From cb4cef71ffb998895cc3efdec709038ecbf930af Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Nov 03 2021 23:13:04 +0000 Subject: import krb5-1.19.1-11.el9.1 --- diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..495142b --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/krb5-1.19.1.tar.gz diff --git a/.krb5.metadata b/.krb5.metadata new file mode 100644 index 0000000..c80487f --- /dev/null +++ b/.krb5.metadata @@ -0,0 +1 @@ +65fcedf85595457652cc0d37df65c9258e783d6b SOURCES/krb5-1.19.1.tar.gz diff --git a/SOURCES/Add-APIs-for-marshalling-credentials.patch b/SOURCES/Add-APIs-for-marshalling-credentials.patch new file mode 100644 index 0000000..7d77bba --- /dev/null +++ b/SOURCES/Add-APIs-for-marshalling-credentials.patch @@ -0,0 +1,220 @@ +From 3d11179707923b033fa413387a33296b673ff52d Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Thu, 14 Jan 2021 18:13:09 -0500 +Subject: [PATCH] Add APIs for marshalling credentials + +Faciliate KCM daemon implementations by providing functions to +deserialize and reserialize credentials in the FILE v4 format. + +[ghudson@mit.edu: minor editorial changes] + +ticket: 8980 (new) +(cherry picked from commit 18ea3bd2fca55b789b7de9c663624bc11d348fa6) +--- + doc/appdev/refs/api/index.rst | 2 ++ + src/include/krb5/krb5.hin | 36 ++++++++++++++++++++++ + src/lib/krb5/ccache/ccmarshal.c | 53 +++++++++++++++++++++++++++++++++ + src/lib/krb5/ccache/t_marshal.c | 15 +++++++++- + src/lib/krb5/libkrb5.exports | 2 ++ + src/lib/krb5_32.def | 4 +++ + 6 files changed, 111 insertions(+), 1 deletion(-) + +diff --git a/doc/appdev/refs/api/index.rst b/doc/appdev/refs/api/index.rst +index 727d9b492..9e03fd386 100644 +--- a/doc/appdev/refs/api/index.rst ++++ b/doc/appdev/refs/api/index.rst +@@ -232,6 +232,7 @@ Rarely used public interfaces + krb5_kt_remove_entry.rst + krb5_kt_start_seq_get.rst + krb5_make_authdata_kdc_issued.rst ++ krb5_marshal_credentials.rst + krb5_merge_authdata.rst + krb5_mk_1cred.rst + krb5_mk_error.rst +@@ -285,6 +286,7 @@ Rarely used public interfaces + krb5_tkt_creds_get_times.rst + krb5_tkt_creds_init.rst + krb5_tkt_creds_step.rst ++ krb5_unmarshal_credentials.rst + krb5_verify_init_creds.rst + krb5_verify_init_creds_opt_init.rst + krb5_verify_init_creds_opt_set_ap_req_nofail.rst +diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin +index 63e67a2ba..c26dde535 100644 +--- a/src/include/krb5/krb5.hin ++++ b/src/include/krb5/krb5.hin +@@ -3125,6 +3125,42 @@ krb5_get_credentials(krb5_context context, krb5_flags options, + krb5_ccache ccache, krb5_creds *in_creds, + krb5_creds **out_creds); + ++/** ++ * Serialize a @c krb5_creds object. ++ * ++ * @param [in] context Library context ++ * @param [in] creds The credentials object to serialize ++ * @param [out] data_out The serialized credentials ++ * ++ * Serialize @a creds in the format used by the FILE ccache format (vesion 4) ++ * and KCM ccache protocol. ++ * ++ * Use krb5_free_data() to free @a data_out when it is no longer needed. ++ * ++ * @retval 0 Success; otherwise - Kerberos error codes ++ */ ++krb5_error_code KRB5_CALLCONV ++krb5_marshal_credentials(krb5_context context, krb5_creds *in_creds, ++ krb5_data **data_out); ++ ++/** ++ * Deserialize a @c krb5_creds object. ++ * ++ * @param [in] context Library context ++ * @param [in] data The serialized credentials ++ * @param [out] creds_out The resulting creds object ++ * ++ * Deserialize @a data to credentials in the format used by the FILE ccache ++ * format (vesion 4) and KCM ccache protocol. ++ * ++ * Use krb5_free_creds() to free @a creds_out when it is no longer needed. ++ * ++ * @retval 0 Success; otherwise - Kerberos error codes ++ */ ++krb5_error_code KRB5_CALLCONV ++krb5_unmarshal_credentials(krb5_context context, const krb5_data *data, ++ krb5_creds **creds_out); ++ + /** @deprecated Replaced by krb5_get_validated_creds. */ + krb5_error_code KRB5_CALLCONV + krb5_get_credentials_validate(krb5_context context, krb5_flags options, +diff --git a/src/lib/krb5/ccache/ccmarshal.c b/src/lib/krb5/ccache/ccmarshal.c +index ae634ccab..ab284e721 100644 +--- a/src/lib/krb5/ccache/ccmarshal.c ++++ b/src/lib/krb5/ccache/ccmarshal.c +@@ -515,3 +515,56 @@ k5_marshal_mcred(struct k5buf *buf, krb5_creds *mcred) + if (mcred->second_ticket.length > 0) + put_data(buf, version, &mcred->second_ticket); + } ++ ++krb5_error_code KRB5_CALLCONV ++krb5_marshal_credentials(krb5_context context, krb5_creds *in_creds, ++ krb5_data **data_out) ++{ ++ krb5_error_code ret; ++ krb5_data *data; ++ struct k5buf buf; ++ ++ *data_out = NULL; ++ ++ data = k5alloc(sizeof(krb5_data), &ret); ++ if (ret) ++ return ret; ++ ++ k5_buf_init_dynamic(&buf); ++ k5_marshal_cred(&buf, 4, in_creds); ++ ++ ret = k5_buf_status(&buf); ++ if (ret) { ++ free(data); ++ return ret; ++ } ++ ++ /* Steal payload from buf. */ ++ *data = make_data(buf.data, buf.len); ++ *data_out = data; ++ return 0; ++} ++ ++krb5_error_code KRB5_CALLCONV ++krb5_unmarshal_credentials(krb5_context context, const krb5_data *data, ++ krb5_creds **creds_out) ++{ ++ krb5_error_code ret; ++ krb5_creds *creds; ++ ++ *creds_out = NULL; ++ ++ creds = k5alloc(sizeof(krb5_creds), &ret); ++ if (ret) ++ return ret; ++ ++ ret = k5_unmarshal_cred((unsigned char *)data->data, data->length, 4, ++ creds); ++ if (ret) { ++ free(creds); ++ return ret; ++ } ++ ++ *creds_out = creds; ++ return 0; ++} +diff --git a/src/lib/krb5/ccache/t_marshal.c b/src/lib/krb5/ccache/t_marshal.c +index bd0284afa..96e0931a2 100644 +--- a/src/lib/krb5/ccache/t_marshal.c ++++ b/src/lib/krb5/ccache/t_marshal.c +@@ -268,13 +268,14 @@ main(int argc, char **argv) + krb5_context context; + krb5_ccache cache; + krb5_principal princ; +- krb5_creds cred1, cred2; ++ krb5_creds cred1, cred2, *alloc_cred; + krb5_cc_cursor cursor; + const char *filename; + char *ccname, filebuf[256]; + int version, fd; + const struct test *t; + struct k5buf buf; ++ krb5_data ser_data, *alloc_data; + + if (argc != 2) + abort(); +@@ -285,6 +286,18 @@ main(int argc, char **argv) + if (krb5_init_context(&context) != 0) + abort(); + ++ /* Test public functions for unmarshalling and marshalling. */ ++ ser_data = make_data((char *)tests[3].cred1, tests[3].cred1len); ++ if (krb5_unmarshal_credentials(context, &ser_data, &alloc_cred) != 0) ++ abort(); ++ verify_cred1(alloc_cred); ++ if (krb5_marshal_credentials(context, alloc_cred, &alloc_data) != 0) ++ abort(); ++ assert(alloc_data->length == tests[3].cred1len); ++ assert(memcmp(tests[3].cred1, alloc_data->data, alloc_data->length) == 0); ++ krb5_free_data(context, alloc_data); ++ krb5_free_creds(context, alloc_cred); ++ + for (version = FIRST_VERSION; version <= 4; version++) { + t = &tests[version - 1]; + +diff --git a/src/lib/krb5/libkrb5.exports b/src/lib/krb5/libkrb5.exports +index 2d9d56530..adbfa332b 100644 +--- a/src/lib/krb5/libkrb5.exports ++++ b/src/lib/krb5/libkrb5.exports +@@ -489,6 +489,7 @@ krb5_lock_file + krb5_make_authdata_kdc_issued + krb5_make_full_ipaddr + krb5_make_fulladdr ++krb5_marshal_credentials + krb5_mcc_ops + krb5_merge_authdata + krb5_mk_1cred +@@ -592,6 +593,7 @@ krb5_timeofday + krb5_timestamp_to_sfstring + krb5_timestamp_to_string + krb5_unlock_file ++krb5_unmarshal_credentials + krb5_unpack_full_ipaddr + krb5_unparse_name + krb5_unparse_name_ext +diff --git a/src/lib/krb5_32.def b/src/lib/krb5_32.def +index 4953907aa..60b8dd311 100644 +--- a/src/lib/krb5_32.def ++++ b/src/lib/krb5_32.def +@@ -503,3 +503,7 @@ EXPORTS + ; new in 1.19 + k5_cc_store_primary_cred @470 ; PRIVATE + k5_kt_have_match @471 ; PRIVATE GSSAPI ++ ++; new in 1.20 ++ krb5_marshal_credentials @472 ++ krb5_unmarshal_credentials @473 diff --git a/SOURCES/Add-KCM_OP_GET_CRED_LIST-for-faster-iteration.patch b/SOURCES/Add-KCM_OP_GET_CRED_LIST-for-faster-iteration.patch new file mode 100644 index 0000000..5187e5c --- /dev/null +++ b/SOURCES/Add-KCM_OP_GET_CRED_LIST-for-faster-iteration.patch @@ -0,0 +1,359 @@ +From 418e64100d1e3f8c8e3f773909347bad270a2921 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Pavel=20B=C5=99ezina?= +Date: Thu, 11 Feb 2021 15:33:10 +0100 +Subject: [PATCH] Add KCM_OP_GET_CRED_LIST for faster iteration + +For large caches, one IPC operation per credential dominates the cost +of iteration. Instead transfer the whole list of credentials to the +client in one IPC operation. + +Add optional support for the new opcode to the test KCM server to +allow testing of the main and fallback code paths. + +[ghudson@mit.edu: fixed memory leaks and potential memory errors; +adjusted code style and comments; rewrote commit message; added +kcmserver.py support and tests] + +ticket: 8990 (new) +(cherry picked from commit 81bdb47d8ded390263d8ee48f71d5c312b4f1736) +(cherry picked from commit a0ee8b02e56c65e5dcd569caed0e151cef004ef4) +--- + src/include/kcm.h | 12 ++- + src/lib/krb5/ccache/cc_kcm.c | 144 ++++++++++++++++++++++++++++++++--- + src/tests/kcmserver.py | 28 ++++++- + src/tests/t_ccache.py | 10 ++- + 4 files changed, 175 insertions(+), 19 deletions(-) + +diff --git a/src/include/kcm.h b/src/include/kcm.h +index 5ea1447cd..e4140c3a0 100644 +--- a/src/include/kcm.h ++++ b/src/include/kcm.h +@@ -51,9 +51,9 @@ + * + * All replies begin with a 32-bit big-endian reply code. + * +- * Parameters are appended to the request or reply with no delimiters. Flags +- * and time offsets are stored as 32-bit big-endian integers. Names are +- * marshalled as zero-terminated strings. Principals and credentials are ++ * Parameters are appended to the request or reply with no delimiters. Flags, ++ * time offsets, and lengths are stored as 32-bit big-endian integers. Names ++ * are marshalled as zero-terminated strings. Principals and credentials are + * marshalled in the v4 FILE ccache format. UUIDs are 16 bytes. UUID lists + * are not delimited, so nothing can come after them. + */ +@@ -89,7 +89,11 @@ typedef enum kcm_opcode { + KCM_OP_HAVE_NTLM_CRED, + KCM_OP_DEL_NTLM_CRED, + KCM_OP_DO_NTLM_AUTH, +- KCM_OP_GET_NTLM_USER_LIST ++ KCM_OP_GET_NTLM_USER_LIST, ++ ++ /* MIT extensions */ ++ KCM_OP_MIT_EXTENSION_BASE = 13000, ++ KCM_OP_GET_CRED_LIST, /* (name) -> (count, count*{len, cred}) */ + } kcm_opcode; + + #endif /* KCM_H */ +diff --git a/src/lib/krb5/ccache/cc_kcm.c b/src/lib/krb5/ccache/cc_kcm.c +index 9093f894d..772928e4d 100644 +--- a/src/lib/krb5/ccache/cc_kcm.c ++++ b/src/lib/krb5/ccache/cc_kcm.c +@@ -61,6 +61,17 @@ struct uuid_list { + size_t pos; + }; + ++struct cred_list { ++ krb5_creds *creds; ++ size_t count; ++ size_t pos; ++}; ++ ++struct kcm_cursor { ++ struct uuid_list *uuids; ++ struct cred_list *creds; ++}; ++ + struct kcmio { + SOCKET fd; + #ifdef __APPLE__ +@@ -489,6 +500,69 @@ free_uuid_list(struct uuid_list *uuids) + free(uuids); + } + ++static void ++free_cred_list(struct cred_list *list) ++{ ++ size_t i; ++ ++ if (list == NULL) ++ return; ++ ++ /* Creds are transferred to the caller as list->pos is incremented, so we ++ * can start freeing there. */ ++ for (i = list->pos; i < list->count; i++) ++ krb5_free_cred_contents(NULL, &list->creds[i]); ++ free(list->creds); ++ free(list); ++} ++ ++/* Fetch a cred list from req->reply. */ ++static krb5_error_code ++kcmreq_get_cred_list(struct kcmreq *req, struct cred_list **creds_out) ++{ ++ struct cred_list *list; ++ const unsigned char *data; ++ krb5_error_code ret = 0; ++ size_t count, len, i; ++ ++ *creds_out = NULL; ++ ++ /* Check a rough bound on the count to prevent very large allocations. */ ++ count = k5_input_get_uint32_be(&req->reply); ++ if (count > req->reply.len / 4) ++ return KRB5_KCM_MALFORMED_REPLY; ++ ++ list = malloc(sizeof(*list)); ++ if (list == NULL) ++ return ENOMEM; ++ ++ list->creds = NULL; ++ list->count = count; ++ list->pos = 0; ++ list->creds = k5calloc(count, sizeof(*list->creds), &ret); ++ if (list->creds == NULL) { ++ free(list); ++ return ret; ++ } ++ ++ for (i = 0; i < count; i++) { ++ len = k5_input_get_uint32_be(&req->reply); ++ data = k5_input_get_bytes(&req->reply, len); ++ if (data == NULL) ++ break; ++ ret = k5_unmarshal_cred(data, len, 4, &list->creds[i]); ++ if (ret) ++ break; ++ } ++ if (i < count) { ++ free_cred_list(list); ++ return (ret == ENOMEM) ? ENOMEM : KRB5_KCM_MALFORMED_REPLY; ++ } ++ ++ *creds_out = list; ++ return 0; ++} ++ + static void + kcmreq_free(struct kcmreq *req) + { +@@ -753,33 +827,53 @@ kcm_start_seq_get(krb5_context context, krb5_ccache cache, + { + krb5_error_code ret; + struct kcmreq req = EMPTY_KCMREQ; +- struct uuid_list *uuids; ++ struct uuid_list *uuids = NULL; ++ struct cred_list *creds = NULL; ++ struct kcm_cursor *cursor; + + *cursor_out = NULL; + + get_kdc_offset(context, cache); + +- kcmreq_init(&req, KCM_OP_GET_CRED_UUID_LIST, cache); ++ kcmreq_init(&req, KCM_OP_GET_CRED_LIST, cache); + ret = cache_call(context, cache, &req); +- if (ret) ++ if (ret == 0) { ++ /* GET_CRED_LIST is available. */ ++ ret = kcmreq_get_cred_list(&req, &creds); ++ if (ret) ++ goto cleanup; ++ } else if (ret == KRB5_FCC_INTERNAL) { ++ /* Fall back to GET_CRED_UUID_LIST. */ ++ kcmreq_free(&req); ++ kcmreq_init(&req, KCM_OP_GET_CRED_UUID_LIST, cache); ++ ret = cache_call(context, cache, &req); ++ if (ret) ++ goto cleanup; ++ ret = kcmreq_get_uuid_list(&req, &uuids); ++ if (ret) ++ goto cleanup; ++ } else { + goto cleanup; +- ret = kcmreq_get_uuid_list(&req, &uuids); +- if (ret) ++ } ++ ++ cursor = k5alloc(sizeof(*cursor), &ret); ++ if (cursor == NULL) + goto cleanup; +- *cursor_out = (krb5_cc_cursor)uuids; ++ cursor->uuids = uuids; ++ cursor->creds = creds; ++ *cursor_out = (krb5_cc_cursor)cursor; + + cleanup: + kcmreq_free(&req); + return ret; + } + +-static krb5_error_code KRB5_CALLCONV +-kcm_next_cred(krb5_context context, krb5_ccache cache, krb5_cc_cursor *cursor, +- krb5_creds *cred_out) ++static krb5_error_code ++next_cred_by_uuid(krb5_context context, krb5_ccache cache, ++ struct uuid_list *uuids, krb5_creds *cred_out) + { + krb5_error_code ret; + struct kcmreq req; +- struct uuid_list *uuids = (struct uuid_list *)*cursor; + + memset(cred_out, 0, sizeof(*cred_out)); + +@@ -797,11 +891,39 @@ kcm_next_cred(krb5_context context, krb5_ccache cache, krb5_cc_cursor *cursor, + return map_invalid(ret); + } + ++static krb5_error_code KRB5_CALLCONV ++kcm_next_cred(krb5_context context, krb5_ccache cache, krb5_cc_cursor *cursor, ++ krb5_creds *cred_out) ++{ ++ struct kcm_cursor *c = (struct kcm_cursor *)*cursor; ++ struct cred_list *list; ++ ++ if (c->uuids != NULL) ++ return next_cred_by_uuid(context, cache, c->uuids, cred_out); ++ ++ list = c->creds; ++ if (list->pos >= list->count) ++ return KRB5_CC_END; ++ ++ /* Transfer memory ownership of one cred to the caller. */ ++ *cred_out = list->creds[list->pos]; ++ memset(&list->creds[list->pos], 0, sizeof(*list->creds)); ++ list->pos++; ++ ++ return 0; ++} ++ + static krb5_error_code KRB5_CALLCONV + kcm_end_seq_get(krb5_context context, krb5_ccache cache, + krb5_cc_cursor *cursor) + { +- free_uuid_list((struct