summaryrefslogtreecommitdiff
path: root/source4/heimdal/lib/gssapi
AgeCommit message (Collapse)AuthorFilesLines
2008-08-14gsskrb5: always return an acceptor subkeyStefan Metzmacher1-4/+18
For non cfx keys it's the same as the intiator subkey. This matches windows behavior. metze (This used to be commit 6a8b07c39558f240b89e833ecba15d8b9fc020e8)
2008-08-08gsskrb5: try to be compatible with windows for gss_wrap* and cfxStefan Metzmacher2-11/+39
The good thing is that windows and heimdal both use EC=0 in the non DCE_STYLE case, so we need the windows compat hack only in DCE_STYLE mode. metze (This used to be commit 0fa41a94e466d5e11bcf362ccd8ff41b72733d1a)
2008-08-08gsskrb5: add support for DCE_STYLE and des and des3 keysStefan Metzmacher2-22/+64
Only the des keys are tested as windows doesn't support des3 metze (This used to be commit 86848dd0f217774faed81af8fbf68618013e20a1)
2008-08-01heimdal: add missing file heimdal/lib/gssapi/mech/gss_pseudo_random.cStefan Metzmacher1-0/+69
metze (This used to be commit 3bd7e68a5cfe80733782367e327b570d04b21586)
2008-08-01heimdal: update to lorikeet-heimdal rev 801Stefan Metzmacher71-466/+893
metze (This used to be commit d6c54a66fb23c784ef221a3c1cf766b72bdb5a0b)
2008-06-27gsskrb5: just don't force, but allow the flags when GSS_CF_NO_CI_FLAGS is givenStefan Metzmacher1-0/+6
metze (This used to be commit f10c9ca3612d7bdc4c2c221e959f8c48ec2f9349)
2008-06-27gsskrb5: fix gss_krb5_cred_no_ci_flags_x_oid_desc variable nameStefan Metzmacher1-2/+2
metze (This used to be commit d88be1a1cb543b4e2cc5d15262da786558aa276d)
2008-06-02krb5_init_sec_context: skip the token header when GSS_C_DCE_STYLE is specifiedStefan Metzmacher1-5/+11
Windows (and heimdal) accepts packets with token header in the server, but it doesn't match the windows client. We now match the windows client and that fixes also the display in wireshark. metze (This used to be commit 58f66184f0f732a78e86bbb0f3c29e920f086d08)
2008-03-19Merge lorikeet-heimdal -r 787 into Samba4 tree.Andrew Bartlett19-124/+254
Andrew Bartlett (This used to be commit d88b530522d3cef67c24422bd5182fb875d87ee2)
2007-10-10r24614: Merge with current lorikeet-heimdal. This brings us one step closerAndrew Bartlett12-76/+87
to an alpha release. Andrew Bartlett (This used to be commit 30e02747d511630659c59eafec8d28f58605943b)
2007-10-10r23678: Update to current lorikeet-heimdal (-r 767), which should fix theAndrew Bartlett14-121/+136
panics on hosts without /dev/random. Andrew Bartlett (This used to be commit 14a4ddb131993fec72316f7e8e371638749e6f1f)
2007-10-10r23456: Update Samba4 to current lorikeet-heimdal.Andrew Bartlett125-569/+1059
Andrew Bartlett (This used to be commit ae0f81ab235c72cceb120bcdeb051a483cf3cc4f)
2007-10-10r20640: Commit part 2/2Andrew Bartlett52-1347/+1745
Update Heimdal to match current lorikeet-heimdal. This includes integrated PAC hooks, so Samba doesn't have to handle this any more. This also brings in the PKINIT code, hence so many new files. Andrew Bartlett (This used to be commit 351f7040f7bb73b9a60b22b564686f7c2f98a729)
2007-10-10r20139: only add GSS_C_CONF_FLAG and GSS_C_INTEG_FLAG if the caller ↵Stefan Metzmacher1-2/+5
requested it! this is needed to create plain, singed or sealed LDAP connections. this should go into lorikeet and main heimdal... metze (This used to be commit 75c037cae21714e394a63f2506387e1049eb4406)
2007-10-10r19681: Update to current lorikeet-heimdal. I'm looking at using the realmAndrew Bartlett6-116/+179
lookup plugin, the new PAC validation code as well as Heimdal's SPNEGO implementation. Andrew Bartlett (This used to be commit 05421f45ed7811697ea491e26c9d991a7faa1a64)
2007-10-10r19650: Allow Samba to use Heimdal's SPNEGO code. Currently this can onlyAndrew Bartlett2-5/+4
negotiate krb5, but if this works, I'll add NTLM as a GSSAPI backend by some means or other. Andrew Bartlett (This used to be commit 476452e143f61a3878a3646864729daaddccdf68)
2007-10-10r19644: Merge up to current lorikeet-heimdal, incling addingAndrew Bartlett5-22/+100
