Commit Graph

84 Commits

Author SHA1 Message Date
Xin LI
49426905b3 MFV r320905: Import upstream fix for CVE-2017-11103.
In _krb5_extract_ticket() the KDC-REP service name must be obtained from
encrypted version stored in 'enc_part' instead of the unencrypted version
stored in 'ticket'.  Use of the unecrypted version provides an
opportunity for successful server impersonation and other attacks.

Submitted by:	hrs
Obtained from:	Heimdal
Security:	FreeBSD-SA-17:05.heimdal
Security:	CVE-2017-11103
2017-07-12 07:19:06 +00:00
Warner Losh
fbbd9655e5 Renumber copyright clause 4
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.

Submitted by:	Jan Schaumann <jschauma@stevens.edu>
Pull Request:	https://github.com/freebsd/freebsd/pull/96
2017-02-28 23:42:47 +00:00
Ed Maste
4620ba2e32 Remove duplicate symbol from libhx509 version-script.map
Upstream commit r21331 (7758a5d0) added semiprivate function
_hx509_request_to_pkcs10 twice. This change has been committed upstream
as 8ef0071d.
2016-08-22 18:50:57 +00:00
Ed Maste
bb04182c90 Remove duplicate symbols from libroken version-script.map
Upstream commit r24759 (efed563) prefixed some symbols with rk_, but
introduced 6 duplicate symbols in the version script (because the
rk_-prefixed versions of the symbols were already present).
2016-07-21 18:12:39 +00:00
Conrad Meyer
f74fc68670 libkrb5: Fix potential double-free
If krb5_make_principal fails, tmp_creds.server may remain a pointer to freed
memory and then be double-freed.  After freeing it the first time, initialize
it to NULL, which causes subsequent krb5_free_principal calls to do the right
thing.

Reported by:	Coverity
CID:		1273430
Sponsored by:	EMC / Isilon Storage Division
2016-05-11 23:25:59 +00:00
Glen Barber
28c80a7dd8 Include the gssapi_krb5 library in KRB5_LDFLAGS.
PR:		156245
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2014-09-08 19:00:13 +00:00
Warner Losh
3bdf775801 NO_MAN= has been deprecated in favor of MAN= for some time, go ahead
and finish the job. ncurses is now the only Makefile in the tree that
uses it since it wasn't a simple mechanical change, and will be
addressed in a future commit.
2014-04-13 05:21:56 +00:00
Benjamin Kaduk
0782240958 Apply patch from upstream Heimdal for encoding fix
RFC 4402 specifies the implementation of the gss_pseudo_random()
function for the krb5 mechanism (and the C bindings therein).
The implementation uses a PRF+ function that concatenates the output
of individual krb5 pseudo-random operations produced with a counter
and seed.  The original implementation of this function in Heimdal
incorrectly encoded the counter as a little-endian integer, but the
RFC specifies the counter encoding as big-endian.  The implementation
initializes the counter to zero, so the first block of output (16 octets,
for the modern AES enctypes 17 and 18) is unchanged.  (RFC 4402 specifies
that the counter should begin at 1, but both existing implementations
begin with zero and it looks like the standard will be re-issued, with
test vectors, to begin at zero.)

This is upstream's commit f85652af868e64811f2b32b815d4198e7f9017f6,
from 13 October, 2013:
% Fix krb5's gss_pseudo_random() (n is big-endian)
%
% The first enctype RFC3961 prf output length's bytes are correct because
% the little- and big-endian representations of unsigned zero are the
% same.  The second block of output was wrong because the counter was not
% being encoded as big-endian.
%
% This change could break applications.  But those applications would not
% have been interoperating with other implementations anyways (in
% particular: MIT's).