uuid_list *)*cursor); ++ struct kcm_cursor *c = *cursor; ++ ++ if (c == NULL) ++ return 0; ++ free_uuid_list(c->uuids); ++ free_cred_list(c->creds); ++ free(c); + *cursor = NULL; + return 0; + } +diff --git a/src/tests/kcmserver.py b/src/tests/kcmserver.py +index 57432e5a7..8c5e66ff1 100644 +--- a/src/tests/kcmserver.py ++++ b/src/tests/kcmserver.py +@@ -23,6 +23,7 @@ + # traceback.print_exception(etype, value, tb, file=f) + # sys.excepthook = ehook + ++import optparse + import select + import socket + import struct +@@ -49,12 +50,14 @@ class KCMOpcodes(object): + SET_DEFAULT_CACHE = 21 + GET_KDC_OFFSET = 22 + SET_KDC_OFFSET = 23 ++ GET_CRED_LIST = 13001 + + + class KRB5Errors(object): + KRB5_CC_END = -1765328242 + KRB5_CC_NOSUPP = -1765328137 + KRB5_FCC_NOFILE = -1765328189 ++ KRB5_FCC_INTERNAL = -1765328188 + + + def make_uuid(): +@@ -183,6 +186,14 @@ def op_set_kdc_offset(argbytes): + return 0, b'' + + ++def op_get_cred_list(argbytes): ++ name, rest = unmarshal_name(argbytes) ++ cache = get_cache(name) ++ creds = [cache.creds[u] for u in cache.cred_uuids] ++ return 0, (struct.pack('>L', len(creds)) + ++ b''.join(struct.pack('>L', len(c)) + c for c in creds)) ++ ++ + ophandlers = { + KCMOpcodes.GEN_NEW : op_gen_new, + KCMOpcodes.INITIALIZE : op_initialize, +@@ -197,7 +208,8 @@ ophandlers = { + KCMOpcodes.GET_DEFAULT_CACHE : op_get_default_cache, + KCMOpcodes.SET_DEFAULT_CACHE : op_set_default_cache, + KCMOpcodes.GET_KDC_OFFSET : op_get_kdc_offset, +- KCMOpcodes.SET_KDC_OFFSET : op_set_kdc_offset ++ KCMOpcodes.SET_KDC_OFFSET : op_set_kdc_offset, ++ KCMOpcodes.GET_CRED_LIST : op_get_cred_list + } + + # Read and respond to a request from the socket s. +@@ -215,7 +227,11 @@ def service_request(s): + + majver, minver, op = struct.unpack('>BBH', req[:4]) + argbytes = req[4:] +- code, payload = ophandlers[op](argbytes) ++ ++ if op in ophandlers: ++ code, payload = ophandlers[op](argbytes) ++ else: ++ code, payload = KRB5Errors.KRB5_FCC_INTERNAL, b'' + + # The KCM response is the code (4 bytes) and the response payload. + # The Heimdal IPC response is the length of the KCM response (4 +@@ -226,9 +242,15 @@ def service_request(s): + s.sendall(hipc_response) + return True + ++parser = optparse.OptionParser() ++parser.add_option('-c', '--credlist', action='store_true', dest='credlist', ++ default=False, help='Support KCM_OP_GET_CRED_LIST') ++(options, args) = parser.parse_args() ++if not options.credlist: ++ del ophandlers[KCMOpcodes.GET_CRED_LIST] + + server = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) +-server.bind(sys.argv[1]) ++server.bind(args[0]) + server.listen(5) + select_input = [server,] + sys.stderr.write('starting...\n') +diff --git a/src/tests/t_ccache.py b/src/tests/t_ccache.py +index 66804afa5..90040fb7b 100755 +--- a/src/tests/t_ccache.py ++++ b/src/tests/t_ccache.py +@@ -125,10 +125,18 @@ def collection_test(realm, ccname): + + + collection_test(realm, 'DIR:' + os.path.join(realm.testdir, 'cc')) ++ ++# Test KCM without and with GET_CRED_LIST support. + kcmserver_path = os.path.join(srctop, 'tests', 'kcmserver.py') +-realm.start_server([sys.executable, kcmserver_path, kcm_socket_path], ++kcmd = realm.start_server([sys.executable, kcmserver_path, kcm_socket_path], ++ 'starting...') ++collection_test(realm, 'KCM:') ++stop_daemon(kcmd) ++os.remove(kcm_socket_path) ++realm.start_server([sys.executable, kcmserver_path, '-c', kcm_socket_path], + 'starting...') + collection_test(realm, 'KCM:') ++ + if test_keyring: + def cleanup_keyring(anchor, name): + out = realm.run(['keyctl', 'list', anchor]) diff --git a/SOURCES/Add-buildsystem-detection-of-the-OpenSSL-3-KDF-inter.patch b/SOURCES/Add-buildsystem-detection-of-the-OpenSSL-3-KDF-inter.patch new file mode 100644 index 0000000..269a457 --- /dev/null +++ b/SOURCES/Add-buildsystem-detection-of-the-OpenSSL-3-KDF-inter.patch @@ -0,0 +1,25 @@ +From 2f039fc910022c9569fe6941a194f0b26bd6c894 Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Fri, 20 Sep 2019 16:11:29 -0400 +Subject: [PATCH] Add buildsystem detection of the OpenSSL-3 KDF interface + +(cherry picked from commit a3e03dfd40928c4615bd9b8546eac0c104377850) +--- + src/configure.ac | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/configure.ac b/src/configure.ac +index eb6307468..9c2e816fe 100644 +--- a/src/configure.ac ++++ b/src/configure.ac +@@ -282,6 +282,10 @@ AC_SUBST(CRYPTO_IMPL) + AC_SUBST(CRYPTO_IMPL_CFLAGS) + AC_SUBST(CRYPTO_IMPL_LIBS) + ++if test "$CRYPTO_IMPL" = openssl; then ++ AC_CHECK_FUNCS(EVP_KDF_fetch) ++fi ++ + AC_ARG_WITH([prng-alg], + AC_HELP_STRING([--with-prng-alg=ALG], [use specified PRNG algorithm. @<:@fortuna@:>@]), + [PRNG_ALG=$withval diff --git a/SOURCES/Add-hostname-canonicalization-helper-to-k5test.py.patch b/SOURCES/Add-hostname-canonicalization-helper-to-k5test.py.patch new file mode 100644 index 0000000..2af7a11 --- /dev/null +++ b/SOURCES/Add-hostname-canonicalization-helper-to-k5test.py.patch @@ -0,0 +1,84 @@ +From c76a01279bbbbcfd296d2ead8f6e2a5bee7e8443 Mon Sep 17 00:00:00 2001 +From: Greg Hudson +Date: Fri, 15 Jan 2021 14:43:34 -0500 +Subject: [PATCH] Add hostname canonicalization helper to k5test.py + +To facilitate fallback tests, add a canonicalize_hostname() function +to k5test.py which works similarly to krb5_expand_hostname(). Use it +in t_gssapi.py for the recently-added acceptor name fallback test. + +(cherry picked from commit 225fffe4e912772acea3a01d45bafb60bfb80948) +--- + src/tests/gssapi/t_gssapi.py | 11 +++-------- + src/util/k5test.py | 22 ++++++++++++++++++++++ + 2 files changed, 25 insertions(+), 8 deletions(-) + +diff --git a/src/tests/gssapi/t_gssapi.py b/src/tests/gssapi/t_gssapi.py +index 1af6f31c2..e22cec427 100755 +--- a/src/tests/gssapi/t_gssapi.py ++++ b/src/tests/gssapi/t_gssapi.py +@@ -8,7 +8,7 @@ for realm in multipass_realms(): + realm.run(['./t_iov', '-s', 'p:' + realm.host_princ]) + realm.run(['./t_pcontok', 'p:' + realm.host_princ]) + +-realm = K5Realm(krb5_conf={'libdefaults': {'rdns': 'false'}}) ++realm = K5Realm() + + # Test gss_add_cred(). + realm.run(['./t_add_cred']) +@@ -62,13 +62,8 @@ realm.run(['./t_accname', 'p:host/-nomatch-', + expected_msg=' not found in keytab') + + # If possible, test with an acceptor name requiring fallback to match +-# against a keytab entry. Forward-canonicalize the hostname, relying +-# on the rdns=false realm setting. +-try: +- ai = socket.getaddrinfo(hostname, None, 0, 0, 0, socket.AI_CANONNAME) +- (family, socktype, proto, canonname, sockaddr) = ai[0] +-except socket.gaierror: +- canonname = hostname ++# against a keytab entry. ++canonname = canonicalize_hostname(hostname) + if canonname != hostname: + os.rename(realm.keytab, realm.keytab + '.save') + canonprinc = 'host/' + canonname +diff --git a/src/util/k5test.py b/src/util/k5test.py +index 789b0f4b9..251d11a9d 100644 +--- a/src/util/k5test.py ++++ b/src/util/k5test.py +@@ -155,6 +155,10 @@ Scripts may use the following functions and variables: + * password(name): Return a weakly random password based on name. The + password will be consistent across calls with the same name. + ++* canonicalize_hostname(name, rdns=True): Return the DNS ++ canonicalization of name, optionally using reverse DNS. On error, ++ return name converted to lowercase. ++ + * stop_daemon(proc): Stop a daemon process started with + realm.start_server() or realm.start_in_inetd(). Only necessary if + the port needs to be reused; daemon processes will be stopped +@@ -458,6 +462,24 @@ def password(name): + return name + str(os.getpid()) + + ++def canonicalize_hostname(name, rdns=True): ++ """Canonicalize name using DNS, optionally with reverse DNS.""" ++ try: ++ ai = socket.getaddrinfo(name, None, 0, 0, 0, socket.AI_CANONNAME) ++ except socket.gaierror as e: ++ return name.lower() ++ (family, socktype, proto, canonname, sockaddr) = ai[0] ++ ++ if not rdns: ++ return canonname.lower() ++ ++ try: ++ rname = socket.getnameinfo(sockaddr, socket.NI_NAMEREQD) ++ except socket.gaierror: ++ return canonname.lower() ++ return rname[0].lower() ++ ++ + # Exit handler which ensures processes are cleaned up and, on failure, + # prints messages to help developers debug the problem. + def _onexit(): diff --git a/SOURCES/Allow-kinit-with-keytab-to-defer-canonicalization.patch b/SOURCES/Allow-kinit-with-keytab-to-defer-canonicalization.patch new file mode 100644 index 0000000..269eec4 --- /dev/null +++ b/SOURCES/Allow-kinit-with-keytab-to-defer-canonicalization.patch @@ -0,0 +1,61 @@ +From 4c2f596da5ddb8a1687a4f9c969d5a8dcd2cbcc7 Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Thu, 3 Jun 2021 16:03:07 -0400 +Subject: [PATCH] Allow kinit with keytab to defer canonicalization + +[ghudson@mit.edu: added tests] + +ticket: 9012 (new) +(cherry picked from commit 5e6a6efc5df689d9fb8730d0227167ffbb6ece0e) +(cherry picked from commit 090c7319652466339e3e6482bdd1b5a294638dff) +--- + src/clients/kinit/kinit.c | 11 ----------- + src/tests/t_keytab.py | 13 +++++++++++++ + 2 files changed, 13 insertions(+), 11 deletions(-) + +diff --git a/src/clients/kinit/kinit.c b/src/clients/kinit/kinit.c +index d1f5d74c3..5a6d7237c 100644 +--- a/src/clients/kinit/kinit.c ++++ b/src/clients/kinit/kinit.c +@@ -510,17 +510,6 @@ k5_begin(struct k_opts *opts, struct k5_data *k5) + _("when creating default server principal name")); + goto cleanup; + } +- if (k5->me->realm.data[0] == 0) { +- ret = krb5_unparse_name(k5->ctx, k5->me, &k5->name); +- if (ret == 0) { +- com_err(progname, KRB5_ERR_HOST_REALM_UNKNOWN, +- _("(principal %s)"), k5->name); +- } else { +- com_err(progname, KRB5_ERR_HOST_REALM_UNKNOWN, +- _("for local services")); +- } +- goto cleanup; +- } + } else if (k5->out_cc != NULL) { + /* If the output ccache is initialized, use its principal. */ + if (krb5_cc_get_principal(k5->ctx, k5->out_cc, &princ) == 0) +diff --git a/src/tests/t_keytab.py b/src/tests/t_keytab.py +index 850375c92..a9adebb26 100755 +--- a/src/tests/t_keytab.py ++++ b/src/tests/t_keytab.py +@@ -41,6 +41,19 @@ realm.kinit(realm.user_princ, flags=['-i'], + expected_msg='keytab specified, forcing -k') + realm.klist(realm.user_princ) + ++# Test default principal for -k. This operation requires ++# canonicalization against the keytab in krb5_get_init_creds_keytab() ++# as the krb5_sname_to_principal() result won't have a realm. Try ++# with and without without fallback processing since the code paths ++# are different. ++mark('default principal for -k') ++realm.run([kinit, '-k']) ++realm.klist(realm.host_princ) ++no_canon_conf = {'libdefaults': {'dns_canonicalize_hostname': 'false'}} ++no_canon = realm.special_env('no_canon', False, krb5_conf=no_canon_conf) ++realm.run([kinit, '-k'], env=no_canon) ++realm.klist(realm.host_princ) ++ + # Test extracting keys with multiple key versions present. + mark('multi-kvno extract') + os.remove(realm.keytab) diff --git a/SOURCES/Fix-KCM-flag-transmission-for-remove_cred.patch b/SOURCES/Fix-KCM-flag-transmission-for-remove_cred.patch new file mode 100644 index 0000000..e084c39 --- /dev/null +++ b/SOURCES/Fix-KCM-flag-transmission-for-remove_cred.patch @@ -0,0 +1,104 @@ +From 92a4b760d741494dacbb4d9db4cf2db9e3b01f2c Mon Sep 17 00:00:00 2001 +From: Greg Hudson +Date: Mon, 29 Mar 2021 14:32:56 -0400 +Subject: [PATCH] Fix KCM flag transmission for remove_cred + +MIT krb5 uses low bits for KRB5_TC flags, while Heimdal uses high bits +so that the same flag word can also hold KRB5_GC flags. Add a mapping +function and send the Heimdal flag values when performing a +remove_cred operation. + +ticket: 8995 +(cherry picked from commit 11a82cf424f9c905bb73680c64524f087090d4ef) +(cherry picked from commit 04f0de4420508161ce439f262f2761ff51a07ab0) +--- + src/include/kcm.h | 19 +++++++++++++++++++ + src/lib/krb5/ccache/cc_kcm.c | 36 +++++++++++++++++++++++++++++++++++- + 2 files changed, 54 insertions(+), 1 deletion(-) + +diff --git a/src/include/kcm.h b/src/include/kcm.h +index e4140c3a0..9b66f1cbd 100644 +--- a/src/include/kcm.h ++++ b/src/include/kcm.h +@@ -56,8 +56,27 @@ + * are marshalled as zero-terminated strings. Principals and credentials are + * marshalled in the v4 FILE ccache format. UUIDs are 16 bytes. UUID lists + * are not delimited, so nothing can come after them. ++ * ++ * Flag words must use Heimdal flag values, which are not the same as MIT krb5 ++ * values for KRB5_GC and KRB5_TC constants. The same flag word may contain ++ * both kinds of flags in Heimdal, but not in MIT krb5. Defines for the ++ * applicable Heimdal flag values are given below using KCM_GC and KCM_TC ++ * prefixes. + */ + ++#define KCM_GC_CACHED (1U << 0) ++ ++#define KCM_TC_DONT_MATCH_REALM (1U << 31) ++#define KCM_TC_MATCH_KEYTYPE (1U << 30) ++#define KCM_TC_MATCH_SRV_NAMEONLY (1U << 29) ++#define KCM_TC_MATCH_FLAGS_EXACT (1U << 28) ++#define KCM_TC_MATCH_FLAGS (1U << 27) ++#define KCM_TC_MATCH_TIMES_EXACT (1U << 26) ++#define KCM_TC_MATCH_TIMES (1U << 25) ++#define KCM_TC_MATCH_AUTHDATA (1U << 24) ++#define KCM_TC_MATCH_2ND_TKT (1U << 23) ++#define KCM_TC_MATCH_IS_SKEY (1U << 22) ++ + /* Opcodes without comments are currently unused in the MIT client + * implementation. */ + typedef enum kcm_opcode { +diff --git a/src/lib/krb5/ccache/cc_kcm.c b/src/lib/krb5/ccache/cc_kcm.c +index 772928e4d..1f81a2190 100644 +--- a/src/lib/krb5/ccache/cc_kcm.c ++++ b/src/lib/krb5/ccache/cc_kcm.c +@@ -110,6 +110,40 @@ map_invalid(krb5_error_code code) + KRB5_KCM_MALFORMED_REPLY : code; + } + ++/* ++ * Map an MIT krb5 KRB5_TC flag word to the equivalent Heimdal flag word. Note ++ * that there is no MIT krb5 equivalent for Heimdal's KRB5_TC_DONT_MATCH_REALM ++ * (which is like KRB5_TC_MATCH_SRV_NAMEONLY but also applies to the client ++ * principal) and no Heimdal equivalent for MIT krb5's KRB5_TC_SUPPORTED_KTYPES ++ * (which matches against enctypes from the krb5_context rather than the ++ * matching cred). ++ */ ++static inline krb5_flags ++map_tcflags(krb5_flags mitflags) ++{ ++ krb5_flags heimflags = 0; ++ ++ if (mitflags & KRB5_TC_MATCH_TIMES) ++ heimflags |= KCM_TC_MATCH_TIMES; ++ if (mitflags & KRB5_TC_MATCH_IS_SKEY) ++ heimflags |= KCM_TC_MATCH_IS_SKEY; ++ if (mitflags & KRB5_TC_MATCH_FLAGS) ++ heimflags |= KCM_TC_MATCH_FLAGS; ++ if (mitflags & KRB5_TC_MATCH_TIMES_EXACT) ++ heimflags |= KCM_TC_MATCH_TIMES_EXACT; ++ if (mitflags & KRB5_TC_MATCH_FLAGS_EXACT) ++ heimflags |= KCM_TC_MATCH_FLAGS_EXACT; ++ if (mitflags & KRB5_TC_MATCH_AUTHDATA) ++ heimflags |= KCM_TC_MATCH_AUTHDATA; ++ if (mitflags & KRB5_TC_MATCH_SRV_NAMEONLY) ++ heimflags |= KCM_TC_MATCH_SRV_NAMEONLY; ++ if (mitflags & KRB5_TC_MATCH_2ND_TKT) ++ heimflags |= KCM_TC_MATCH_2ND_TKT; ++ if (mitflags & KRB5_TC_MATCH_KTYPE) ++ heimflags |= KCM_TC_MATCH_KEYTYPE; ++ return heimflags; ++} ++ + /* Begin a request for the given opcode. If cache is non-null, supply the + * cache name as a request parameter. */ + static void +@@ -936,7 +970,7 @@ kcm_remove_cred(krb5_context context, krb5_ccache