gsskrb5_set_default_realm(), which should fix mimir's issues. Andrew Bartlett (This used to be commit 8117e76d2adee163925a29df872015ff5021a1d3)
2007-10-10r19633: Merge to lorikeet-heimdal, removing krb5_rd_req_return_keyblock in ↵Andrew Bartlett11-132/+162
favour of a more tasteful replacement. Remove kerberos_verify.c, as we don't need that code any more. Replace with code for using the new krb5_rd_req_ctx() borrowed from Heimdal's accecpt_sec_context.c Andrew Bartlett (This used to be commit 13c9df1d4f0517468c80040d3756310d4dcbdd50)
2007-10-10r19616: the heimdal spnego mech doesn't seem to use roken.h and isn't portableStefan Metzmacher1-0/+2
(it doesn't compile on suse 10.1 because gethostname() isn't found, unistd.h isn't included...) as we don't need the spnego mech, disable it till it gets fixed in heimdal metze (This used to be commit 0a52e11a9c34281c9ea284e007086b2ae6fce6c7)
2007-10-10r19604: This is a massive commit, and I appologise in advance for it's size.Andrew Bartlett130-4915/+16207
This merges Samba4 with lorikeet-heimdal, which itself has been tracking Heimdal CVS for the past couple of weeks. This is such a big change because Heimdal reorganised it's internal structures, with the mechglue merge, and because many of our 'wishes' have been granted: we now have DCE_STYLE GSSAPI, send_to_kdc hooks and many other features merged into the mainline code. We have adapted to upstream's choice of API in these cases. In gensec_gssapi and gensec_krb5, we either expect a valid PAC, or NO PAC. This matches windows behavour. We also have an option to require the PAC to be present (which allows us to automate the testing of this code). This also includes a restructure of how the kerberos dependencies are handled, due to the fallout of the merge. Andrew Bartlett (This used to be commit 4826f1735197c2a471d771495e6d4c1051b4c471)
2007-10-10r18528: work around what appears to be a compiler bug in gcc on irix. ItAndrew Tridgell1-1/+1
caused the RPC-SECRETS test to crash smbd in an inlined version of this memcmp() call. This patch should have absolutely no effect at all, but in fact it prevents the crash. Disassembling at the point of the crash, it shows that gcc is inlining the memcmp(). I don't know enough MIPS assembler to actually spot the bug. In case anyone reading this does know MIPS assembler, here is the gcc generated code that crashes: 0x105e0218 <gssapi_krb5_verify_header+168>: lw $t1,52($sp) 0x105e021c <gssapi_krb5_verify_header+172>: lw $t1,0($t1) 0x105e0220 <gssapi_krb5_verify_header+176>: lhu $t1,0($t1) 0x105e0224 <gssapi_krb5_verify_header+180>: lw $t2,68($sp) 0x105e0228 <gssapi_krb5_verify_header+184>: lhu $t2,0($t2) 0x105e022c <gssapi_krb5_verify_header+188>: subu $t1,$t1,$t2 it gets a segv at 0x105e0220. lha, what do you think of this? The change should be innocuous on all other platforms, apart from making the code harder to read :( (This used to be commit 95455b57893c99d6d2dc20c4f75042ae4c1cfe85)
2007-10-10r18308: get this right ....Andrew Tridgell1-1/+1
(This used to be commit 3697cd6597875fe22f6885ce20612a32d0be2513)
2007-10-10r18300: fixed a type bug in heimdal - lha, you happy with this upstream? ItAndrew Tridgell1-1/+1
showed up on ia_64 systems (This used to be commit 1f38a7ea56944466d90622832e4570dc324adc4e)
2007-10-10r16235: Don't update minor_status when cleaning up on error. This restoresAndrew Bartlett1-2/+2
sensible log messages to gensec_gssapi. Andrew Bartlett (This used to be commit df2e4f061f3bc82930dfcdbb75b775939ae8832e)
2007-10-10r16100: Patch from Michael Wood <mwood@icts.uct.ac.za>: s/then/than/ for ↵Gerald Carter1-2/+2
correct grammar (This used to be commit 26a2fa97e4c819e630bc9b50e11c8d5328c7b8c8)
2007-10-10r16000: - use uint16_t instead of u_int16_tStefan Metzmacher1-5/+6
- use int32_t for seq_number both changes let us use the types which the main heimdal code uses metze (This used to be commit ecff7b70aadb9ac27731a5b44aa20b49ac82321a)
2007-10-10r15993: don't use u_int32_t, as the main heimdal code also don't useStefan Metzmacher2-5/+5
it anymore metze (This used to be commit e1842c9b55ffd0792fea2cff37b812d319c76f1f)