Approved by:	hrs (mentor, src committer)
MFC after:	3 days
2013-12-13 03:09:29 +00:00
Hiroki Sato
3fbceebb4a Fix gssapi/gssapi_krb5.h after Heimdal 1.5.1 import.
Reviewed by:	dfr
2013-06-30 07:46:22 +00:00
Bjoern A. Zeeb
9c91c227c7 Have the ipropd-master listen on an IPv6 socket in addition to an IPv4
socket to allow propagation of changes to a Heimdal Kerberos database
from the KDC master to the slave(s) work on IPv6 as well.

Update the stats logging to also handle IPv6 addresses.

Reported by:		peter (found on FreeBSD cluster)
X-to-be-tested-by:	peter
MFC after:		3 weeks
2013-05-18 18:01:21 +00:00
Dimitry Andric
d2a99d8189 Import change 6d783560e4aad1e680097d11e89755647a5aba87 from upstream
heimdal:

  fix sizeof(uuid)

Found by:	clang ToT
Reviewed by:	stas
2013-02-19 17:38:18 +00:00
Pedro F. Giffuni
646a7fea0c Clean some 'svn:executable' properties in the tree.
Submitted by:	Christoph Mallon
MFC after:	3 days
2013-01-26 22:08:21 +00:00
Eitan Adler
37a6031461 Clean up hardcoded ar(1) flags in the tree to use the global ARFLAGS in
share/mk/sys.mk instead.

This is part of a medium term project to permit deterministic builds of
FreeBSD.

Submitted by:	Erik Cederstrand <erik@cederstrand.dk>
Reviewed by:	imp, toolchain@
Approved by:	cperciva
MFC after:	2 weeks
2012-12-06 01:31:25 +00:00
Dimitry Andric
ea74d89cf2 In crypto/heimdal/lib/sl/slc-lex.l, don't define YY_NO_INPUT, since
%option nounput is already specified.

MFC after:	3 days
2012-11-14 18:49:03 +00:00
Stanislav Sedov
cf771f223b - Update FreeBSD's Heimdal distribution to 1.5.2. This is a bugfix
release, which fixes a DoS issue in libkrb5.
2012-04-08 08:19:17 +00:00
Stanislav Sedov
ae77177087 - Update FreeBSD Heimdal distribution to version 1.5.1. This also brings
several new kerberos related libraries and applications to FreeBSD:
  o kgetcred(1) allows one to manually get a ticket for a particular service.
  o kf(1) securily forwards ticket to another host through an authenticated
    and encrypted stream.
  o kcc(1) is an umbrella program around klist(1), kswitch(1), kgetcred(1)
    and other user kerberos operations. klist and kswitch are just symlinks
    to kcc(1) now.
  o kswitch(1) allows you to easily switch between kerberos credentials if
    you're running KCM.
  o hxtool(1) is a certificate management tool to use with PKINIT.
  o string2key(1) maps a password into key.
  o kdigest(8) is a userland tool to access the KDC's digest interface.
  o kimpersonate(8) creates a "fake" ticket for a service.

  We also now install manpages for some lirbaries that were not installed
  before, libheimntlm and libhx509.

- The new HEIMDAL version no longer supports Kerberos 4.  All users are
  recommended to switch to Kerberos 5.

- Weak ciphers are now disabled by default.  To enable DES support (used
  by telnet(8)), use "allow_weak_crypto" option in krb5.conf.

- libtelnet, pam_ksu and pam_krb5 are now compiled with error on warnings
  disabled due to the function they use (krb5_get_err_text(3)) being
  deprecated.  I plan to work on this next.

- Heimdal's KDC now require sqlite to operate.  We use the bundled version
  and install it as libheimsqlite.  If some other FreeBSD components will
  require it in the future we can rename it to libbsdsqlite and use for these
  components as well.