cache, krb5_flags flags, + struct kcmreq req; + + kcmreq_init(&req, KCM_OP_REMOVE_CRED, cache); +- k5_buf_add_uint32_be(&req.reqbuf, flags); ++ k5_buf_add_uint32_be(&req.reqbuf, map_tcflags(flags)); + k5_marshal_mcred(&req.reqbuf, mcred); + ret = cache_call(context, cache, &req); + kcmreq_free(&req); diff --git a/SOURCES/Fix-KCM-retrieval-support-for-sssd.patch b/SOURCES/Fix-KCM-retrieval-support-for-sssd.patch new file mode 100644 index 0000000..a0cd5ad --- /dev/null +++ b/SOURCES/Fix-KCM-retrieval-support-for-sssd.patch @@ -0,0 +1,63 @@ +From b4f3df953015bf6d2d4c973b458f778f31615c11 Mon Sep 17 00:00:00 2001 +From: Greg Hudson +Date: Tue, 11 May 2021 14:04:07 -0400 +Subject: [PATCH] Fix KCM retrieval support for sssd + +Commit 795ebba8c039be172ab93cd41105c73ffdba0fdb added a retrieval +handler using KCM_OP_RETRIEVE, falling back on the same error codes as +the previous KCM_OP_GET_CRED_LIST support. But sssd (as of 2.4) +returns KRB5_CC_NOSUPP instead of KRB5_CC_IO if it recognizes an +opcode but does not implement it. Add a helper function to recognize +all known unsupported-opcode error codes, and use it in kcm_retrieve() +and kcm_start_seq_get(). + +ticket: 8997 +(cherry picked from commit da103e36e13f3c846bcddbe38dd518a21e5260a0) +(cherry picked from commit a5b2cff51808cd86fe8195e7ac074ecd25c3344d) +--- + src/lib/krb5/ccache/cc_kcm.c | 18 ++++++++++++++++-- + 1 file changed, 16 insertions(+), 2 deletions(-) + +diff --git a/src/lib/krb5/ccache/cc_kcm.c b/src/lib/krb5/ccache/cc_kcm.c +index 23fcf13ea..18505cd3d 100644 +--- a/src/lib/krb5/ccache/cc_kcm.c ++++ b/src/lib/krb5/ccache/cc_kcm.c +@@ -144,6 +144,20 @@ map_tcflags(krb5_flags mitflags) + return heimflags; + } + ++/* ++ * Return true if code could indicate an unsupported operation. Heimdal's KCM ++ * returns KRB5_FCC_INTERNAL. sssd's KCM daemon (as of sssd 2.4) returns ++ * KRB5_CC_NO_SUPP if it recognizes the operation but does not implement it, ++ * and KRB5_CC_IO if it doesn't recognize the operation (which is unfortunate ++ * since it could also indicate a communication failure). ++ */ ++static krb5_boolean ++unsupported_op_error(krb5_error_code code) ++{ ++ return code == KRB5_FCC_INTERNAL || code == KRB5_CC_IO || ++ code == KRB5_CC_NOSUPP; ++} ++ + /* Begin a request for the given opcode. If cache is non-null, supply the + * cache name as a request parameter. */ + static void +@@ -841,7 +855,7 @@ kcm_retrieve(krb5_context context, krb5_ccache cache, krb5_flags flags, + ret = cache_call(context, cache, &req); + + /* Fall back to iteration if the server does not support retrieval. */ +- if (ret == KRB5_FCC_INTERNAL || ret == KRB5_CC_IO) { ++ if (unsupported_op_error(ret)) { + ret = k5_cc_retrieve_cred_default(context, cache, flags, mcred, + cred_out); + goto cleanup; +@@ -922,7 +936,7 @@ kcm_start_seq_get(krb5_context context, krb5_ccache cache, + ret = kcmreq_get_cred_list(&req, &creds); + if (ret) + goto cleanup; +- } else if (ret == KRB5_FCC_INTERNAL || ret == KRB5_CC_IO) { ++ } else if (unsupported_op_error(ret)) { + /* Fall back to GET_CRED_UUID_LIST. */ + kcmreq_free(&req); + kcmreq_init(&req, KCM_OP_GET_CRED_UUID_LIST, cache); diff --git a/SOURCES/Fix-KDC-null-deref-on-bad-encrypted-challenge.patch b/SOURCES/Fix-KDC-null-deref-on-bad-encrypted-challenge.patch new file mode 100644 index 0000000..38677b4 --- /dev/null +++ b/SOURCES/Fix-KDC-null-deref-on-bad-encrypted-challenge.patch @@ -0,0 +1,114 @@ +From 3fe94b5854c56da38ba14994b6c371c3e3b9094e Mon Sep 17 00:00:00 2001 +From: Joseph Sutton +Date: Wed, 7 Jul 2021 11:47:44 +1200 +Subject: [PATCH] Fix KDC null deref on bad encrypted challenge + +The function ec_verify() in src/kdc/kdc_preauth_ec.c contains a check +to avoid further processing if the armor key is NULL. However, this +check is bypassed by a call to k5memdup0() which overwrites retval +with 0 if the allocation succeeds. If the armor key is NULL, a call +to krb5_c_fx_cf2_simple() will then dereference it, resulting in a +crash. Add a check before the k5memdup0() call to avoid overwriting +retval. + +CVE-2021-36222: + +In MIT krb5 releases 1.16 and later, an unauthenticated attacker can +cause a null dereference in the KDC by sending a request containing a +PA-ENCRYPTED-CHALLENGE padata element without using FAST. + +[ghudson@mit.edu: trimmed patch; added test case; edited commit +message] + +ticket: 9007 (new) +tags: pullup +target_version: 1.19-next +target_version: 1.18-next + +(cherry picked from commit fc98f520caefff2e5ee9a0026fdf5109944b3562) +(cherry picked from commit 791211b00a53b394376d096c881b725ee739a936) +--- + src/kdc/kdc_preauth_ec.c | 3 ++- + src/tests/Makefile.in | 1 + + src/tests/t_cve-2021-36222.py | 46 +++++++++++++++++++++++++++++++++++ + 3 files changed, 49 insertions(+), 1 deletion(-) + create mode 100644 src/tests/t_cve-2021-36222.py + +diff --git a/src/kdc/kdc_preauth_ec.c b/src/kdc/kdc_preauth_ec.c +index 7e636b3f9..43a9902cc 100644 +--- a/src/kdc/kdc_preauth_ec.c ++++ b/src/kdc/kdc_preauth_ec.c +@@ -87,7 +87,8 @@ ec_verify(krb5_context context, krb5_data *req_pkt, krb5_kdc_req *request, + } + + /* Check for a configured FAST ec auth indicator. */ +- realmstr = k5memdup0(realm.data, realm.length, &retval); ++ if (retval == 0) ++ realmstr = k5memdup0(realm.data, realm.length, &retval); + if (realmstr != NULL) + retval = profile_get_string(context->profile, KRB5_CONF_REALMS, + realmstr, +diff --git a/src/tests/Makefile.in b/src/tests/Makefile.in +index ab416cc5f..20f27d748 100644 +--- a/src/tests/Makefile.in ++++ b/src/tests/Makefile.in +@@ -159,6 +159,7 @@ check-pytests: unlockiter s4u2self + $(RUNPYTEST) $(srcdir)/t_cve-2012-1015.py $(PYTESTFLAGS) + $(RUNPYTEST) $(srcdir)/t_cve-2013-1416.py $(PYTESTFLAGS) + $(RUNPYTEST) $(srcdir)/t_cve-2013-1417.py $(PYTESTFLAGS) ++ $(RUNPYTEST) $(srcdir)/t_cve-2021-36222.py $(PYTESTFLAGS) + $(RM) au.log + $(RUNPYTEST) $(srcdir)/t_audit.py $(PYTESTFLAGS) + $(RUNPYTEST) $(srcdir)/jsonwalker.py -d $(srcdir)/au_dict.json \ +diff --git a/src/tests/t_cve-2021-36222.py b/src/tests/t_cve-2021-36222.py +new file mode 100644 +index 000000000..57e04993b +--- /dev/null ++++ b/src/tests/t_cve-2021-36222.py +@@ -0,0 +1,46 @@ ++import socket ++from k5test import * ++ ++realm = K5Realm() ++ ++# CVE-2021-36222 KDC null dereference on encrypted challenge preauth ++# without FAST ++ ++s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) ++a = (hostname, realm.portbase) ++ ++m = ('6A81A0' '30819D' # [APPLICATION 10] SEQUENCE ++ 'A103' '0201' '05' # [1] pvno = 5 ++ 'A203' '0201' '0A' # [2] msg-type = 10 ++ 'A30E' '300C' # [3] padata = SEQUENCE OF ++ '300A' # SEQUENCE ++ 'A104' '0202' '008A' # [1] padata-type = PA-ENCRYPTED-CHALLENGE ++ 'A202' '0400' # [2] padata-value = "" ++ 'A48180' '307E' # [4] req-body = SEQUENCE ++ 'A007' '0305' '0000000000' # [0] kdc-options = 0 ++ 'A120' '301E' # [1] cname = SEQUENCE ++ 'A003' '0201' '01' # [0] name-type = NT-PRINCIPAL ++ 'A117' '3015' # [1] name-string = SEQUENCE-OF ++ '1B06' '6B7262746774' # krbtgt ++ '1B0B' '4B5242544553542E434F4D' ++ # KRBTEST.COM ++ 'A20D' '1B0B' '4B5242544553542E434F4D' ++ # [2] realm = KRBTEST.COM ++ 'A320' '301E' # [3] sname = SEQUENCE ++ 'A003' '0201' '01' # [0] name-type = NT-PRINCIPAL ++ 'A117' '3015' # [1] name-string = SEQUENCE-OF ++ '1B06' '6B7262746774' # krbtgt ++ '1B0B' '4B5242544553542E434F4D' ++ # KRBTEST.COM ++ 'A511' '180F' '31393934303631303036303331375A' ++ # [5] till = 19940610060317Z ++ 'A703' '0201' '00' # [7] nonce = 0 ++ 'A808' '3006' # [8] etype = SEQUENCE OF ++ '020112' '020111') # aes256-cts aes128-cts ++ ++s.sendto(bytes.fromhex(m), a) ++ ++# Make sure kinit still works. ++realm.kinit(realm.user_princ, password('user')) ++ ++success('CVE-2021-36222 regression test') diff --git a/SOURCES/Fix-k5tls-module-for-OpenSSL-3.patch b/SOURCES/Fix-k5tls-module-for-OpenSSL-3.patch new file mode 100644 index 0000000..a2b9e34 --- /dev/null +++ b/SOURCES/Fix-k5tls-module-for-OpenSSL-3.patch @@ -0,0 +1,58 @@ +From 51938a8b731740299fe47d132b8840edba4141bc Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Sat, 29 May 2021 12:05:49 -0400 +Subject: [PATCH] Fix k5tls module for OpenSSL 3 + +Starting in OpenSSL 3, connection termination without a close_notify +alert causes SSL_read() to return SSL_ERROR_SSL instead of +SSL_ERROR_SYSCALL. OpenSSL 3 also provides a new option +SSL_OP_IGNORE_UNEXPECTED_EOF which allows an application to explicitly +ignore possible truncation attacks and receive SSL_ERROR_ZERO_RETURN +instead. + +Remove the call to SSL_CTX_get_options() since SSL_CTX_set_options() +doesn't clear existing options. + +[ghudson@mit.edu: edited commit message and comment] + +(cherry picked from commit aa9b4a2a64046afd2fab7cb49c346295874a5fb6) +(cherry picked from commit 201e38845e9f70234bcaa9ba7c25b28e38169b0a) +--- + src/plugins/tls/k5tls/openssl.c | 17 ++++++++++++++--- + 1 file changed, 14 insertions(+), 3 deletions(-) + +diff --git a/src/plugins/tls/k5tls/openssl.c b/src/plugins/tls/k5tls/openssl.c +index 76a43b3cd..99fda7ffc 100644 +--- a/src/plugins/tls/k5tls/openssl.c ++++ b/src/plugins/tls/k5tls/openssl.c +@@ -433,7 +433,7 @@ setup(krb5_context context, SOCKET fd, const char *servername, + char **anchors, k5_tls_handle *handle_out) + { + int e; +- long options; ++ long options = SSL_OP_NO_SSLv2; + SSL_CTX *ctx = NULL; + SSL *ssl = NULL; + k5_tls_handle handle = NULL; +@@ -448,8 +448,19 @@ setup(krb5_context context, SOCKET fd, const char *servername, + ctx = SSL_CTX_new(SSLv23_client_method()); + if (ctx == NULL) + goto error; +- options = SSL_CTX_get_options(ctx); +- SSL_CTX_set_options(ctx, options | SSL_OP_NO_SSLv2); ++ ++#ifdef SSL_OP_IGNORE_UNEXPECTED_EOF ++ /* ++ * For OpenSSL 3 and later, mark close_notify alerts as optional. We don't ++ * need to worry about truncation attacks because the protocols this module ++ * is used with (Kerberos and change-password) receive a single ++ * length-delimited message from the server. For prior versions of OpenSSL ++ * we check for SSL_ERROR_SYSCALL when reading instead (this error changes ++ * to SSL_ERROR_SSL in OpenSSL 3). ++ */ ++ options |= SSL_OP_IGNORE_UNEXPECTED_EOF; ++#endif ++ SSL_CTX_set_options(ctx, options); + + SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, verify_callback); + X509_STORE_set_flags(SSL_CTX_get_cert_store(ctx), 0); diff --git a/SOURCES/Fix-kadmin-k-with-fallback-or-referral-realm.patch b/SOURCES/Fix-kadmin-k-with-fallback-or-referral-realm.patch new file mode 100644 index 0000000..07a202d --- /dev/null +++ b/SOURCES/Fix-kadmin-k-with-fallback-or-referral-realm.patch @@ -0,0 +1,65 @@ +From ddbd548562d951d327a10c9dcb975418427f6fea Mon Sep 17 00:00:00 2001 +From: Greg Hudson +Date: Mon, 7 Jun 2021 15:00:41 -0400 +Subject: [PATCH] Fix kadmin -k with fallback or referral realm + +kadmin -k produces a client principal name with +krb5_sname_to_principal(), but it gets converted to a string and back +due to the signature of kadm5_init_with_skey(), which loses track of +the name type, so no canonicalization is performed. + +In libkadm5clnt initialization, recognize the important subset of this +case--an empty realm indicates either fallback processing or the +referral realm--and restore the host-based name type so that the +client principal can be canonicalized against the keytab. + +ticket: 9013 (new) +(cherry picked from commit dcb79089276624d7ddf44e08d35bd6d7d7e557d2) +(cherry picked from commit cd8ff035f5b4720a8fc457355726f7bd0eab5eaa) +--- + src/lib/kadm5/clnt/client_init.c | 7 +++++++ + src/tests/t_kadmin.py | 12 ++++++++++++ + 2 files changed, 19 insertions(+) + +diff --git a/src/lib/kadm5/clnt/client_init.c b/src/lib/kadm5/clnt/client_init.c +index aa1223bb3..0aaca701f 100644 +--- a/src/lib/kadm5/clnt/client_init.c ++++ b/src/lib/kadm5/clnt/client_init.c +@@ -221,9 +221,16 @@ init_any(krb5_context context, char *client_name, enum init_type init_type, + return KADM5_MISSING_KRB5_CONF_PARAMS; + } + ++ /* ++ * Parse the client name. If it has an empty realm, it is almost certainly ++ * a host-based principal using DNS fallback processing or the referral ++ * realm, so give it the appropriate name type for canonicalization. ++ */ + code = krb5_parse_name(handle->context, client_name, &client); + if (code) + goto error; ++ if (init_type == INIT_SKEY && client->realm.length == 0) ++ client->type = KRB5_NT_SRV_HST; + + /* + * Get credentials. Also does some fallbacks in case kadmin/fqdn +diff --git a/src/tests/t_kadmin.py b/src/tests/t_kadmin.py +index fe6a3cc2e..98453d92e 100644 +--- a/src/tests/t_kadmin.py ++++ b/src/tests/t_kadmin.py +@@ -51,4 +51,16 @@ for i in range(200): + realm.run_kadmin(['addprinc', '-randkey', 'foo%d' % i]) + realm.run_kadmin(['listprincs'], expected_msg='foo199') + ++# Test kadmin -k with the default principal, with and without ++# fallback. This operation requires canonicalization against the ++# keytab in krb5_get_init_creds_keytab() as the ++# krb5_sname_to_principal() result won't have a realm. Try with and ++# without without fallback processing since the code paths are ++# different. ++mark('kadmin -k') ++realm.run([kadmin, '-k', 'getprinc', realm.host_princ]) ++no_canon_conf = {'libdefaults': {'dns_canonicalize_hostname': 'false'}} ++no_canon = realm.special_env('no_canon', False, krb5_conf=no_canon_conf) ++realm.run([kadmin, '-k', 'getprinc', realm.host_princ], env=no_canon) ++ + success('kadmin and kpasswd tests') diff --git a/SOURCES/Fix-softpkcs11-build-issues-with-openssl-3.0.patch b/SOURCES/Fix-softpkcs11-build-issues-with-openssl-3.0.patch new file mode 100644 index 0000000..ba5a8b5 --- /dev/null +++ b/SOURCES/Fix-softpkcs11-build-issues-with-openssl-3.0.patch @@ -0,0 +1,552 @@ +From f85a818fe1a7438db7e1ea579818da67e0be017d Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Sat, 15 May 2021 17:35:25 -0400 +Subject: [PATCH] Fix softpkcs11 build issues with openssl 3.0 + +EVP_PKEY_get0_RSA() has been modified to have const return type. Remove +its usages in favor of the EVP_PKEY interface. Also remove calls to +RSA_blinding_off(), which we don't need and would require a non-const +object. Similarly, remove RSA_set_method() calls that set a pre-existing +default. + +Since softpkcs11 doesn't link against krb5 and can't use zap(), allocate +buffers with OPENSSL_malloc() so can use OPENSSL_clear_free(). + +Move several argument validation checks to the top of their functions. + +Fix some incorrect/inconsistent log messages. + +(cherry picked from commit 00de1aad7b3647b91017c7009b0bc65cd0c8b2e0) +(cherry picked from commit a86b780ef275b35e8dc1e6d1886ec8e8d941f7c4) +--- + src/tests/softpkcs11/main.c | 360 ++++++++++++++---------------------- + 1 file changed, 141 insertions(+), 219 deletions(-) + +diff --git a/src/tests/softpkcs11/main.c b/src/tests/softpkcs11/main.c +index 1cccdfb43..caa537b68 100644 +--- a/src/tests/softpkcs11/main.c ++++ b/src/tests/softpkcs11/main.c +@@ -375,10 +375,9 @@ add_st_object(void) + return NULL; + soft_token.object.objs = objs; + +- o = malloc(sizeof(*o)); ++ o = calloc(1, sizeof(*o)); + if (o == NULL) + return NULL; +- memset(o, 0, sizeof(*o)); + o->attrs = NULL; + o->num_attributes = 0; + o->object_handle = soft_token.object.num_objs; +@@ -424,7 +423,7 @@ add_pubkey_info(struct st_object *o, CK_KEY_TYPE key_type, EVP_PKEY *key) + CK_ULONG modulus_bits = 0; + CK_BYTE *exponent = NULL; + size_t exponent_len = 0; +- RSA *rsa; ++ const RSA *rsa; + const BIGNUM *n, *e; + + rsa = EVP_PKEY_get0_RSA(key); +@@ -445,8 +444,6 @@ add_pubkey_info(struct st_object *o, CK_KEY_TYPE key_type, EVP_PKEY *key) + add_object_attribute(o, 0, CKA_PUBLIC_EXPONENT, + exponent, exponent_len); + +- RSA_set_method(rsa, RSA_PKCS1_OpenSSL()); +- + free(modulus); + free(exponent); + } +@@ -679,10 +676,6 @@ add_certificate(char *label, + } else { + /* XXX verify keytype */ + +- if (key_type == CKK_RSA) +- RSA_set_method(EVP_PKEY_get0_RSA(o->u.private_key.key), +- RSA_PKCS1_OpenSSL()); +- + if (X509_check_private_key(cert, o->u.private_key.key) != 1) { + EVP_PKEY_free(o->u.private_key.key); + o->u.private_key.key = NULL; +@@ -695,7 +688,7 @@ add_certificate(char *label, + } + + ret = CKR_OK; +- out: ++out: + if (ret != CKR_OK) { + st_logf("something went wrong when adding cert!