:27:28 +0000 (16:27 -0600)]
hx509: Add content and some EXAMPLES to hxtool(1)
hxtool is a very useful command, with a very user-friendly interface, at
least compared to OpenSSL's openssl(1). We should document it better.
Currently there are no manual pages for hxtool(1)'s subcommands, though
their --help message is pretty self-explanatory. Now the hxtool(1) page
provides better clues to the user, including examples.
Nicolas Williams [Mon, 19 Dec 2022 22:26:03 +0000 (16:26 -0600)]
hx509: Add hxtool cc --no-root-certs, --no-private-keys, and --append options
Nicolas Williams [Mon, 19 Dec 2022 22:24:23 +0000 (16:24 -0600)]
hx509: Add HX509_CERTS_STORE_NO_ROOTS flag
This will allow us to add a --no-roots option to
hxtool copy-certificate
which is convenient when copying certificate chains from stores that may
include root CA certificates.
Nicolas Williams [Mon, 19 Dec 2022 22:23:03 +0000 (16:23 -0600)]
hx509: Don't check if non-self-signed certs have a self-signing capable signature alg
We don't need the _hx509_self_signed_valid() check if the certificate is
not self-signed.
Nicolas Williams [Mon, 19 Dec 2022 22:21:39 +0000 (16:21 -0600)]
hx509: Add hx509_cert_is_{ca,root,self_signed}()
These are convenient utility functions.
Nicolas Williams [Wed, 14 Dec 2022 17:57:55 +0000 (11:57 -0600)]
base: Do not include config.h twice
Nicolas Williams [Tue, 29 Nov 2022 22:17:45 +0000 (16:17 -0600)]
bx509d: Add test of IPC CSR authorizer
We have a CSR authorizer plugin for calling to an IPC service.
In this commit we add test implementation of such a service.
We also remove the simple_csr_authorizer plugin and fold its
functionality into the new test_csr_authorizer functionality.
Nicolas Williams [Tue, 29 Nov 2022 00:12:04 +0000 (18:12 -0600)]
bx509d: /get-tgts: Allow piecemeal authorization
We use the CSR authorizer system for /get-tgt and /get-tgts because,
well, the CSR authorizer system knows how to deal with principal names
("PKINIT SANs").
The caller of the /get-tgts end-point is a batch API that is meant for
super-user clients that implement orchestration for automation. For
this end-point it's important to be able to return TGTs for just the
requested principals that are authorized rather than fail the whole
request because one principal isn't. A principal might be rejected by
the authorizer if, for example, it's not meant to exist, and that might
be desirable because "synthetic" HDB entries might be configured, and we
might not want principals that don't exist to appear to exist for such
an orchestration service.
The hx509 CSR related functions allow one to mark specific requested
EKUs and SANs as authorized or not. Until now we have simply rejected
all requests that don't have all attributes approved, but for /get-tgts
we need partial request approval. This commit implements partial
request approval for the /get-tgts end-point.
Nicolas Williams [Tue, 6 Dec 2022 21:15:45 +0000 (15:15 -0600)]
bx509d: Set log destination
Nicolas Williams [Wed, 30 Nov 2022 15:32:54 +0000 (09:32 -0600)]
bx509d: Fix leak of error messages
Nicolas Williams [Fri, 9 Dec 2022 02:13:44 +0000 (20:13 -0600)]
roken: Add easprintf() and evasprintf() utils
Like emalloc() and ecalloc(): errx on ENOMEM.
Nicolas Williams [Thu, 8 Dec 2022 19:20:58 +0000 (13:20 -0600)]
Do not include config.h in heimbase.h (fix #447)
We can't include config.h in public headers, as config.h is not public.
This reverts part of commit
a8f0905b71e103332f6705ffcbcab0a7768a809e.
Nicolas Williams [Thu, 8 Dec 2022 03:39:20 +0000 (21:39 -0600)]
base: Make heim_log_ref() thread-safe (fix build)
Nicolas Williams [Thu, 8 Dec 2022 03:26:01 +0000 (21:26 -0600)]
kadmin: Support heredocs better to speed up tests
Now we can use heredocs to execute multiple kadmin commands with just
one `execve()`:
```
${kadmin} <<EOF || exit 1
init ...
add ...
...
EOF
```
This will allow tests to use heredocs in setting up an HDB so as to go a
bit faster.
Nicolas Williams [Tue, 6 Dec 2022 21:15:15 +0000 (15:15 -0600)]
base: Make heim_log_ref() thread-safe
This is necessary to making multiple `krb5_context`s be able to share a
log facility.
Nicolas Williams [Thu, 8 Dec 2022 03:25:37 +0000 (21:25 -0600)]
sl: Unknown commands -> error
This will allow typos in kadmin heredocs in scripts to cause kadmin to
exit with a non-zero status code.
Nicolas Williams [Thu, 8 Dec 2022 03:24:51 +0000 (21:24 -0600)]
sl: Support continued line inputs for heredocs
This will allow kadmin to support heredocs, which will speed up testing.
Nicolas Williams [Tue, 29 Nov 2022 23:57:14 +0000 (17:57 -0600)]
hx509: Return better error in CSR authorization functions
Nicolas Williams [Wed, 30 Nov 2022 06:28:18 +0000 (00:28 -0600)]
hx509: Export missing CSR authz symbols
Nicolas Williams [Tue, 6 Dec 2022 05:01:32 +0000 (23:01 -0600)]
gss-token: Fix acceptor context leak
Nicolas Williams [Wed, 30 Nov 2022 17:22:22 +0000 (11:22 -0600)]
asn1: Template CHOICE element 0 bug
While we no longer have a decoder CHOICE element 0 bug, we did still
have one encode and copy and free that was leading to a memory leak (and
_save trashing) prior to the fix for
asn1: Fix 1-byte leaks in der_copy_octet_string()
This commit fixes that.