2007-10-10r15515: Syncronsise with current lorikeet-heimdal.Andrew Bartlett2-8/+5
Andrew Bartlett (This used to be commit 0132312124260f74001546a34ff96db89d72b7f6)
2007-10-10r15491: Always initialise is_cfx (found by Valgrind)Andrew Bartlett1-1/+3
Always remember to free the crypto context (found by Luke Howard) (This used to be commit 4b44355d42592f4acaae459c6ae09dd928f083b7)
2007-10-10r15484: Make accept_security_context() more compatible with how Samba3 (andAndrew Bartlett2-15/+44
similarly built clients) behave. This is better than just ignoring the checksum, if it isn't the GSSAPI checksum. (Samba4 clients in Samba3 mode use more than just the MD5 checksum, and will use a signed AES checksum if available. Actual samba3 may well do the same in future, against a suitable KDC). Also a change for easier debugging of checksum issues. Andrew Bartlett (This used to be commit 120374f5f9e9af0653a26e0308e4bfdabbcaa3f3)
2007-10-10r15481: Update heimdal/ to match current lorikeet-heimdal.Andrew Bartlett7-26/+27
This includes many useful upstream changes, many of which should reduce warnings in our compile. It also includes a change to the HDB interface, which removes the need for Samba4/lorikeet-heimdal to deviate from upstream for hdb_fetch(). The new flags replace the old entry type enum. (This required the rework in hdb-ldb.c included in this commit) Andrew Bartlett (This used to be commit ef5604b87744c89e66e4d845f45b23563754ec05)
2007-10-10r15192: Update Samba4 to use current lorikeet-heimdal.Andrew Bartlett6-18/+154
Andrew Bartlett (This used to be commit f0e538126c5cb29ca14ad0d8281eaa0a715ed94f)
2007-10-10r14707: Initialise default value (the rest of this function sets it to 1 ifAndrew Bartlett1-0/+1
this is CFX). Caught by Valgrind. Andrew Bartlett (This used to be commit bdb55ce2b57adf3b7c6eb1455c3775d013c72e5d)
2007-10-10r14198: Update Samba4 to current lorikeet-heimdal.Andrew Bartlett3-5/+10
Andrew Bartlett (This used to be commit 97a0a0e2fa6784e5fc5278f7a15b385ddcb6a3b3)
2007-10-10r13481: As far as I can tell, my changes in -r 12863 were dangerously untested.Andrew Bartlett3-2/+62
We do need the gsskrb5_get_initiator_subkey() routine. But we should ensure that we do always get a valid key, to prevent any segfaults. Without this code, we get a different session key compared with Win2k3, and so kerberised smb signing fails. Andrew Bartlett (This used to be commit cfd0df16b74b0432670b33c7bf26316b741b1bde)
2007-10-10r13144: This seems to be required for Samba4 to talk to Samba4, and to get theAndrew Bartlett1-0/+11
same session key. I need to understand this more, but it works samba/samba, and I don't have access to windows doing AES (longhorn) yet. Andrew Bartlett (This used to be commit 38809b43a5d6bd668e9cb714573dc1e72ceff092)
2007-10-10r12863: As lha suggested to me a while back, it appears that theAndrew Bartlett3-48/+2
gsskrb5_get_initiator_subkey() routine is bougs. We can indeed use gss_krb5_get_subkey(). This is fortunate, as there was a segfault bug in 'initiator' version. Andrew Bartlett (This used to be commit ec11870ca1f9231dd3eeae792fc3268b31477e11)
2007-10-10r12269: Update to current lorikeet-heimdal. This changed the way the hdbAndrew Bartlett2-2/+7
interface worked, so hdb-ldb.c and the glue have been updated. Andrew Bartlett (This used to be commit 8fd5224c6b5c17c3a2c04c7366b7e367012db77e)
2007-10-10r12000: Update to current lorikeet-heimdal, including in particular supportAndrew Bartlett3-4/+14
for referencing an existing in-MEMORY keytab (required for the new way we push that to GSSAPI). Andrew Bartlett (This used to be commit 2426581dfb9f5f0f9367f846c01dfd3c30fea954)
2007-10-10r11995: A big kerberos-related update.Andrew Bartlett8-180/+134