\n"); + +@@ -1224,8 +1217,6 @@ C_Login(CK_SESSION_HANDLE hSession, + } + + /* XXX check keytype */ +- RSA_set_method(EVP_PKEY_get0_RSA(o->u.private_key.key), +- RSA_PKCS1_OpenSSL()); + + if (X509_check_private_key(o->u.private_key.cert, o->u.private_key.key) != 1) { + EVP_PKEY_free(o->u.private_key.key); +@@ -1495,8 +1486,9 @@ C_Encrypt(CK_SESSION_HANDLE hSession, + struct st_object *o; + void *buffer = NULL; + CK_RV ret; +- RSA *rsa; +- int padding, len, buffer_len, padding_len; ++ size_t buffer_len = 0; ++ int padding; ++ EVP_PKEY_CTX *ctx = NULL; + + st_logf("Encrypt\n"); + +@@ -1512,70 +1504,58 @@ C_Encrypt(CK_SESSION_HANDLE hSession, + return CKR_ARGUMENTS_BAD; + } + +- rsa = EVP_PKEY_get0_RSA(o->u.public_key); +- +- if (rsa == NULL) +- return CKR_ARGUMENTS_BAD; +- +- RSA_blinding_off(rsa); /* XXX RAND is broken while running in mozilla ? */ +- +- buffer_len = RSA_size(rsa); +- +- buffer = malloc(buffer_len); +- if (buffer == NULL) { +- ret = CKR_DEVICE_MEMORY; +- goto out; +- } +- +- ret = CKR_OK; +- switch(state->encrypt_mechanism->mechanism) { +- case CKM_RSA_PKCS: +- padding = RSA_PKCS1_PADDING; +- padding_len = RSA_PKCS1_PADDING_SIZE; +- break; +- case CKM_RSA_X_509: +- padding = RSA_NO_PADDING; +- padding_len = 0; +- break; +- default: +- ret = CKR_FUNCTION_NOT_SUPPORTED; +- goto out; +- } +- +- if ((CK_ULONG)buffer_len + padding_len < ulDataLen) { +- ret = CKR_ARGUMENTS_BAD; +- goto out; +- } +- + if (pulEncryptedDataLen == NULL) { + st_logf("pulEncryptedDataLen NULL\n"); + ret = CKR_ARGUMENTS_BAD; + goto out; + } + +- if (pData == NULL_PTR) { ++ if (pData == NULL) { + st_logf("data NULL\n"); + ret = CKR_ARGUMENTS_BAD; + goto out; + } + +- len = RSA_public_encrypt(ulDataLen, pData, buffer, rsa, padding); +- if (len <= 0) { ++ switch(state->encrypt_mechanism->mechanism) { ++ case CKM_RSA_PKCS: ++ padding = RSA_PKCS1_PADDING; ++ break; ++ case CKM_RSA_X_509: ++ padding = RSA_NO_PADDING; ++ break; ++ default: ++ ret = CKR_FUNCTION_NOT_SUPPORTED; ++ goto out; ++ } ++ ++ ctx = EVP_PKEY_CTX_new(o->u.public_key, NULL); ++ if (ctx == NULL || EVP_PKEY_encrypt_init(ctx) <= 0 || ++ EVP_PKEY_CTX_set_rsa_padding(ctx, padding) <= 0 || ++ EVP_PKEY_encrypt(ctx, NULL, &buffer_len, pData, ulDataLen) <= 0) { + ret = CKR_DEVICE_ERROR; + goto out; + } +- if (len > buffer_len) +- abort(); + +- if (pEncryptedData != NULL_PTR) +- memcpy(pEncryptedData, buffer, len); +- *pulEncryptedDataLen = len; +- +- out: +- if (buffer) { +- memset(buffer, 0, buffer_len); +- free(buffer); ++ buffer = OPENSSL_malloc(buffer_len); ++ if (buffer == NULL) { ++ ret = CKR_DEVICE_MEMORY; ++ goto out; + } ++ ++ if (EVP_PKEY_encrypt(ctx, buffer, &buffer_len, pData, ulDataLen) <= 0) { ++ ret = CKR_DEVICE_ERROR; ++ goto out; ++ } ++ st_logf("Encrypt done\n"); ++ ++ if (pEncryptedData != NULL) ++ memcpy(pEncryptedData, buffer, buffer_len); ++ *pulEncryptedDataLen = buffer_len; ++ ++ ret = CKR_OK; ++out: ++ OPENSSL_clear_free(buffer, buffer_len); ++ EVP_PKEY_CTX_free(ctx); + return ret; + } + +@@ -1646,8 +1626,9 @@ C_Decrypt(CK_SESSION_HANDLE hSession, + struct st_object *o; + void *buffer = NULL; + CK_RV ret; +- RSA *rsa; +- int padding, len, buffer_len, padding_len; ++ size_t buffer_len = 0; ++ int padding; ++ EVP_PKEY_CTX *ctx = NULL; + + st_logf("Decrypt\n"); + +@@ -1663,41 +1644,6 @@ C_Decrypt(CK_SESSION_HANDLE hSession, + return CKR_ARGUMENTS_BAD; + } + +- rsa = EVP_PKEY_get0_RSA(o->u.private_key.key); +- +- if (rsa == NULL) +- return CKR_ARGUMENTS_BAD; +- +- RSA_blinding_off(rsa); /* XXX RAND is broken while running in mozilla ? */ +- +- buffer_len = RSA_size(rsa); +- +- buffer = malloc(buffer_len); +- if (buffer == NULL) { +- ret = CKR_DEVICE_MEMORY; +- goto out; +- } +- +- ret = CKR_OK; +- switch(state->decrypt_mechanism->mechanism) { +- case CKM_RSA_PKCS: +- padding = RSA_PKCS1_PADDING; +- padding_len = RSA_PKCS1_PADDING_SIZE; +- break; +- case CKM_RSA_X_509: +- padding = RSA_NO_PADDING; +- padding_len = 0; +- break; +- default: +- ret = CKR_FUNCTION_NOT_SUPPORTED; +- goto out; +- } +- +- if ((CK_ULONG)buffer_len + padding_len < ulEncryptedDataLen) { +- ret = CKR_ARGUMENTS_BAD; +- goto out; +- } +- + if (pulDataLen == NULL) { + st_logf("pulDataLen NULL\n"); + ret = CKR_ARGUMENTS_BAD; +@@ -1710,24 +1656,48 @@ C_Decrypt(CK_SESSION_HANDLE hSession, + goto out; + } + +- len = RSA_private_decrypt(ulEncryptedDataLen, pEncryptedData, buffer, +- rsa, padding); +- if (len <= 0) { ++ switch(state->decrypt_mechanism->mechanism) { ++ case CKM_RSA_PKCS: ++ padding = RSA_PKCS1_PADDING; ++ break; ++ case CKM_RSA_X_509: ++ padding = RSA_NO_PADDING; ++ break; ++ default: ++ ret = CKR_FUNCTION_NOT_SUPPORTED; ++ goto out; ++ } ++ ++ ctx = EVP_PKEY_CTX_new(o->u.private_key.key, NULL); ++ if (ctx == NULL || EVP_PKEY_decrypt_init(ctx) <= 0 || ++ EVP_PKEY_CTX_set_rsa_padding(ctx, padding) <= 0 || ++ EVP_PKEY_decrypt(ctx, NULL, &buffer_len, pEncryptedData, ++ ulEncryptedDataLen) <= 0) { + ret = CKR_DEVICE_ERROR; + goto out; + } +- if (len > buffer_len) +- abort(); ++ ++ buffer = OPENSSL_malloc(buffer_len); ++ if (buffer == NULL) { ++ ret = CKR_DEVICE_MEMORY; ++ goto out; ++ } ++ ++ if (EVP_PKEY_decrypt(ctx, buffer, &buffer_len, pEncryptedData, ++ ulEncryptedDataLen) <= 0) { ++ ret = CKR_DEVICE_ERROR; ++ goto out; ++ } ++ st_logf("Decrypt done\n"); + + if (pData != NULL_PTR) +- memcpy(pData, buffer, len); +- *pulDataLen = len; ++ memcpy(pData, buffer, buffer_len); ++ *pulDataLen = buffer_len; + +- out: +- if (buffer) { +- memset(buffer, 0, buffer_len); +- free(buffer); +- } ++ ret = CKR_OK; ++out: ++ OPENSSL_clear_free(buffer, buffer_len); ++ EVP_PKEY_CTX_free(ctx); + return ret; + } + +@@ -1806,8 +1776,9 @@ C_Sign(CK_SESSION_HANDLE hSession, + struct st_object *o; + void *buffer = NULL; + CK_RV ret; +- RSA *rsa; +- int padding, len, buffer_len, padding_len; ++ int padding; ++ size_t buffer_len = 0; ++ EVP_PKEY_CTX *ctx = NULL; + + st_logf("Sign\n"); + VERIFY_SESSION_HANDLE(hSession, &state); +@@ -1822,40 +1793,6 @@ C_Sign(CK_SESSION_HANDLE hSession, + return CKR_ARGUMENTS_BAD; + } + +- rsa = EVP_PKEY_get0_RSA(o->u.private_key.key); +- +- if (rsa == NULL) +- return CKR_ARGUMENTS_BAD; +- +- RSA_blinding_off(rsa); /* XXX RAND is broken while running in mozilla ? */ +- +- buffer_len = RSA_size(rsa); +- +- buffer = malloc(buffer_len); +- if (buffer == NULL) { +- ret = CKR_DEVICE_MEMORY; +- goto out; +- } +- +- switch(state->sign_mechanism->mechanism) { +- case CKM_RSA_PKCS: +- padding = RSA_PKCS1_PADDING; +- padding_len = RSA_PKCS1_PADDING_SIZE; +- break; +- case CKM_RSA_X_509: +- padding = RSA_NO_PADDING; +- padding_len = 0; +- break; +- default: +- ret = CKR_FUNCTION_NOT_SUPPORTED; +- goto out; +- } +- +- if ((CK_ULONG)buffer_len < ulDataLen + padding_len) { +- ret = CKR_ARGUMENTS_BAD; +- goto out; +- } +- + if (pulSignatureLen == NULL) { + st_logf("signature len NULL\n"); + ret = CKR_ARGUMENTS_BAD; +@@ -1868,26 +1805,46 @@ C_Sign(CK_SESSION_HANDLE hSession, + goto out; + } + +- len = RSA_private_encrypt(ulDataLen, pData, buffer, rsa, padding); +- st_logf("private encrypt done\n"); +- if (len <= 0) { ++ switch(state->sign_mechanism->mechanism) { ++ case CKM_RSA_PKCS: ++ padding = RSA_PKCS1_PADDING; ++ break; ++ case CKM_RSA_X_509: ++ padding = RSA_NO_PADDING; ++ break; ++ default: ++ ret = CKR_FUNCTION_NOT_SUPPORTED; ++ goto out; ++ } ++ ++ ctx = EVP_PKEY_CTX_new(o->u.private_key.key, NULL); ++ if (ctx == NULL || EVP_PKEY_sign_init(ctx) <= 0 || ++ EVP_PKEY_CTX_set_rsa_padding(ctx, padding) <= 0 || ++ EVP_PKEY_sign(ctx, NULL, &buffer_len, pData, ulDataLen) <= 0) { + ret = CKR_DEVICE_ERROR; + goto out; + } +- if (len > buffer_len) +- abort(); + +- if (pSignature != NULL_PTR) +- memcpy(pSignature, buffer, len); +- *pulSignatureLen = len; ++ buffer = OPENSSL_malloc(buffer_len); ++ if (buffer == NULL) { ++ ret = CKR_DEVICE_MEMORY; ++ goto out; ++ } ++ ++ if (EVP_PKEY_sign(ctx, buffer, &buffer_len, pData, ulDataLen) <= 0) { ++ ret = CKR_DEVICE_ERROR; ++ goto out; ++ } ++ st_logf("Sign done\n"); ++ ++ if (pSignature != NULL) ++ memcpy(pSignature, buffer, buffer_len); ++ *pulSignatureLen = buffer_len; + + ret = CKR_OK; +- +- out: +- if (buffer) { +- memset(buffer, 0, buffer_len); +- free(buffer); +- } ++out: ++ OPENSSL_clear_free(buffer, buffer_len); ++ EVP_PKEY_CTX_free(ctx); + return ret; + } + +@@ -1951,10 +1908,9 @@ C_Verify(CK_SESSION_HANDLE hSession, + { + struct session_state *state; + struct st_object *o; +- void *buffer = NULL; + CK_RV ret; +- RSA *rsa; +- int padding, len, buffer_len; ++ int padding; ++ EVP_PKEY_CTX *ctx = NULL; + + st_logf("Verify\n"); + VERIFY_SESSION_HANDLE(hSession, &state); +@@ -1969,39 +1925,6 @@ C_Verify(CK_SESSION_HANDLE hSession, + return CKR_ARGUMENTS_BAD; + } + +- rsa = EVP_PKEY_get0_RSA(o->u.public_key); +- +- if (rsa == NULL) +- return CKR_ARGUMENTS_BAD; +- +- RSA_blinding_off(rsa); /* XXX RAND is broken while running in mozilla ? */ +- +- buffer_len = RSA_size(rsa); +- +- buffer = malloc(buffer_len); +- if (buffer == NULL) { +- ret = CKR_DEVICE_MEMORY; +- goto out; +- } +- +- ret = CKR_OK; +- switch(state->verify_mechanism->mechanism) { +- case CKM_RSA_PKCS: +- padding = RSA_PKCS1_PADDING; +- break; +- case CKM_RSA_X_509: +- padding = RSA_NO_PADDING; +- break; +- default: +- ret = CKR_FUNCTION_NOT_SUPPORTED; +- goto out; +- } +- +- if ((CK_ULONG)buffer_len < ulDataLen) { +- ret = CKR_ARGUMENTS_BAD; +- goto out; +- } +- + if (pSignature == NULL) { + st_logf("signature NULL\n"); + ret = CKR_ARGUMENTS_BAD; +@@ -2014,34 +1937,34 @@ C_Verify(CK_SESSION_HANDLE hSession, + goto out; + } + +- len = RSA_public_decrypt(ulDataLen, pData, buffer, rsa, padding); +- st_logf("private encrypt done\n"); +- if (len <= 0) { ++ switch(state->verify_mechanism->mechanism) { ++ case CKM_RSA_PKCS: ++ padding = RSA_PKCS1_PADDING; ++ break; ++ case CKM_RSA_X_509: ++ padding = RSA_NO_PADDING; ++ break; ++ default: ++ ret = CKR_FUNCTION_NOT_SUPPORTED; ++ goto out; ++ } ++ ++ ctx = EVP_PKEY_CTX_new(o->u.public_key, NULL); ++ if (ctx == NULL || EVP_PKEY_verify_init(ctx) <= 0 || ++ EVP_PKEY_CTX_set_rsa_padding(ctx, padding) <= 0 || ++ EVP_PKEY_verify(ctx, pSignature, ulSignatureLen, pData, ++ ulDataLen) <= 0) { + ret = CKR_DEVICE_ERROR; + goto out; + } +- if (len > buffer_len) +- abort(); ++ st_logf("Verify done\n"); + +- if ((CK_ULONG)len != ulSignatureLen) { +- ret = CKR_GENERAL_ERROR; +- goto out; +- } +- +- if (memcmp(pSignature, buffer, len) != 0) { +- ret = CKR_GENERAL_ERROR; +- goto out; +- } +- +- out: +- if (buffer) { +- memset(buffer, 0, buffer_len); +- free(buffer); +- } ++ ret = CKR_OK; ++out: ++ EVP_PKEY_CTX_free(ctx); + return ret; + } + +- + CK_RV + C_VerifyUpdate(CK_SESSION_HANDLE hSession, + CK_BYTE_PTR pPart, +@@ -2072,7 +1995,6 @@ C_GenerateRandom(CK_SESSION_HANDLE hSession, + return CKR_FUNCTION_NOT_SUPPORTED; + } + +- + CK_FUNCTION_LIST funcs = { + { 2, 11 }, + C_Initialize, diff --git a/SOURCES/Fix-some-principal-realm-canonicalization-cases.patch b/SOURCES/Fix-some-principal-realm-canonicalization-cases.patch new file mode 100644 index 0000000..5473b5d --- /dev/null +++ b/SOURCES/Fix-some-principal-realm-canonicalization-cases.patch @@ -0,0 +1,97 @@ +From 8f70ad82a645ccb7fb1677d260baa5e4112890d4 Mon Sep 17 00:00:00 2001 +From: Greg Hudson +Date: Mon, 7 Jun 2021 13:27:29 -0400 +Subject: [PATCH] Fix some principal realm canonicalization cases + +The no_hostrealm and subst_defrealm flags in struct canonprinc were +only applied when dns_canonicalize_hostname=fallback; in the other +cases, the initial krb5_sname_to_principal() result is treated as +canonical. For no_hostrealm this limitation doesn't currently matter, +because all uses pass a principal with no realm as input. However, +subst_defrealm is used to convert the referral realm to the default +realm in krb5_get_init_creds_keytab(), krb5_cc_cache_match(), and +gss_acquire_cred() when it needs to check the desired name against a +specified ccache. + +In k5_canonprinc(), if the input principal is a +krb5_sname_to_principal() result and fallback isn't in effect, apply +subst_defrealm. Document in os-proto.h that no_hostrealm doesn't +remove an existing realm and that krb5_sname_to_principal() may +already have looked one up. + +ticket: 9011 (new) +(cherry picked from commit c077d0c6430c4ac163443aacc03d14d206a4cbb8) +(cherry picked from commit 5ae9bc98f23aeaa2ce17debe5a9b0cf1130e54ed) +--- + src/lib/krb5/os/os-proto.h | 13 +++++++++---- + src/lib/krb5/os/sn2princ.c | 24 +++++++++++++++++++++--- + 2 files changed, 30 insertions(+), 7 deletions(-) + +diff --git a/src/lib/krb5/os/os-proto.h b/src/lib/krb5/os/os-proto.h +index 7d5e7978f..a985f2aec 100644 +--- a/src/lib/krb5/os/os-proto.h ++++ b/src/lib/krb5/os/os-proto.h +@@ -85,10 +85,15 @@ struct sendto_callback_info { + + /* + * Initialize with all zeros except for princ. Set no_hostrealm to disable +- * host-to-realm lookup, which ordinarily happens after canonicalizing the host +- * part. Set subst_defrealm to substitute the default realm for the referral +- * realm after realm lookup (this has no effect if no_hostrealm is set). Free +- * with free_canonprinc() when done. ++ * host-to-realm lookup, which ordinarily happens during fallback processing ++ * after canonicalizing the host part. Set subst_defrealm to substitute the ++ * default realm for the referral realm after realm lookup. Do not set both ++ * flags. Free with free_canonprinc() when done. ++ * ++ * no_hostrealm only applies if fallback processing is in use ++ * (dns_canonicalize_hostname = fallback). It will not remove the realm if ++ * krb5_sname_to_principal() already canonicalized the hostname and looked up a ++ * realm. subst_defrealm