Nicolas Williams [Wed, 30 Nov 2022 16:48:48 +0000 (10:48 -0600)]
asn1: Fix 1-byte leaks in der_copy_octet_string()
We sometimes do things like `memset(&cert, 0, sizeof(cert))` then
`copy_Certificate(&cert, &cert_copy)`, and then we end up leaking a
byte in `der_copy_octet_string()` due to it having this code:
```C
der_copy_octet_string (const heim_octet_string *from, heim_octet_string *to)
{
assert(from->length == 0 || (from->length > 0 && from->data != NULL));
if (from->length == 0)
to->data = calloc(1, 1);
else
to->data = malloc(from->length);
...
}
```
The traces where this happens always involve the `_save` field of
`Name` or `TBSCertificate`.
This code was assuming that length 0 octet strings are expected to have
a non-NULL `data`, probably in case the C library's allocator returns
non-NULL pointers for `malloc(0)`, but then, why not just call
`malloc(0)`? But calling `malloc(0)` would then still lead to this leak
in on such systems.
Now, `der_free_octet_string()` does unconditionally `free()` the
string's `data`, so the leak really is not there but elsewhere, probably
in `lib/asn1/template.c:_asn1_free()`, but it clearly does
`der_free_octet_string()` the `_save` field of types that have it.
Nicolas Williams [Tue, 29 Nov 2022 23:55:06 +0000 (17:55 -0600)]
ipc: Exclude UNIX: prefix in socket name
Otherwise we don't format the same socket name as the client.
Nicolas Williams [Tue, 29 Nov 2022 23:54:19 +0000 (17:54 -0600)]
roken: Add trailing / to PID file DIR path
Otherwise if $HEIM_PIDFILE_DIR doesn't end in / then the pidfile gets
created in the parent.
Luke Howard [Sat, 26 Nov 2022 11:38:31 +0000 (22:38 +1100)]
asn1: ensure quoting of default string values
5398425c introduced support for propagating ASN.1 default values to the emitted
JSON, but it neglected to quote string values, which caused ASN.1 parsing
errors. Correct this.
Nicolas Williams [Tue, 22 Nov 2022 21:32:43 +0000 (15:32 -0600)]
hx509: Get i2d_PUBKEY() prototype from correct header
Nicolas Williams [Sun, 20 Nov 2022 04:03:50 +0000 (22:03 -0600)]
kdc: OpenSSL 3.0 support
Nicolas Williams [Sat, 19 Nov 2022 21:09:47 +0000 (15:09 -0600)]
krb5: OpenSSL 3.0 support
Nicolas Williams [Sat, 19 Nov 2022 05:31:51 +0000 (23:31 -0600)]
hx509: OpenSSL 3.0 support
Nicolas Williams [Sun, 20 Nov 2022 06:30:13 +0000 (00:30 -0600)]
hx509: PKCS#12 missing error check
Nicolas Williams [Sun, 20 Nov 2022 05:43:27 +0000 (23:43 -0600)]
hx509: Pass PKCS#8 keys to lower layers
OpenSSL's d2i_ECPrivateKey() is deprecated, so we have to use
d2i_PrivateKey(), but d2i_PrivateKey() wants the whole PKCS#8 blob so it
can know what kind of key it is. So we need to let the hx509 EC layer
get that blob. The internal APIs need some refactoring, so for now we
use a hack where we try to parse the private key with and without the
PKCS#8 wrapper.
Nicolas Williams [Fri, 18 Nov 2022 01:00:49 +0000 (19:00 -0600)]
hcrypto: Use builtin 1DES/RC2/RC4 (OpenSSL 3)
At some point before we make an 8.0 release we'll probably just remove
all the legacy, weak ciphers and hashes (except MD5, most likely).
To drop these we'll have to re-generate PKCS#12 test samples using
stronger PBEs, and possible add new PBE types.
Nicolas Williams [Mon, 21 Nov 2022 20:24:31 +0000 (14:24 -0600)]
hcrypto: Fix EVP_CipherUpdate() bugs
Nicolas Williams [Fri, 18 Nov 2022 00:57:35 +0000 (18:57 -0600)]
hcrypto: OpenSSL's EVP_Cipher() returns a length
Nicolas Williams [Mon, 21 Nov 2022 18:09:07 +0000 (12:09 -0600)]
cf: Check for OpenSSL FIPS
Nicolas Williams [Mon, 21 Nov 2022 18:06:59 +0000 (12:06 -0600)]
cf: Check for OpenSSL 3.0
This check is admittedly lame. But it's all I have time for at the
moment. A better check would be a program that includes the correct
headers and succeeds if the OpenSSL version macro indicates it's at
3.0 or higher. Or perhaps we could run the openssl(1) version command-
line and parse its output. But checking for functions that are in 3.0
and not 1.1 will do for the time being.
Nicolas Williams [Thu, 17 Nov 2022 18:56:20 +0000 (12:56 -0600)]
hcrypto: Remove dead MD2 code
Stefan Metzmacher [Thu, 3 Mar 2022 16:28:24 +0000 (17:28 +0100)]
lib/krb5: remove dead code from pk_verify_host()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Stefan Metzmacher [Thu, 3 Mar 2022 16:26:57 +0000 (17:26 +0100)]
lib/krb5: remove unused krb5_krbhst_info argument of pk_verify_host()
Signed-off-by: Stefan Metzmacher <metze@samba.org>