- This is not a latest Heimdal version, the new one was released while I was
  working on the update.  I will update it to 1.5.2 soon, as it fixes some
  important bugs and security issues.
2012-03-22 08:48:42 +00:00
Colin Percival
3e65b9c6e6 Fix a problem whereby a corrupt DNS record can cause named to crash. [11:06]
Add an API for alerting internal libc routines to the presence of
"unsafe" paths post-chroot, and use it in ftpd. [11:07]

Fix a buffer overflow in telnetd. [11:08]

Make pam_ssh ignore unpassphrased keys unless the "nullok" option is
specified. [11:09]

Add sanity checking of service names in pam_start. [11:10]

Approved by:    so (cperciva)
Approved by:    re (bz)
Security:       FreeBSD-SA-11:06.bind
Security:       FreeBSD-SA-11:07.chroot
Security:       FreeBSD-SA-11:08.telnetd
Security:       FreeBSD-SA-11:09.pam_ssh
Security:       FreeBSD-SA-11:10.pam
2011-12-23 15:00:37 +00:00
Stanislav Sedov
31f1e9c17f - Flatten the vendor heimdal tree. 2011-09-29 05:23:57 +00:00
Ben Laurie
198a158f99 Fix clang warning (why is there nowhere yyparse() is declared?).
Approved by:	philip (mentor)
2011-05-18 20:57:23 +00:00
Brooks Davis
2f70892f19 The size of credential messages is limited by CMGROUP_MAX rather than
NGROUPS.

MFC after:	1 week
2010-01-03 20:45:49 +00:00
Doug Rabson
33f1219925 Fix conflicts after heimdal-1.1 import and add build infrastructure. Import
all non-style changes made by heimdal to our own libgssapi.
2008-05-07 13:53:12 +00:00
Doug Rabson
c19800e8cd Vendor import of Heimdal 1.1 2008-05-07 13:39:42 +00:00
Doug Rabson
4fe54d7c6a This commit was generated by cvs2svn to compensate for changes in r178825,
which included commits to RCS files with non-trunk default branches.
2008-05-07 13:39:42 +00:00
Peter Wemm
d0a6d5e51e Remove _FREEFALL_CONFIG hacks. su+pam_ksu works well enough to use on
the freebsd.org cluster.
2007-10-18 19:36:31 +00:00
Doug Rabson
17ed18fef3 Fix the amd64 (and presumably ia64) lib32 build by ensuring that the
heimdal GSS-API mechanism uses its own version of gssapi.h, including all
the implementation-dependant pollution contained therein.

This moves the file off the vendor branch, sadly.

Submitted by: bz
2006-01-02 11:28:42 +00:00
Ken Smith
2672e71736 This is sort of an MFS. Peter made these changes to the RELENG_*
branches but missed HEAD.  This patch extends his a little bit,
setting it up via the Makefiles so that adding _FREEFALL_CONFIG
to /etc/make.conf is the only thing needed to cluster-ize things
(current setup also requires overriding CFLAGS).

From Peter's commit to the RELENG_* branches:
> Add the freebsd.org custer's source modifications under #ifdefs to aid
> keeping things in sync.  For ksu:
> * install suid-root by default
> * don't fall back to asking for a unix password (ie: be pure kerberos)
> * allow custom user instances for things like www and not just root

The Makefile tweaks will be MFC-ed, the rest is already done.

MFC after:      3 days
Approved by:    re (dwhite)
2005-07-07 14:16:38 +00:00
Jacques Vidrine
8d4ba808a5 Vendor import of Heimdal 0.6.3. 2005-02-24 22:22:53 +00:00
Jacques Vidrine
f65ab5f283 This commit was generated by cvs2svn to compensate for changes in r142403,
which included commits to RCS files with non-trunk default branches.
2005-02-24 22:22:53 +00:00
Jacques Vidrine
d526eb91a6 Do not include lib/kdfs in future imports. 2005-02-24 22:17:13 +00:00
Jacques Vidrine
e30f8e817e Remove lib/kdfs from vendor branch: we do not build it, and it will not
be included in future imports.
2005-02-24 22:16:35 +00:00
Jacques Vidrine
a43dbe2565 Clean up the Heimdal vendor branch by removing files not included in
any import for several years.