applies whether or not fallback processing is in use. + */ + struct canonprinc { + krb5_const_principal princ; +diff --git a/src/lib/krb5/os/sn2princ.c b/src/lib/krb5/os/sn2princ.c +index c99b7da17..93c155932 100644 +--- a/src/lib/krb5/os/sn2princ.c ++++ b/src/lib/krb5/os/sn2princ.c +@@ -271,18 +271,36 @@ krb5_error_code + k5_canonprinc(krb5_context context, struct canonprinc *iter, + krb5_const_principal *princ_out) + { ++ krb5_error_code ret; + int step = ++iter->step; + + *princ_out = NULL; + +- /* If we're not doing fallback, the input principal is canonical. */ +- if (context->dns_canonicalize_hostname != CANONHOST_FALLBACK || +- iter->princ->type != KRB5_NT_SRV_HST || iter->princ->length != 2 || ++ /* If the hostname isn't from krb5_sname_to_principal(), the input ++ * principal is canonical. */ ++ if (iter->princ->type != KRB5_NT_SRV_HST || iter->princ->length != 2 || + iter->princ->data[1].length == 0) { + *princ_out = (step == 1) ? iter->princ : NULL; + return 0; + } + ++ /* If we're not doing fallback, the hostname is canonical, but we may need ++ * to substitute the default realm. */ ++ if (context->dns_canonicalize_hostname != CANONHOST_FALLBACK) { ++ if (step > 1) ++ return 0; ++ iter->copy = *iter->princ; ++ if (iter->subst_defrealm && iter->copy.realm.length == 0) { ++ ret = krb5_get_default_realm(context, &iter->realm); ++ if (ret) ++ return ret; ++ iter->copy = *iter->princ; ++ iter->copy.realm = string2data(iter->realm); ++ } ++ *princ_out = &iter->copy; ++ return 0; ++ } ++ + /* Canonicalize without DNS at step 1, with DNS at step 2. */ + if (step > 2) + return 0; diff --git a/SOURCES/Handle-OpenSSL-3-s-providers.patch b/SOURCES/Handle-OpenSSL-3-s-providers.patch new file mode 100644 index 0000000..d7b0d90 --- /dev/null +++ b/SOURCES/Handle-OpenSSL-3-s-providers.patch @@ -0,0 +1,301 @@ +From e3f3d31a3db23f6c8437cd0efe45f67a7f4fc6aa Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Sat, 15 May 2021 21:18:06 -0400 +Subject: [PATCH] Handle OpenSSL 3's providers + +OpenSSL 3 compartmentalizes what algorithms it uses, which for us means +another hoop to jump through to use dubious cryptography. (Right now, +we need to load "legacy" in order to access MD4 and RC4.) + +Use our normal initializer logic to set up providers both in the OpenSSL +provider an the PKINIT plugin. Since DT_FINI is too late, release them +using atexit() as OpenSSL does. + +(cherry picked from commit bea5a703a06da1f1ab56821b77a2d3661cb0dda4) +[rharwood@redhat.com: work around des3 removal and rc4 fips changes] +--- + src/configure.ac | 1 + + src/lib/crypto/openssl/enc_provider/aes.c | 16 ++++++ + .../crypto/openssl/enc_provider/camellia.c | 16 ++++++ + src/lib/crypto/openssl/enc_provider/rc4.c | 4 ++ + .../crypto/openssl/hash_provider/hash_evp.c | 5 ++ + src/lib/crypto/openssl/init.c | 53 +++++++++++++++++++ + src/plugins/preauth/pkinit/Makefile.in | 1 + + .../preauth/pkinit/pkinit_crypto_openssl.c | 33 ++++++++++-- + 8 files changed, 126 insertions(+), 3 deletions(-) + +diff --git a/src/configure.ac b/src/configure.ac +index 9c2e816fe..20066918b 100644 +--- a/src/configure.ac ++++ b/src/configure.ac +@@ -284,6 +284,7 @@ AC_SUBST(CRYPTO_IMPL_LIBS) + + if test "$CRYPTO_IMPL" = openssl; then + AC_CHECK_FUNCS(EVP_KDF_fetch) ++ AC_CHECK_FUNCS(OSSL_PROVIDER_load) + fi + + AC_ARG_WITH([prng-alg], +diff --git a/src/lib/crypto/openssl/enc_provider/aes.c b/src/lib/crypto/openssl/enc_provider/aes.c +index 6b4622fe9..31c90a69d 100644 +--- a/src/lib/crypto/openssl/enc_provider/aes.c ++++ b/src/lib/crypto/openssl/enc_provider/aes.c +@@ -68,6 +68,10 @@ cbc_enc(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + EVP_CIPHER_CTX *ctx; + struct iov_cursor cursor; + ++ ret = krb5int_crypto_init(); ++ if (ret) ++ return ret; ++ + ctx = EVP_CIPHER_CTX_new(); + if (ctx == NULL) + return ENOMEM; +@@ -102,6 +106,10 @@ cbc_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + EVP_CIPHER_CTX *ctx; + struct iov_cursor cursor; + ++ ret = krb5int_crypto_init(); ++ if (ret) ++ return ret; ++ + ctx = EVP_CIPHER_CTX_new(); + if (ctx == NULL) + return ENOMEM; +@@ -137,6 +145,10 @@ cts_encr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + struct iov_cursor cursor; + AES_KEY enck; + ++ ret = krb5int_crypto_init(); ++ if (ret) ++ return ret; ++ + memset(iv_cts,0,sizeof(iv_cts)); + if (ivec && ivec->data){ + if (ivec->length != sizeof(iv_cts)) +@@ -190,6 +202,10 @@ cts_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + struct iov_cursor cursor; + AES_KEY deck; + ++ ret = krb5int_crypto_init(); ++ if (ret) ++ return ret; ++ + memset(iv_cts,0,sizeof(iv_cts)); + if (ivec && ivec->data){ + if (ivec->length != sizeof(iv_cts)) +diff --git a/src/lib/crypto/openssl/enc_provider/camellia.c b/src/lib/crypto/openssl/enc_provider/camellia.c +index f79679a0b..7cc7fc6fb 100644 +--- a/src/lib/crypto/openssl/enc_provider/camellia.c ++++ b/src/lib/crypto/openssl/enc_provider/camellia.c +@@ -92,6 +92,10 @@ cbc_enc(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + EVP_CIPHER_CTX *ctx; + struct iov_cursor cursor; + ++ ret = krb5int_crypto_init(); ++ if (ret) ++ return ret; ++ + ctx = EVP_CIPHER_CTX_new(); + if (ctx == NULL) + return ENOMEM; +@@ -126,6 +130,10 @@ cbc_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + EVP_CIPHER_CTX *ctx; + struct iov_cursor cursor; + ++ ret = krb5int_crypto_init(); ++ if (ret) ++ return ret; ++ + ctx = EVP_CIPHER_CTX_new(); + if (ctx == NULL) + return ENOMEM; +@@ -161,6 +169,10 @@ cts_encr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + struct iov_cursor cursor; + CAMELLIA_KEY enck; + ++ ret = krb5int_crypto_init(); ++ if (ret) ++ return ret; ++ + memset(iv_cts,0,sizeof(iv_cts)); + if (ivec && ivec->data){ + if (ivec->length != sizeof(iv_cts)) +@@ -214,6 +226,10 @@ cts_decr(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, + struct iov_cursor cursor; + CAMELLIA_KEY deck; + ++ ret = krb5int_crypto_init(); ++ if (ret) ++ return ret; ++ + memset(iv_cts,0,sizeof(iv_cts)); + if (ivec && ivec->data){ + if (ivec->length != sizeof(iv_cts)) +diff --git a/src/lib/crypto/openssl/enc_provider/rc4.c b/src/lib/crypto/openssl/enc_provider/rc4.c +index 9bf407899..a10cb5192 100644 +--- a/src/lib/crypto/openssl/enc_provider/rc4.c ++++ b/src/lib/crypto/openssl/enc_provider/rc4.c +@@ -66,6 +66,10 @@ k5_arcfour_docrypt(krb5_key key, const krb5_data *state, krb5_crypto_iov *data, + EVP_CIPHER_CTX *ctx = NULL; + struct arcfour_state *arcstate; + ++ ret = krb5int_crypto_init(); ++ if (ret) ++ return ret; ++ + if (FIPS_mode()) + return KRB5_CRYPTO_INTERNAL; + +diff --git a/src/lib/crypto/openssl/hash_provider/hash_evp.c b/src/lib/crypto/openssl/hash_provider/hash_evp.c +index 2eb5139c0..09d7b3896 100644 +--- a/src/lib/crypto/openssl/hash_provider/hash_evp.c ++++ b/src/lib/crypto/openssl/hash_provider/hash_evp.c +@@ -41,6 +41,11 @@ hash_evp(const EVP_MD *type, const krb5_crypto_iov *data, size_t num_data, + const krb5_data *d; + size_t i; + int ok; ++ krb5_error_code ret; ++ ++ ret = krb5int_crypto_init(); ++ if (ret) ++ return ret; + + if (output->length != (unsigned int)EVP_MD_size(type)) + return KRB5_CRYPTO_INTERNAL; +diff --git a/src/lib/crypto/openssl/init.c b/src/lib/crypto/openssl/init.c +index 1139bce53..f72dbfe81 100644 +--- a/src/lib/crypto/openssl/init.c ++++ b/src/lib/crypto/openssl/init.c +@@ -26,12 +26,65 @@ + + #include "crypto_int.h" + ++#ifdef HAVE_OSSL_PROVIDER_LOAD ++ ++/* ++ * Starting in OpenSSL 3, algorithms are grouped into containers called ++ * "providers", not all of which are loaded by default. At time of writing, ++ * we need MD4 and RC4 from the legacy provider. Oddly, 3DES is not in ++ * legacy. ++ */ ++ ++#include ++ ++static OSSL_PROVIDER *legacy_provider = NULL; ++static OSSL_PROVIDER *default_provider = NULL; ++ ++static void ++unload_providers(void) ++{ ++ if (default_provider != NULL) ++ (void)OSSL_PROVIDER_unload(default_provider); ++ if (legacy_provider != NULL) ++ (void)OSSL_PROVIDER_unload(legacy_provider); ++ default_provider = NULL; ++ legacy_provider = NULL; ++} ++ ++int ++krb5int_crypto_impl_init(void) ++{ ++ legacy_provider = OSSL_PROVIDER_load(NULL, "legacy"); ++ default_provider = OSSL_PROVIDER_load(NULL, "default"); ++ ++ /* ++ * Someone might build openssl without the legacy provider. They will ++ * have a bad time, but some things will still work. I don't know think ++ * this configuration is worth supporting. ++ */ ++ if (legacy_provider == NULL || default_provider == NULL) ++ abort(); ++ ++ /* ++ * If we attempt to do this with our normal LIBFINIFUNC logic (DT_FINI), ++ * OpenSSL will have cleaned itself up by the time we're invoked. OpenSSL ++ * registers its cleanup (OPENSSL_cleanup) with atexit() - do the same and ++ * we'll be higher on the stack. ++ */ ++ atexit(unload_providers); ++ return 0; ++} ++ ++#else /* !HAVE_OSSL_PROVIDER_LOAD */ ++ + int + krb5int_crypto_impl_init(void) + { + return 0; + } + ++#endif ++ + void + krb5int_crypto_impl_cleanup(void) + { +diff --git a/src/plugins/preauth/pkinit/Makefile.in b/src/plugins/preauth/pkinit/Makefile.in +index 15ca0eb48..d20fb18a8 100644 +--- a/src/plugins/preauth/pkinit/Makefile.in ++++ b/src/plugins/preauth/pkinit/Makefile.in +@@ -5,6 +5,7 @@ MODULE_INSTALL_DIR = $(KRB5_PA_MODULE_DIR) + LIBBASE=pkinit + LIBMAJOR=0 + LIBMINOR=0 ++LIBINITFUNC=pkinit_openssl_init + RELDIR=../plugins/preauth/pkinit + # Depends on libk5crypto and libkrb5 + SHLIB_EXPDEPS = \ +diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c +index 350c2118a..42e5c581d 100644 +--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c ++++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c +@@ -44,6 +44,13 @@ + #include + #endif + ++#ifdef HAVE_OSSL_PROVIDER_LOAD ++#include ++ ++static OSSL_PROVIDER *legacy_provider = NULL; ++static OSSL_PROVIDER *default_provider = NULL; ++#endif ++ + static krb5_error_code pkinit_init_pkinit_oids(pkinit_plg_crypto_context ); + static void pkinit_fini_pkinit_oids(pkinit_plg_crypto_context ); + +@@ -2937,12 +2944,32 @@ cleanup: + return retval; + } + ++/* pkinit_openssl_init() and unload_providers() are largely duplicated from ++ * lib/crypto/openssl/init.c - see explanations there. */ ++static void ++unload_providers(void) ++{ ++ if (default_provider != NULL) ++ (void)OSSL_PROVIDER_unload(default_provider); ++ if (legacy_provider != NULL) ++ (void)OSSL_PROVIDER_unload(legacy_provider); ++ default_provider = NULL; ++ legacy_provider = NULL; ++} ++ + int + pkinit_openssl_init() + { +- /* Initialize OpenSSL. */ +- ERR_load_crypto_strings(); +- OpenSSL_add_all_algorithms(); ++#ifdef HAVE_OSSL_PROVIDER_LOAD ++ legacy_provider = OSSL_PROVIDER_load(NULL, "legacy"); ++ default_provider = OSSL_PROVIDER_load(NULL, "default"); ++ ++ if (legacy_provider == NULL || default_provider == NULL) ++ abort(); ++ ++ atexit(unload_providers); ++#endif ++ + return 0; + } + diff --git a/SOURCES/Make-KCM-iteration-fallback-work-with-sssd-kcm.patch b/SOURCES/Make-KCM-iteration-fallback-work-with-sssd-kcm.patch new file mode 100644 index 0000000..b4ef05b --- /dev/null +++ b/SOURCES/Make-KCM-iteration-fallback-work-with-sssd-kcm.patch @@ -0,0 +1,27 @@ +From 68a557557ab8a3208fab8a70daf4d970b9fc4787 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Pavel=20B=C5=99ezina?= +Date: Tue, 30 Mar 2021 14:35:28 +0200 +Subject: [PATCH] Make KCM iteration fallback work with sssd-kcm + +sssd-kcm returns KRB5_CC_IO if the operation code is not known. + +ticket: 8990 +(cherry picked from commit 06afae820a44c1dc96ad88a0b16c3e50bc938b2a) +(cherry picked from commit 2dbca7e14c945d6394e0e05f285a068dcd541295) +--- + src/lib/krb5/ccache/cc_kcm.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/lib/krb5/ccache/cc_kcm.c b/src/lib/krb5/ccache/cc_kcm.c +index 1f81a2190..46705f1da 100644 +--- a/src/lib/krb5/ccache/cc_kcm.c ++++ b/src/lib/krb5/ccache/cc_kcm.c +@@ -876,7 +876,7 @@ kcm_start_seq_get(krb5_context context, krb5_ccache cache, + ret = kcmreq_get_cred_list(&req, &creds); + if (ret) + goto cleanup; +- } else if (ret == KRB5_FCC_INTERNAL) { ++ } else if (ret == KRB5_FCC_INTERNAL || ret == KRB5_CC_IO) { + /* Fall back to GET_CRED_UUID_LIST. */ + kcmreq_free(&req); + kcmreq_init(&req, KCM_OP_GET_CRED_UUID_LIST, cache); diff --git a/SOURCES/Move-some-dejagnu-kadmin-tests-to-Python-tests.patch b/SOURCES/Move-some-dejagnu-kadmin-tests-to-Python-tests.patch new file mode 100644 index 0000000..aba67b9 --- /dev/null +++ b/SOURCES/Move-some-dejagnu-kadmin-tests-to-Python-tests.patch @@ -0,0 +1,1751 @@ +From d467303bd7c5dba858b0af30349ce796cebd193f Mon Sep 17 00:00:00 2001 +From: Greg Hudson +Date: Thu, 22 Apr 2021 15:51:36 -0400 +Subject: [PATCH] Move some dejagnu kadmin tests to Python tests + +Remove the dejagnu scripts kadmin.exp, pwchange.exp, and pwhist.exp. + +Add a new Python test script t_kadmin.py for the miscellaneous kadmin +tests from kadmin.exp. + +In t_changepw.py, use modprinc +needchange for one of the kinit +password change tests to gain the same coverage as pwchange.exp had, +and add the "password changes are usable by kinit" tests from +kadmin.exp. + +In t_policy.py, add the ticket 929 regression tests from kadmin.exp +and the ticket 2841 regression tests from pwhist.exp. + +(cherry picked from commit 8027531caf6911bb07bf13de087da0e6bef5a348) +(cherry picked from commit 9b3d8b9c395bf1a889ea6d6439dc3543c680480d) +--- + src/tests/Makefile.in | 1 + + src/tests/dejagnu/krb-standalone/kadmin.exp | 1133 ----------------- + src/tests/dejagnu/krb-standalone/pwchange.exp | 145 --- + src/tests/dejagnu/krb-standalone/pwhist.exp | 217 ---- + src/tests/t_changepw.py | 34 +- + src/tests/t_kadmin.py | 54 + + src/tests/t_policy.py | 62 + + 7 files changed, 143 insertions(+), 1503 deletions(-) + delete mode 100644 src/tests/dejagnu/krb-standalone/kadmin.exp + delete mode 100644 src/tests/dejagnu/krb-standalone/pwchange.exp + delete mode 100644 src/tests/dejagnu/krb-standalone/pwhist.exp + create mode 100644 src/tests/t_kadmin.py + +diff --git a/src/tests/Makefile.in b/src/tests/Makefile.in +index 6b7749129..ab416cc5f 100644 +--- a/src/tests/Makefile.in ++++ b/src/tests/Makefile.in +@@ -147,6 +147,7 @@ check-pytests: unlockiter s4u2self + $(RUNPYTEST) $(srcdir)/t_referral.py $(PYTESTFLAGS) + $(RUNPYTEST) $(srcdir)/t_skew.py $(PYTESTFLAGS) + $(RUNPYTEST) $(srcdir)/t_keytab.py $(PYTESTFLAGS) ++ $(RUNPYTEST) $(srcdir)/t_kadmin.py $(PYTESTFLAGS) + $(RUNPYTEST) $(srcdir)/t_kadmin_acl.py $(PYTESTFLAGS) + $(RUNPYTEST) $(srcdir)/t_kadmin_parsing.py $(PYTESTFLAGS) + $(RUNPYTEST) $(srcdir)/t_kdb.py $(PYTESTFLAGS) +diff --git a/src/tests/dejagnu/krb-standalone/kadmin.exp b/src/tests/dejagnu/krb-standalone/kadmin.exp +deleted file mode 100644 +index fa50a61fb..000000000 +--- a/src/tests/dejagnu/krb-standalone/kadmin.exp ++++ /dev/null +@@ -1,1133 +0,0 @@ +-# Kerberos kadmin test. +-# This is a DejaGnu test script. +-# This script tests Kerberos kadmin5 using kadmin.local as verification. +- +-#++ +-# kadmin_add - Test add new v5 principal function of kadmin. +-# +-# Adds principal $pname with password $password. Returns 1 on success. +-#-- +-proc kadmin_add { pname password } { +- global REALMNAME +- global KADMIN +- global KADMIN_LOCAL +- global KEY +- global spawn_id +- global tmppwd +- +- set good 0 +- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "ank $pname" +- expect_after { +- "Cannot contact any KDC" { +- fail "kadmin add $pname lost KDC" +- catch "expect_after" +- return 0 +- } +- timeout { +- fail "kadmin add $pname" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin add $pname" +- catch "expect_after" +- return 0 +- } +- } +- expect -re "assword\[^\r\n\]*:" { +- send "adminpass$KEY\r" +- } +- expect "Enter password for principal \"$pname@$REALMNAME\":" { send "$password\r" } +- expect "Re-enter password for principal \"$pname@$REALMNAME\":" { send "$password\r" } +- expect "Principal \"$pname@$REALMNAME\" created." { set good 1 } +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin add)" +- catch "close -i $spawn_id" +- if { $good == 1 } { +- # +- # use kadmin.local to verify that a principal was created and that its +- # salt types are 0 (normal). +- # +- envstack_push +- setup_kerberos_env kdc +- spawn $KADMIN_LOCAL -r $REALMNAME +- envstack_pop +- expect_after { +- -i $spawn_id +- timeout { +- fail "kadmin add $pname" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin add $pname" +- catch "expect_after" +- return 0 +- } +- } +- set good 0 +- expect "kadmin.local: " { send "getprinc $pname\r" } +- expect "Principal: $pname@$REALMNAME" { set good 1 } +- expect "Expiration date:" { verbose "got expiration date" } +- expect "Last password change:" { verbose "got last pwchange" } +- expect "Password expiration date:" { verbose "got pwexpire date" } +- expect "Maximum ticket life:" { verbose "got max life" } +- expect "Maximum renewable life:" { verbose "got max rlife" } +- expect "Last modified:" { verbose "got last modified" } +- expect "Last successful authentication:" { verbose "last succ auth" } +- expect "Last failed authentication:" { verbose "last pw failed" } +- expect "Failed password attempts:" { verbose "num failed attempts" } +- expect "Number of keys:" { verbose "num keys"} +- expect { +- "Key: " { verbose "Key listed" +- exp_continue +- } +- "Attributes:" { verbose "attributes" } +- } +- expect "kadmin.local: " { send "q\r" } +- +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin.local show)" +- catch "close -i $spawn_id" +- if { $good == 1 } { +- pass "kadmin add $pname" +- return 1 +- } +- else { +- fail "kadmin add $pname" +- return 0 +- } +- } +- else { +- fail "kadmin add $pname" +- return 0 +- } +-} +- +-#++ +-# kadmin_add_rnd - Test add new v5 principal with random key function. +-# +-# Adds principal $pname with random key. Returns 1 on success. +-#-- +-proc kadmin_add_rnd { pname { flags "" } } { +- global REALMNAME +- global KADMIN +- global KADMIN_LOCAL +- global KEY +- global spawn_id +- global tmppwd +- +- set good 0 +- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "ank -randkey $flags $pname" +- expect_after { +- "Cannot contact any KDC" { +- fail "kadmin add rnd $pname lost KDC" +- catch "expect_after" +- return 0 +- } +- timeout { +- fail "kadmin add_rnd $pname" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin add_rnd $pname" +- catch "expect_after" +- return 0 +- } +- } +- expect -re "assword\[^\r\n\]*: *" { +- send "adminpass$KEY\r" +- } +- expect "Principal \"$pname@$REALMNAME\" created." { set good 1 } +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin add_rnd)" +- catch "close -i $spawn_id" +- if { $good == 1 } { +- # +- # use kadmin.local to verify that a principal was created and that its +- # salt types are 0 (normal). +- # +- envstack_push +- setup_kerberos_env kdc +- spawn $KADMIN_LOCAL -r $REALMNAME +- envstack_pop +- expect_after { +- -i $spawn_id +- timeout { +- fail "kadmin add_rnd $pname" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin add_rnd $pname" +- catch "expect_after" +- return 0 +- } +- } +- set good 0 +- expect "kadmin.local:" { send "getprinc $pname\r" } +- expect "Principal: $pname@$REALMNAME" { set good 1 } +- expect "kadmin.local:" { send "q\r" } +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin.local show)" +- catch "close -i $spawn_id" +- if { $good == 1 } { +- pass "kadmin add_rnd $pname" +- return 1 +- } +- else { +- fail "kadmin add_rnd $pname" +- return 0 +- } +- } +- else { +- fail "kadmin add_rnd $pname" +- return 0 +- } +-} +- +-#++ +-# kadmin_show - Test show principal function of kadmin. +-# +-# Retrieves entry for $pname. Returns 1 on success. +-#-- +-proc kadmin_show { pname } { +- global REALMNAME +- global KADMIN +- global KEY +- global spawn_id +- +- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "get_principal $pname" +- expect_after { +- "Cannot contact any KDC" { +- fail "kadmin show $pname lost KDC" +- catch "expect_after" +- return 0 +- } +- timeout { +- fail "kadmin show $pname" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin show $pname" +- catch "expect_after" +- return 0 +- } +- } +- expect -re "assword\[^\r\n\]*: *" +- send "adminpass$KEY\r" +- expect -re "\r.*Principal: $pname@$REALMNAME.*Key: .*Attributes:.*Policy: .*\r" +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin show)" +- catch "close -i $spawn_id" +- pass "kadmin show $pname" +- return 1 +-} +- +-#++ +-# kadmin_cpw - Test change password function of kadmin +-# +-# Change password of $pname to $password. Returns 1 on success. +-#-- +-proc kadmin_cpw { pname password } { +- global REALMNAME +- global KADMIN +- global KEY +- global spawn_id +- +- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "cpw $pname" +- expect_after { +- "Cannot contact any KDC" { +- fail "kadmin cpw $pname lost KDC" +- catch "expect_after" +- return 0 +- } +- timeout { +- fail "kadmin cpw $pname" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin cpw $pname" +- catch "expect_after" +- return 0 +- } +- } +- expect -re "assword\[^\r\n\]*: *" { +- send "adminpass$KEY\r" +- } +- +- expect "Enter password for principal \"$pname@$REALMNAME\":" { send "$password\r" } +- expect "Re-enter password for principal \"$pname@$REALMNAME\":" { send "$password\r" } +- # When in doubt, jam one of these in there. +- expect "\r" +- expect "Password for \"$pname@$REALMNAME\" changed." +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin cpw)" +- catch "close -i $spawn_id" +- pass "kadmin cpw $pname" +- return 1 +-} +- +-#++ +-# kadmin_cpw_rnd - Test change random key function of kadmin. +-# +-# Changes principal $pname's key to a new random key. Returns 1 on success. +-#-- +-proc kadmin_cpw_rnd { pname } { +- global REALMNAME +- global KADMIN +- global KEY +- global spawn_id +- +- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "cpw -randkey $pname" +- expect_after { +- "Cannot contact any KDC" { +- fail "kadmin cpw_rnd $pname lost KDC" +- catch "expect_after" +- return 0 +- } +- timeout { +- fail "kadmin cpw_rnd $pname" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin cpw_rnd $pname" +- catch "expect_after" +- return 0 +- } +- } +- expect -re "assword\[^\r\n\]*: *" { +- send "adminpass$KEY\r" +- } +- # When in doubt, jam one of these in there. +- expect "\r" +- expect "Key for \"$pname@$REALMNAME\" randomized." +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin cpw_rnd)" +- catch "close -i $spawn_id" +- pass "kadmin cpw_rnd $pname" +- return 1 +-} +- +-#++ +-# kadmin_modify - Test modify principal function of kadmin. +-# +-# Modifies principal $pname with flags $flags. Returns 1 on success. +-#-- +-proc kadmin_modify { pname flags } { +- global REALMNAME +- global KADMIN +- global KEY +- global spawn_id +- +- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "modprinc $flags $pname" +- expect_after { +- "Cannot contact any KDC" { +- fail "kadmin modify $pname ($flags) lost KDC" +- catch "expect_after" +- return 0 +- } +- timeout { +- fail "kadmin modify $pname" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin modify $pname" +- catch "expect_after" +- return 0 +- } +- } +- expect -re "assword\[^\r\n\]*: *" +- send "adminpass$KEY\r" +- # When in doubt, jam one of these in there. +- expect "\r" +- expect "Principal \"$pname@$REALMNAME\" modified." +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin modify)" +- catch "close -i $spawn_id" +- pass "kadmin modify $pname" +- return 1 +-} +- +- +-#++ +-# kadmin_list - Test list database function of kadmin. +-# +-# Lists the database and verifies that output matches regular expression +-# "(.*@$REALMNAME)*". Returns 1 on success. +-#-- +-proc kadmin_list { } { +- global REALMNAME +- global KADMIN +- global KEY +- global spawn_id +- +- # "*" would match everything +- # "*n" should match a few like kadmin/admin but see ticket 5667 +- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "get_principals *n" +- expect_after { +- "Cannot contact any KDC" { +- fail "kadmin ldb lost KDC" +- catch "expect_after" +- return 0 +- } +- "Communication failure" { +- fail "kadmin ldb got RPC error" +- catch "expect_after" +- return 0 +- } +- timeout { +- fail "kadmin ldb" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin ldb" +- catch "expect_after" +- return 0 +- } +- } +- expect -re "assword\[^\r\n\]*: *" { +- send "adminpass$KEY\r" +- } +- expect -re "\(.*@$REALMNAME\r\n\)+" +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin list)" +- catch "close -i $spawn_id" +- pass "kadmin ldb" +- return 1 +-} +- +-#++ +-# kadmin_extract - Test extract service key function of kadmin. +-# +-# Extracts service key for service name $name instance $instance. Returns +-# 1 on success. +-#-- +-proc kadmin_extract { instance name } { +- global REALMNAME +- global KADMIN +- global KEY +- global spawn_id +- global tmppwd +- +- catch "exec rm -f $tmppwd/keytab" +- +- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "xst -k $tmppwd/keytab $name/$instance" +- expect_after { +- "Cannot contact any KDC" { +- fail "kadmin xst $instance $name lost KDC" +- catch "expect_after" +- return 0 +- } +- timeout { +- fail "kadmin xst $instance $name" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin xst $instance $name" +- catch "expect_after" +- return 0 +- } +- } +- expect -re "assword\[^\r\n\]*: *" { +- send "adminpass$KEY\r" +- } +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin xst)" +- catch "close -i $spawn_id" +- catch "exec rm -f $instance-new-keytab" +- pass "kadmin xst $instance $name" +- return 1 +-} +- +-#++ +-# kadmin_delete - Test delete principal function of kadmin. +-# +-# Deletes principal $pname. Returns 1 on success. +-#-- +-proc kadmin_delete { pname } { +- global REALMNAME +- global KADMIN +- global KADMIN_LOCAL +- global KEY +- global spawn_id +- global tmppwd +- +- set good 0 +- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "delprinc -force $pname" +- expect_after { +- "Cannot contact any KDC" { +- fail "kadmin_delete $pname lost KDC" +- catch "expect_after" +- return 0 +- } +- timeout { +- fail "kadmin delprinc $pname" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin delprinc $pname" +- catch "expect_after" +- return 0 +- } +- } +- expect -re "assword\[^\r\n\]*: *" { +- send "adminpass$KEY\r" +- } +- expect "Principal \"$pname@$REALMNAME\" deleted." { set good 1 } +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin delprinc)" +- catch "close -i $spawn_id" +- if { $good == 1 } { +- # +- # use kadmin.local to verify that the old principal is not present. +- # +- envstack_push +- setup_kerberos_env kdc +- spawn $KADMIN_LOCAL -r $REALMNAME +- envstack_pop +- expect_after { +- -i $spawn_id +- timeout { +- fail "kadmin delprinc $pname" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin delprinc $pname" +- catch "expect_after" +- return 0 +- } +- } +- set good 0 +- expect "kadmin.local: " { send "getprinc $pname\r" } +- expect "Principal does not exist while retrieving \"$pname@$REALMNAME\"." { set good 1 } +- expect "kadmin.local: " { send "quit\r" } +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin.local show)" +- catch "close -i $spawn_id" +- if { $good == 1 } { +- pass "kadmin delprinc $pname" +- return 1 +- } +- else { +- fail "kadmin delprinc $pname" +- return 0 +- } +- } +- else { +- fail "kadmin delprinc $pname" +- return 0 +- } +-} +- +-#++ +-# kadmin_delete - Test delete principal function of kadmin. +-# +-# Deletes principal $pname. Returns 1 on success. +-#-- +-proc kadmin_delete_locked_down { pname } { +- global REALMNAME +- global KADMIN +- global KADMIN_LOCAL +- global KEY +- global spawn_id +- global tmppwd +- +- # +- # First test that we fail, then unlock and retry +- # +- +- set good 0 +- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "delprinc -force $pname" +- expect_after { +- "Cannot contact any KDC" { +- fail "kadmin_delete $pname lost KDC" +- catch "expect_after" +- return 0 +- } +- timeout { +- fail "kadmin delprinc $pname" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin delprinc $pname" +- catch "expect_after" +- return 0 +- } +- } +- expect -re "assword\[^\r\n\]*: *" { +- send "adminpass$KEY\r" +- } +- expect "delete_principal: Operation requires ``delete'' privilege while deleting principal \"$pname@$REALMNAME\"" { set good 1 } +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin delprinc)" +- catch "close -i $spawn_id" +- if { $good == 1 } { +- # +- # use kadmin.local to remove lockdown. +- # +- envstack_push +- setup_kerberos_env kdc +- spawn $KADMIN_LOCAL -r $REALMNAME +- envstack_pop +- expect_after { +- -i $spawn_id +- timeout { +- fail "kadmin delprinc $pname" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin delprinc $pname" +- catch "expect_after" +- return 0 +- } +- } +- set good 0 +- expect "kadmin.local: " { send "modprinc -lockdown_keys $pname\r" } +- expect "Principal \"$pname@$REALMNAME\" modified." { set good 1 } +- expect "kadmin.local: " { send "quit\r" } +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin.local show)" +- catch "close -i $spawn_id" +- if { $good == 1 } { +- set good 0 +- if {[kadmin_delete $pname]} { set good 1 } +- } +- if { $good == 1 } { +- pass "kadmin delprinc $pname" +- return 1 +- } +- else { +- fail "kadmin delprinc $pname" +- return 0 +- } +- } +- else { +- fail "kadmin delprinc $pname" +- return 0 +- } +-} +- +-#++ +-# kpasswd_cpw - Test password changing using kpasswd. +-# +-# Change $princ's password from $opw to $npw. Returns 1 on success. +-#-- +-proc kpasswd_cpw { princ opw npw } { +- global KPASSWD +- global REALMNAME +- +- spawn $KPASSWD $princ +- expect_after { +- timeout { +- fail "kpasswd $princ $npw" +-# catch "expect_after" +- return 0 +- } +- eof { +- fail "kpasswd $princ $npw" +-# catch "expect_after" +- return 0 +- } +- } +- +-# expect "Changing password for $princ." +-# expect "Old password:" { send "$opw\r" } +-# expect "New