This merges Samba4 up to current lorikeet-heimdal, which includes a replacement for some Samba-specific hacks. In particular, the credentials system now supplies GSS client and server credentials. These are imported into GSS with gss_krb5_import_creds(). Unfortunetly this can't take an MEMORY keytab, so we now create a FILE based keytab as provision and join time. Because the keytab is now created in advance, we don't spend .4s at negprot doing sha1 s2k calls. Also, because the keytab is read in real time, any change in the server key will be correctly picked up by the the krb5 code. To mark entries in the secrets which should be exported to a keytab, there is a new kerberosSecret objectClass. The new routine cli_credentials_update_all_keytabs() searches for these, and updates the keytabs. This is called in the provision.js via the ejs wrapper credentials_update_all_keytabs(). We can now (in theory) use a system-provided /etc/krb5.keytab, if krb5Keytab: FILE:/etc/krb5.keytab is added to the secrets.ldb record. By default the attribute privateKeytab: secrets.keytab is set, pointing to allow the whole private directory to be moved without breaking the internal links. (This used to be commit 6b75573df49c6210e1b9d71e108a9490976bd41d)
2007-10-10r11541: More logical (I think...) delegation semantics.Andrew Bartlett1-10/+14
Andrew Bartlett (This used to be commit 6bb1b244284a209ebcb50c17ad59d4528658da0b)
2007-10-10r11477: This seems really nasty, but as I understand it an attacker cannotAndrew Bartlett1-2/+11
change this checksum, as it is inside the encrypted packets. Where the client (such as Samba3) fakes up GSSAPI, allow it to continue. We can't rid the world of all Samba3 and similar clients... Andrew Bartlett (This used to be commit e60cdb63fb37e44252f83a56a6302f0bd22dec4d)
2007-10-10r11468: Merge a bit more of init_sec_context from Heimdal CVS into ourAndrew Bartlett1-4/+21
DCE_STYLE modified version, and add parametric options to control delegation. It turns out the only remaining issue is sending delegated credentials to a windows server, probably due to the bug lha mentions in his blog (using the wrong key). If I turn delgation on in smbclient, but off in smbd, I can proxy a cifs session. I can't wait till Heimdal 0.8, so I'll see if I can figure out the fix myself :-) Andrew Bartlett (This used to be commit fd5fd03570c13f5644e53ff89ac8eca7c0985740)
2007-10-10r11462: Fix the build: somehow I lost the header for this samba-specific hack.Andrew Bartlett1-0/+2
Andrew Bartlett (This used to be commit 0a4194118974bdde4e10fd32578a5beeb6e768ce)
2007-10-10r11452: Update Heimdal to current lorikeet, including removing the ccache sideAndrew Bartlett8-107/+227
of the gsskrb5_acquire_cred hack. Add support for delegated credentials into the auth and credentials subsystem, and specifically into gensec_gssapi. Add the CIFS NTVFS handler as a consumer of delegated credentials, when no user/domain/password is specified. Andrew Bartlett (This used to be commit 55b89899adb692d90e63873ccdf80b9f94a6b448)
2007-10-10r11392: After confirmation from Love, fix a compiler warningVolker Lendecke1-1/+1
(This used to be commit a0b4036ba6ae423bab3ec698d3e404f03bb0f9d5)
2007-10-10r11317: An ugly hack to setup the global gssapi_krb5_context early, when weAndrew Bartlett2-5/+18
have easy access to the event context. This stops Samba dead-locking against itself when the winbindd client tries to contact the KDC. Andrew Bartlett (This used to be commit 57f811115ed768ea1f170dcd71038398bf2ab6e9)
2007-10-10r11294: Update Heimdal in Samba4 to lorikeet-heimdal (which is in turn updatedAndrew Bartlett4-20/+69
to CVS of 2005-10-24). Andrew Bartlett (This used to be commit 939d4f340feaad15d0a6a5da79feba2b2558f174)
2007-10-10r10386: Merge current lorikeet-heimdal into Samba4.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit 4d2a9a9bc497eae269c24cbf156b43b8588e2f73)
2007-10-10r10286: This patch is ugly and disgusting, but for now it works better than ↵Andrew Bartlett1-2/+30
the other ideas I have had. When I get a full list of things I want to do to a krb5_context I'll either add gsskrb5_ wrappers, or a way of speicfying the krb5 context per gssapi context. (I want to ensure that the only krb5_context variables created while executing Samba4 are via our wrapper). Andrew Bartlett (This used to be commit 8a22d46e70e9f863831aba0c9913d195f833d625)