If memory serves, this was
Suggested by:	ru
an awfully long time ago-- sorry for the delay!
2005-02-24 22:14:04 +00:00
Jacques Vidrine
a0c37ec326 Resolve conflicts after import of Heimdal 0.6.1. 2004-04-03 21:31:10 +00:00
Jacques Vidrine
1c43270ada Vendor import of Heimdal 0.6.1. 2004-04-03 21:22:55 +00:00
Jacques Vidrine
090bc474c9 This commit was generated by cvs2svn to compensate for changes in r127808,
which included commits to RCS files with non-trunk default branches.
2004-04-03 21:22:55 +00:00
Jacques Vidrine
855f569304 Correct badly-formed code (missing quote) within `#if 0' section.
Newer versions of GCC error in such situations.

Obtained from:	Heimdal CVS
2003-10-09 19:52:14 +00:00
Jacques Vidrine
8fc52f5387 This commit was generated by cvs2svn to compensate for changes in r120952,
which included commits to RCS files with non-trunk default branches.
2003-10-09 19:52:14 +00:00
Jacques Vidrine
2d4851347d Resolve conflicts after import of Heimdal 0.6. 2003-10-09 19:42:07 +00:00
Jacques Vidrine
bbd80c285e Vendor import of Heimdal 0.6. 2003-10-09 19:36:20 +00:00
Jacques Vidrine
83dff030ab This commit was generated by cvs2svn to compensate for changes in r120945,
which included commits to RCS files with non-trunk default branches.
2003-10-09 19:36:20 +00:00
Jacques Vidrine
6b1b07dfa1 Add list of files to remove from the Heimdal distribution prior to
each import.
2003-10-09 19:35:38 +00:00
Jacques Vidrine
4f62b1068d Add a missing include, needed to get a prototype for `des_read_pw_string'.
This is particularly important for OpenSSL 0.9.7, as `des_read_pw_string'
is a macro there.  (This fix brought in on the vendor branch, because I
already committed it to Heimdal's CVS.)
2003-01-21 14:19:06 +00:00
Jacques Vidrine
87fd161364 This commit was generated by cvs2svn to compensate for changes in r109641,
which included commits to RCS files with non-trunk default branches.
2003-01-21 14:19:06 +00:00
Jacques Vidrine
5bda878e3e Import of Heimdal 0.5.1.
Approved by:	re
2002-11-24 20:59:25 +00:00
Jacques Vidrine
1036289598 This commit was generated by cvs2svn to compensate for changes in r107207,
which included commits to RCS files with non-trunk default branches.
2002-11-24 20:59:25 +00:00
Assar Westerlund
5ead950622 import 1.27 to fix buffer overflow:
check size of rlen

Obtained from:	Heimdal CVS
2002-10-22 02:13:32 +00:00
Assar Westerlund
0c3bd4ca35 This commit was generated by cvs2svn to compensate for changes in r105672,
which included commits to RCS files with non-trunk default branches.
2002-10-22 02:13:32 +00:00
Jacques Vidrine
1b3f4135a5 Fix an annoying bug that causes a spurious error message when changing
passwords, even when the operation actually succeeded.

    % k5passwd
    luser@REA.LM's Password: **************
    New password: **************
    Verifying password - New password: **************
    k5passwd: krb5_change_password: unable to reach any changepw server  in realm REA.LM

[In reality, the password was changed.]

Obtained from:	Heimdal CVS
2002-09-30 11:48:23 +00:00
Jacques Vidrine
a5573db3bf This commit was generated by cvs2svn to compensate for changes in r104204,
which included commits to RCS files with non-trunk default branches.
2002-09-30 11:48:23 +00:00
Jacques Vidrine
0bd4a81b2e These RFCs and internet-drafts are not really needed in the base
system, and I've not been importing them lately.  cvs rm them now
so they can be cleaned out of the attic later.

Requested by:	obrien
2002-09-18 14:17:14 +00:00
Jacques Vidrine
43a2371256 Resolve conflicts. 2002-09-16 21:07:11 +00:00