password:" { send "$npw\r" } +-# expect "New password (again):" { send "$npw\r" } +- expect "Password for $princ@$REALMNAME:" { send "$opw\r" } +- expect "Enter new password:" { send "$npw\r" } +- expect "Enter it again:" { send "$npw\r" } +-# expect "Kerberos password changed." +- expect "Password changed." +- expect_after +- expect eof +- +- if ![check_exit_status "kpasswd"] { +- fail "kpasswd $princ $npw" +- return 0 +- } +- pass "kpasswd $princ $npw" +- return 1 +-} +- +-#++ +-# kadmin_addpol - Test add new policy function of kadmin. +-# +-# Adds policy $pname. Returns 1 on success. +-#-- +-proc kadmin_addpol { pname } { +- global REALMNAME +- global KADMIN +- global KADMIN_LOCAL +- global KEY +- global spawn_id +- global tmppwd +- +- set good 0 +- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "addpol $pname" +- expect_after { +- "Cannot contact any KDC" { +- fail "kadmin addpol $pname lost KDC" +- catch "expect_after" +- return 0 +- } +- timeout { +- fail "kadmin addpol $pname" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin addpol $pname" +- catch "expect_after" +- return 0 +- } +- } +- expect -re "assword\[^\r\n\]*: *" { +- send "adminpass$KEY\r" +- } +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin addpol)" +- catch "close -i $spawn_id" +- # +- # use kadmin.local to verify that a policy was created +- # +- envstack_push +- setup_kerberos_env kdc +- spawn $KADMIN_LOCAL -r $REALMNAME +- envstack_pop +- expect_after { +- -i $spawn_id +- timeout { +- fail "kadmin addpol $pname" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin addpol $pname" +- catch "expect_after" +- return 0 +- } +- } +- set good 0 +- expect "kadmin.local: " { send "getpol $pname\r" } +- expect "Policy: $pname" { set good 1 } +- expect "Maximum password life:" { verbose "got max pw life" } +- expect "Minimum password life:" { verbose "got min pw life" } +- expect "Minimum password length:" { verbose "got min pw length" } +- expect "Minimum number of password character classes:" { +- verbose "got min pw character classes" } +- expect "Number of old keys kept:" { verbose "got num old keys kept" } +- expect "kadmin.local: " { send "q\r" } +- +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin.local showpol)" +- catch "close -i $spawn_id" +- if { $good == 1 } { +- pass "kadmin addpol $pname" +- return 1 +- } +- else { +- fail "kadmin addpol $pname" +- return 0 +- } +-} +- +-#++ +-# kadmin_delpol - Test delete policy function of kadmin. +-# +-# Deletes policy $pname. Returns 1 on success. +-#-- +-proc kadmin_delpol { pname } { +- global REALMNAME +- global KADMIN +- global KADMIN_LOCAL +- global KEY +- global spawn_id +- global tmppwd +- +- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "delpol -force $pname" +- expect_after { +- "Cannot contact any KDC" { +- fail "kadmin_delpol $pname lost KDC" +- catch "expect_after" +- return 0 +- } +- timeout { +- fail "kadmin delpol $pname" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin delpol $pname" +- catch "expect_after" +- return 0 +- } +- } +- expect -re "assword\[^\r\n\]*: *" { +- send "adminpass$KEY\r" +- } +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin delpol)" +- catch "close -i $spawn_id" +- # +- # use kadmin.local to verify that the old policy is not present. +- # +- envstack_push +- setup_kerberos_env kdc +- spawn $KADMIN_LOCAL -r $REALMNAME +- envstack_pop +- expect_after { +- -i $spawn_id +- timeout { +- fail "kadmin delpol $pname" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin delpol $pname" +- catch "expect_after" +- return 0 +- } +- } +- set good 0 +- expect "kadmin.local: " { send "getpol $pname\r" } +- expect "Policy does not exist while retrieving policy \"$pname\"." { +- set good 1 +- } +- expect "kadmin.local: " { send "quit\r" } +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin.local showpol)" +- catch "close -i $spawn_id" +- if { $good == 1 } { +- pass "kadmin delpol $pname" +- return 1 +- } +- else { +- fail "kadmin delpol $pname" +- return 0 +- } +-} +- +-#++ +-# kadmin_listpols - Test list policy database function of kadmin. +-# +-# Lists the policies. Returns 1 on success. +-#-- +-proc kadmin_listpols { } { +- global REALMNAME +- global KADMIN +- global KEY +- global spawn_id +- +- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "get_policies *" +- expect_after { +- "Cannot contact any KDC" { +- fail "kadmin lpols lost KDC" +- catch "expect_after" +- return 0 +- } +- timeout { +- fail "kadmin lpols" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin lpols" +- catch "expect_after" +- return 0 +- } +- } +- expect -re "assword\[^\r\n\]*: *" { +- send "adminpass$KEY\r" +- } +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin listpols)" +- catch "close -i $spawn_id" +- pass "kadmin lpols" +- return 1 +-} +- +-#++ +-# kadmin_modpol - Test modify policy function of kadmin. +-# +-# Modifies policy $pname with flags $flags. Returns 1 on success. +-#-- +-proc kadmin_modpol { pname flags } { +- global REALMNAME +- global KADMIN +- global KEY +- global spawn_id +- +- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "modpol $flags $pname" +- expect_after { +- "Cannot contact any KDC" { +- fail "kadmin modpol $pname ($flags) lost KDC" +- catch "expect_after" +- return 0 +- } +- timeout { +- fail "kadmin modpol $pname" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin modpol $pname" +- catch "expect_after" +- return 0 +- } +- } +- expect -re "assword\[^\r\n\]*: *" +- send "adminpass$KEY\r" +- # When in doubt, jam one of these in there. +- expect "\r" +- # Sadly, kadmin doesn't print a confirmation message for policy operations. +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin modpol)" +- catch "close -i $spawn_id" +- pass "kadmin modpol $pname" +- return 1 +-} +- +-#++ +-# kadmin_showpol - Test show policy function of kadmin. +-# +-# Retrieves entry for $pname. Returns 1 on success. +-#-- +-proc kadmin_showpol { pname } { +- global REALMNAME +- global KADMIN +- global KEY +- global spawn_id +- +- spawn $KADMIN -p krbtest/admin@$REALMNAME -q "get_policy $pname" +- expect_after { +- "Cannot contact any KDC" { +- fail "kadmin showpol $pname lost KDC" +- catch "expect_after" +- return 0 +- } +- timeout { +- fail "kadmin showpol $pname" +- catch "expect_after" +- return 0 +- } +- eof { +- fail "kadmin showpol $pname" +- catch "expect_after" +- return 0 +- } +- } +- expect -re "assword\[^\r\n\]*: *" +- send "adminpass$KEY\r" +- expect -re "\r.*Policy: $pname.*Number of old keys kept: .*\r" +- expect_after +- expect eof +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin showpol)" +- catch "close -i $spawn_id" +- pass "kadmin showpol $pname" +- return 1 +-} +- +-#++ +-# kdestroy +-#-- +-proc kdestroy { } { +- global KDESTROY +- +- spawn $KDESTROY -5 +- if ![check_exit_status "kdestroy"] { +- return 0 +- } +- return 1 +-} +- +-# Wrap the tests in a procedure, so that we can kill the daemons if +-# we get some sort of error. +- +-proc kadmin_test { } { +- global hostname +- +- # Start up the kerberos and kadmind daemons +- if {![start_kerberos_daemons 0] } { +- return +- } +- +- # Test basic kadmin functions. +- if {![kadmin_add v5principal/instance1 v5principal] \ +- || ![kadmin_addpol standardpol] \ +- || ![kadmin_showpol standardpol] \ +- || ![kadmin_listpols] \ +- || ![kadmin_modpol standardpol "-minlength 5"] \ +- || ![kadmin_add v4principal/instance2 v4principal] \ +- || ![kadmin_add_rnd v5random] \ +- || ![kadmin_show v5principal/instance1] \ +- || ![kadmin_show v4principal/instance2] \ +- || ![kadmin_show v5random] \ +- || ![kadmin_cpw v5principal/instance1 faroutman] \ +- || ![kadmin_cpw v4principal/instance2 honkydory] \ +- || ![kadmin_cpw_rnd v5random] \ +- || ![kadmin_modify v5random -allow_tix] \ +- || ![kadmin_modify v5random +allow_tix] \ +- || ![kadmin_modify v5random "-policy standardpol"] \ +- || ![kadmin_list] \ +- || ![kadmin_extract instance1 v5principal] \ +- || ![kadmin_delete v5random] \ +- || ![kadmin_delete v4principal/instance2] \ +- || ![kadmin_delete v5principal/instance1] \ +- || ![kadmin_delpol standardpol]} { +- return +- } +- +-# You cannot extract a v4 key... +-# || ![kadmin_extractv4 instance2 v4principal] \ +- +- # now test kpasswd +- if {![kadmin_add testprinc/instance thisisatest] \ +- || ![kpasswd_cpw testprinc/instance thisisatest anothertest] \ +- || ![kpasswd_cpw testprinc/instance anothertest goredsox] \ +- || ![kadmin_delete testprinc/instance]} { +- return +- } +- +- # now test that we can kinit with principals/passwords. +- # We defer kdestroying until after kpasswd at least once to test FAST automatic use in kpasswd +- if {![kadmin_add testprinc1/instance thisisatest] \ +- || ![kinit testprinc1/instance thisisatest 0] \ +- || ![kpasswd_cpw testprinc1/instance thisisatest anothertest] \ +- || ![kdestroy] \ +- || ![kinit testprinc1/instance anothertest 0] \ +- || ![kdestroy] \ +- || ![kpasswd_cpw testprinc1/instance anothertest goredsox] \ +- || ![kinit testprinc1/instance goredsox 0] \ +- || ![kdestroy] \ +- || ![kadmin_cpw testprinc1/instance betterwork] \ +- || ![kinit testprinc1/instance betterwork 0] \ +- || ![kdestroy] \ +- || ![kadmin_delete testprinc1/instance]} { +- return +- } +- +- # now test modify changes. +- if {![kadmin_add testuser longtestpw] \ +- || ![kinit testuser longtestpw 0] \ +- || ![kdestroy] \ +- || ![kadmin_modify testuser "-maxlife \"2500 seconds\""] \ +- || ![kinit testuser longtestpw 0] \ +- || ![kdestroy] \ +- || ![kadmin_delete testuser]} { +- return +- } +- +- # now test that reducing the history number doesn't make kadmind vulnerable. +- if {![kadmin_addpol crashpol] \ +- || ![kadmin_modpol crashpol "-history 5"] \ +- || ![kadmin_add crash first] \ +- || ![kadmin_modify crash "-policy crashpol"] \ +- || ![kadmin_cpw crash second] \ +- || ![kadmin_cpw crash third] \ +- || ![kadmin_cpw crash fourth] \ +- || ![kadmin_modpol crashpol "-history 3"] \ +- || ![kadmin_cpw crash fifth] \ +- || ![kadmin_delete crash] \ +- || ![kadmin_delpol crashpol]} { +- return +- } +- +- # test retrieval of large number of principals +- # bug [2877] +- for { set i 0 } { $i < 200 } { incr i } { +- if { ![kadmin_add "foo$i" foopass] } { +- return +- } +- } +- +- if { ![kadmin_list] } { +- return +- } +- +- # test fallback to kadmin/hostname +- if {![kadmin_add_rnd kadmin/$hostname] \ +- || ![kadmin_delete_locked_down kadmin/admin] \ +- || ![kadmin_list] \ +- || ![kadmin_add_rnd kadmin/admin -allow_tgs_req] \ +- || ![kadmin_list]} { +- return +- } +- +- verbose "kadmin_test succeeded" +-} +- +-run_once kadmin { +- # Set up the kerberos database. +- if {![get_hostname] \ +- || ![setup_kerberos_files] \ +- || ![setup_kerberos_env] \ +- || ![setup_kerberos_db 0]} { +- return +- } +- +- # Run the test. +- set status [catch kadmin_test msg] +- +- # Shut down the kerberos daemons and the rsh daemon. +- stop_kerberos_daemons +- +- if { $status != 0 } { +- send_error "ERROR: error in kadmin.exp\n" +- send_error "$msg\n" +- exit 1 +- } +-} +diff --git a/src/tests/dejagnu/krb-standalone/pwchange.exp b/src/tests/dejagnu/krb-standalone/pwchange.exp +deleted file mode 100644 +index 010e8344a..000000000 +--- a/src/tests/dejagnu/krb-standalone/pwchange.exp ++++ /dev/null +@@ -1,145 +0,0 @@ +-# Password-changing Kerberos test. +-# This is a DejaGnu test script. +- +-# We are about to start up a couple of daemon processes. We do all +-# the rest of the tests inside a proc, so that we can easily kill the +-# processes when the procedure ends. +- +-proc kinit_expecting_pwchange { name pass newpass } { +- global REALMNAME +- global KINIT +- global spawn_id +- +- # Use kinit to get a ticket. +- # +- # For now always get forwardable tickets. Later when we need to make +- # tests that distinguish between forwardable tickets and otherwise +- # we should but another option to this proc. --proven +- # +- spawn $KINIT -5 -f $name@$REALMNAME +- expect { +- "Password for $name@$REALMNAME:" { +- verbose "kinit started" +- } +- timeout { +- fail "kinit" +- return 0 +- } +- eof { +- fail "kinit" +- return 0 +- } +- } +- send "$pass\r" +- expect { +- "Enter new password: " { } +- timeout { +- fail "kinit (new password prompt)" +- return 0 +- } +- eof { +- fail "kinit (new password prompt)" +- return 0 +- } +- } +- send "$newpass\r" +- expect { +- " again: " { } +- timeout { +- fail "kinit (new password prompt2)" +- return 0 +- } +- eof { +- fail "kinit (new password prompt2)" +- return 0 +- } +- } +- send "$newpass\r" +- expect eof +- if ![check_exit_status kinit] { +- return 0 +- } +- +- return 1 +-} +- +-proc doit { } { +- global REALMNAME +- global KLIST +- global KDESTROY +- global KEY +- global KADMIN_LOCAL +- global KTUTIL +- global hostname +- global tmppwd +- global spawn_id +- global supported_enctypes +- global KRBIV +- global portbase +- global mode +- +- # Start up the kerberos and kadmind daemons. +- if ![start_kerberos_daemons 0] { +- return +- } +- +- # Use kadmin to add a key. +- if ![add_kerberos_key pwchanger 0] { +- return +- } +- +- setup_kerberos_env kdc +- spawn $KADMIN_LOCAL -q "modprinc +needchange pwchanger" +- catch expect_after +- expect { +- timeout { +- fail "kadmin.local modprinc +needchange" +- } +- eof { +- pass "kadmin.local modprinc +needchange" +- } +- } +- set k_stat [wait -i $spawn_id] +- verbose "wait -i $spawn_id returned $k_stat (kadmin modprinc +needchange)" +- catch "close -i $spawn_id" +- +- setup_kerberos_env client +- if ![kinit_expecting_pwchange pwchanger pwchanger$KEY floople] { +- return +- } +- pass "kinit (password change)" +- if ![kinit pwchanger floople 0] { +- return +- } +- pass "kinit (new password)" +- +- # Destroy the ticket. +- spawn $KDESTROY -5 +- if ![check_exit_status "kdestroy"] { +- return +- } +- pass "kdestroy" +-} +- +-run_once pwchange { +- # Set up the Kerberos files and environment. +- if {![get_hostname] || ![setup_kerberos_files] || ![setup_kerberos_env]} { +- return +- } +- +- # Initialize the Kerberos database. The argument tells +- # setup_kerberos_db that it is being called from here. +- if ![setup_kerberos_db 0] { +- return +- } +- +- set status [catch doit msg] +- +- stop_kerberos_daemons +- +- if { $status != 0 } { +- send_error "ERROR: error in pwchange.exp\n" +- send_error "$msg\n" +- exit 1 +- } +-} +diff --git a/src/tests/dejagnu/krb-standalone/pwhist.exp b/src/tests/dejagnu/krb-standalone/pwhist.exp +deleted file mode 100644 +index ed7a3771a..000000000 +--- a/src/tests/dejagnu/krb-standalone/pwhist.exp ++++ /dev/null +@@ -1,217 +0,0 @@ +-# password history tests +- +-# one *non-interactive* kadmin.local request +-proc onerq { rq pname str {flags ""} } { +- global REALMNAME +- global KADMIN_LOCAL +- +- spawn $KADMIN_LOCAL -r $REALMNAME -q "$rq $flags $pname" +- expect_after { +- timeout { +- verbose "kadmin.local $rq $flags $pname timed out" +- catch expect_after +- kill [exp_pid] +- close +- expect eof +- wait +- return 0 +- } eof { +- verbose "kadmin.local $rq $flags $pname got EOF" +- catch expect_after +- wait +- return 0 +- } +- } +- expect $str +- expect_after +- expect eof +- wait +- return 1 +-} +- +-proc addprinc { pname pw } { +- global REALMNAME +- +- return [onerq addprinc $pname \ +- "Principal \"$pname@$REALMNAME\" created." "-pw $pw"] +-} +- +-proc delprinc { pname } { +- global REALMNAME +- return [onerq delprinc $pname \ +- "Principal \"$pname@$REALMNAME\" deleted." "-force"] +-} +- +-proc cpw { pname pw } { +- global REALMNAME +- +- return [onerq cpw $pname \ +- "Password for \"$pname@$REALMNAME\" changed." "-pw $pw"] +-} +- +-proc modprinc { pname flags } { +- global REALMNAME +- +- return [onerq modprinc $pname \ +- "Principal \"$pname@$REALMNAME\" modified." $flags] +-} +- +-proc addpol { pname } { +- if ![onerq addpol $pname ""] { +- return 0 +- } +- return [onerq getpol $pname "Policy: $pname"] +-} +- +-proc delpol { pname } { +- onerq delpol $pname "" -force +- return [onerq getpol $pname \ +- "Policy does not exist while retrieving policy \"$pname\"."] +-} +- +-proc modpol { pname flags } { +- return [onerq modpol $pname "" $flags] +-} +- +-# Mandatory command must return true. +-# Issues a break in its parent on failure. +-proc mustrun { cmd } { +- if ![eval $cmd] { +- perror "mandatory command failed: $cmd" +- uplevel break +- } +-} +- +-# Fail test if command fails. +-# Issues a break in its parent on failure. +-proc chkpass { cmd } { +- upvar test test +- if ![eval $cmd] { +- verbose "unexpected failure: $cmd" +- fail $test +- uplevel break +- } +-} +- +-# Fail test if command succeeds. +-# Issues a break in its parent on failure. +-proc chkfail { cmd } { +- upvar test test +- if [eval $cmd] { +- verbose "unexpected success: $cmd" +- fail $test +- uplevel break +- } +-} +- +-# wrapper to run command (actually usually sequence of commands) +-# +-# If any part of CMD throws an exception, set failall, otherwise pass. +-# If failall is already true, report unresolved. +-proc wraptest { test cmd } { +- upvar failall failall +- if $failall { +- unresolved $test +- return +- } +- if [catch $cmd] { +- set failall 1 +- } else { +- pass $test +- } +-} +- +-run_once pwhist { +- # Set up the kerberos database. +- if {![get_hostname] \ +- || ![setup_kerberos_files] \ +- || ![setup_kerberos_env kdc] \ +- || ![setup_kerberos_db 0]} { +- return +- } +- +- set failall 0 +- wraptest "nkeys=1, nhist=3" { +- mustrun { addpol crashpol } +- mustrun { modpol crashpol "-history 3"} +- mustrun { addprinc crash 1111 } +- mustrun { modprinc crash "-policy crashpol" } +- chkpass { cpw crash 2222 } +- chkfail { cpw crash 2222 } +- chkfail { cpw crash 1111 } +- } +- verbose {old_keys [ 1111 ->[] ]} +- +- # The following will result in reading/writing past array bounds if +- # add_to_history() is not patched. +- # +- # NOTE: A pass from this test does not mean the bug isn't present; +- # check with Purify, valgrind, etc. +- wraptest "array bounds ok on nkeys=1, nhist 3->2" { +- mustrun { modpol crashpol "-history 2" } +- chkpass { cpw crash 3333 } +- } +- verbose {old_keys [ ->2222 ]} +- +- wraptest "verify nhist=2" { +- mustrun { delprinc crash } +- mustrun { addprinc crash 1111 } +- mustrun { modprinc crash "-policy crashpol" } +- chkpass { cpw crash 2222 } +- chkfail { cpw crash 2222 } +- chkfail { cpw crash 1111 } +- } +- verbose {old_keys [ ->1111 ]} +- +- # The following will fail if growing the history array causes an extra +- # key to be lost due to failure to shift entries. +- wraptest "grow nhist 2->3" { +- mustrun { modpol crashpol "-history 3" } +- chkpass { cpw crash 3333 } +- chkfail { cpw crash 3333 } +- chkfail { cpw crash 2222 } +- chkfail { cpw crash 1111 } +- } +- verbose {old_keys [ 2222 ->1111 ]} +- +- wraptest "grow nhist 3->4" { +- mustrun { modpol crashpol "-history 4" } +- chkfail { cpw crash 3333 } +- chkfail { cpw crash 2222 } +- chkfail { cpw crash 1111 } +- chkpass { cpw crash 4444 } +- chkfail { cpw crash 3333 } +- chkfail { cpw crash 2222 } +- chkfail { cpw crash 1111 } +- } +- verbose {old_keys [ 2222 3333 ->1111 ]} +- wraptest "shrink nhist 4->3" { +- mustrun { modpol crashpol "-history 3" } +- chkfail { cpw crash 4444 } +- chkfail { cpw crash 3333 } +- chkfail { cpw crash 2222 } +- chkfail { cpw crash 1111 } +- chkpass { cpw crash 5555 } +- } +- verbose {old_keys [ 4444 ->3333 ]} +- wraptest "verify nhist=3" { +- chkfail { cpw crash 5555 } +- chkfail { cpw crash 4444 } +- chkfail { cpw crash 3333 } +- chkpass { cpw crash 2222 } +- } +- verbose {old_keys [ ->4444 5555 ]} +- wraptest "shrink nhist 3->2" { +- mustrun { modpol crashpol "-history 2" } +- chkfail { cpw crash 2222 } +- chkfail { cpw crash 5555 } +- chkfail { cpw crash 4444 } +- chkpass { cpw crash 3333 } +- } +- verbose {old_keys [ ->2222 ]} +- +- delprinc crash +- delpol crashpol +- +- stop_kerberos_daemons +-} +diff --git a/src/tests/t_changepw.py b/src/tests/t_changepw.py +index 573bdbd49..bf8e3a9eb 100755 +--- a/src/tests/t_changepw.py ++++ b/src/tests/t_changepw.py +@@ -1,23 +1,24 @@ + from k5test import * + +-# This file is intended to cover any password-changing mechanism. For +-# now it only contains a regression test for #7868. +- + realm = K5Realm(create_host=False, get_creds=False, start_kadmind=True) ++realm.prep_kadmin() + + # Mark a principal as expired and change its password through kinit. ++mark('password change via kinit') + realm.run([kadminl, 'modprinc', '-pwexpire', '1 day ago', 'user']) + pwinput = password('user') + '\nabcd\nabcd\n' + realm.run([kinit, realm.user_princ], input=pwinput) + +-# Do the same thing with FAST, with tracing turned on. +-realm.run([kadminl, 'modprinc', '-pwexpire', '1 day ago', 'user']) ++# Regression test for #7868 (preauth options ignored when ++# krb5_get_init_creds_password() initiates a password change). This ++# time use the REQUIRES_PWCHANGE bit instead of the password ++# expiration time. ++mark('password change via kinit with FAST') ++realm.run([kadminl, 'modprinc', '+needchange', 'user']) + pwinput = 'abcd\nefgh\nefgh\n' + out, trace = realm.run([kinit, '-T', realm.ccache, realm.user_princ], + input=pwinput, return_trace=True) +- +-# Read the trace and check that FAST was used when getting the +-# kadmin/changepw ticket. ++# Check that FAST was used when getting the kadmin/changepw ticket. + getting_changepw = fast_used_for_changepw = False + for line in trace.splitlines(): + if 'Getting initial credentials for user@' in line: +@@ -29,4 +30,21 @@ for line in trace.splitlines(): + if not fast_used_for_changepw: + fail('FAST was not used to get kadmin/changepw ticket') + ++# Test that passwords specified via kadmin and kpasswd are usable with ++# kinit. ++mark('password change usability by kinit') ++realm.run([kadminl, 'addprinc', '-pw', 'pw1', 'testprinc']) ++# Run kpasswd with an active cache to exercise automatic FAST use. ++realm.kinit('testprinc', 'pw1') ++realm.run([kpasswd, 'testprinc'], input='pw1\npw2\npw2\n') ++realm.kinit('testprinc', 'pw2') ++realm.run([kdestroy]) ++realm.run([kpasswd, 'testprinc'], input='pw2\npw3\npw3\n') ++realm.kinit('testprinc', 'pw3') ++realm.run([kdestroy]) ++realm.run_kadmin(['cpw', '-pw', 'pw4', 'testprinc']) ++realm.kinit('testprinc', 'pw4') ++realm.run([kdestroy]) ++realm.run([kadminl, 'delprinc', 'testprinc']) ++ + success('Password change tests') +diff --git a/src/tests/t_kadmin.py b/src/tests/t_kadmin.py +new file mode 100644 +index 000000000..fe6a3cc2e +--- /dev/null ++++ b/src/tests/t_kadmin.py +@@ -0,0 +1,54 @@ ++from k5test import * ++ ++realm = K5Realm(start_kadmind=True) ++ ++# Create a principal. Test -q option and keyboard entry of the admin ++# password and principal password. Verify creation with kadmin.local. ++realm.run([kadmin, '-q', 'addprinc princ/pw'], ++ input=password('admin') + '\npw1\npw1\n') ++realm.run([kadminl, 'getprinc', 'princ/pw'], ++ expected_msg='Principal: princ/pw@KRBTEST.COM') ++ ++# Run the remaining tests with a cache for efficiency. ++realm.prep_kadmin() ++ ++realm.run_kadmin(['addpol', 'standardpol']) ++realm.run_kadmin(['listpols'], expected_msg='standardpol') ++realm.run_kadmin(['modpol', '-minlength', '5', 'standardpol']) ++realm.run_kadmin(['getpol', 'standardpol'], ++ expected_msg='Minimum password length: 5') ++ ++realm.run_kadmin(['addprinc', '-randkey', 'princ/random']) ++realm.run([kadminl, 'getprinc', 'princ/random'], ++ expected_msg='Principal: princ/random@KRBTEST.COM') ++ ++realm.run_kadmin(['cpw', 'princ/pw'], input='newpw\nnewpw\n') ++realm.run_kadmin(['cpw', '-randkey', 'princ/random']) ++ ++realm.run_kadmin(['modprinc', '-allow_tix', 'princ/random']) ++realm.run_kadmin(['modprinc', '+allow_tix', 'princ/random']) ++realm.run_kadmin(['modprinc', '-policy', 'standardpol', 'princ/random']) ++ ++realm.run_kadmin(['listprincs'], expected_msg='princ/random@KRBTEST.COM') ++ ++realm.run_kadmin(['ktadd', 'princ/pw']) ++ ++realm.run_kadmin(['delprinc', 'princ/random']) ++realm.run([kadminl, 'getprinc', 'princ/random'], expected_code=1, ++ expected_msg='Principal does not exist') ++realm.run_kadmin(['delprinc', 'princ/pw']) ++realm.run([kadminl, 'getprinc', 'princ/pw'], expected_code=1, ++ expected_msg='Principal does not exist') ++ ++realm.run_kadmin(['delpol', 'standardpol']) ++realm.run([kadminl, 'getpol', 'standardpol'], expected_code=1, ++ expected_msg='Policy does not exist') ++ ++# Regression test for #2877 (fixed-sized GSSRPC buffers can't ++# accomodate large listprinc results). ++mark('large listprincs result') ++for i in range(200): ++ realm.run_kadmin(['addprinc', '-randkey', 'foo%d' % i]) ++realm.run_kadmin(['listprincs'], expected_msg='foo199') ++ ++success('kadmin and kpasswd tests') +diff --git a/src/tests/t_policy.py b/src/tests/t_policy.py +index 5a0c06b86..2bb4f5f18 100755 +--- a/src/tests/t_policy.py ++++ b/src/tests/t_policy.py +@@ -25,6 +25,68 @@ realm.run([kadminl, 'cpw', '-pw', 'l0ngenough', 'pwuser'], expected_code=1, + realm.run([kadminl, 'cpw', '-pw', '3rdpassword', 'pwuser']) + realm.run([kadminl, 'cpw', '-pw', 'l0ngenough', 'pwuser']) + ++# Regression test for #929 (kadmind crash with more historical ++# passwords in a principal entry than current policy history setting). ++mark('password history (policy value reduced below current array size)') ++realm.run([kadminl, 'addpol', '-history', '5', 'histpol']) ++realm.addprinc('histprinc', 'first') ++realm.run([kadminl, 'modprinc', '-policy', 'histpol', 'histprinc']) ++realm.run([kadminl, 'cpw', '-pw', 'second', 'histprinc']) ++realm.run([kadminl, 'cpw', '-pw', 'third', 'histprinc']) ++realm.run([kadminl, 'cpw', '-pw', 'fourth', 'histprinc']) ++realm.run([kadminl, 'modpol', '-history', '3', 'histpol']) ++realm.run([kadminl, 'cpw', '-pw', 'fifth', 'histprinc']) ++realm.run([kadminl, 'delprinc', 'histprinc']) ++ ++# Regression test for #2841 (heap buffer overflow when policy history ++# value is reduced to match the number of historical passwords for a ++# principal). ++mark('password history (policy value reduced to current array size)') ++def histfail(*pwlist): ++ for pw in pwlist: ++ realm.run([kadminl, 'cpw', '-pw', pw, 'histprinc'], expected_code=1, ++ expected_msg='Cannot reuse password') ++realm.run([kadminl, 'modpol', '-history', '3', 'histpol']) ++realm.addprinc('histprinc', '1111') ++realm.run([kadminl, 'modprinc', '-policy', 'histpol', 'histprinc']) ++realm.run([kadminl, 'cpw', '-pw', '2222', 'histprinc']) ++histfail('2222', '1111') ++realm.run([kadminl, 'modpol', '-history', '2', 'histpol']) ++realm.run([kadminl, 'cpw', '-pw', '3333', 'histprinc']) ++ ++# Test that the history array is properly resized if the policy ++# history value is increased after the array is filled. ++mark('password history (policy value increase)') ++realm.run([kadminl, 'delprinc', 'histprinc']) ++realm.addprinc('histprinc', '1111') ++realm.run([kadminl, 'modprinc', '-policy', 'histpol', 'histprinc']) ++realm.run([kadminl, 'cpw', '-pw', '2222', 'histprinc']) ++histfail('2222', '1111') ++realm.run([kadminl, 'cpw', '-pw', '2222', 'histprinc'], expected_code=1, ++ expected_msg='Cannot reuse password') ++realm.run([kadminl, 'cpw', '-pw', '1111', 'histprinc'], expected_code=1, ++ expected_msg='Cannot reuse password') ++realm.run([kadminl, 'modpol', '-history', '3', 'histpol']) ++realm.run([kadminl, 'cpw', '-pw', '3333', 'histprinc']) ++histfail('3333', '2222', '1111') ++realm.run([kadminl, 'modpol', '-history', '4', 'histpol']) ++histfail('3333', '2222', '1111') ++realm.run([kadminl, 'cpw', '-pw', '4444', 'histprinc']) ++histfail('4444', '3333', '2222', '1111') ++ ++# Test that when the policy history value is reduced, all currently ++# known old passwords still fail until the next password change, after ++# which the new number of old passwords fails (but no more). ++mark('password history (policy value reduction)') ++realm.run([kadminl, 'modpol', '-history', '3', 'histpol']) ++histfail('4444', '3333', '2222', '1111') ++realm.run([kadminl, 'cpw', '-pw', '5555', 'histprinc']) ++histfail('5555', '3333', '3333') ++realm.run([kadminl, 'cpw', '-pw', '2222', 'histprinc']) ++realm.run([kadminl, 'modpol', '-history', '2', 'histpol']) ++histfail('2222', '5555', '4444') ++realm.run([kadminl, 'cpw', '-pw', '3333', 'histprinc']) ++ + # Test references to nonexistent policies. + mark('nonexistent policy references') + realm.run([kadminl, 'addprinc', '-randkey', '-policy', 'newpol', 'newuser']) diff --git a/SOURCES/Remove-deprecated-OpenSSL-calls-from-softpkcs11.patch b/SOURCES/Remove-deprecated-OpenSSL-calls-from-softpkcs11.patch new file mode 100644 index 0000000..3c90b97 --- /dev/null +++ b/SOURCES/Remove-deprecated-OpenSSL-calls-from-softpkcs11.patch @@ -0,0 +1,150 @@ +From c99ecf1bb49e2fbd0bf30a7b357cf06407b9588a Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Sat, 15 May 2021 18:04:58 -0400 +Subject: [PATCH] Remove deprecated OpenSSL calls from softpkcs11 + +Rewrite add_pubkey_info() in terms of the EVP_PKEY interface. In this +process, fix its unchecked allocations and fail fast for non-RSA keys. + +(cherry picked from commit d6bf42279675100e3e4fe7c6e08eef74d49624cb) +(cherry picked from commit 5072bfdfaddae762680d0f9d97afa6dbf8274760) +--- + src/configure.ac | 1 + + src/tests/softpkcs11/main.c | 106 ++++++++++++++++++++++++------------ + 2 files changed, 72 insertions(+), 35 deletions(-) + +diff --git a/src/configure.ac b/src/configure.ac +index 3e1052db7..eb6307468 100644 +--- a/src/configure.ac ++++ b/src/configure.ac +@@ -1114,6 +1114,7 @@ int i = 1; + ])], k5_cv_openssl_version_okay=yes, k5_cv_openssl_version_okay=no)]) + old_LIBS="$LIBS" + AC_CHECK_LIB(crypto, PKCS7_get_signer_info) ++ AC_CHECK_FUNCS(EVP_PKEY_get_bn_param) + LIBS="$old_LIBS" + fi + if test "$k5_cv_openssl_version_okay" = yes && (test "$enable_pkinit" = yes || test "$enable_pkinit" = try); then +diff --git a/src/tests/softpkcs11/main.c b/src/tests/softpkcs11/main.c +index caa537b68..86b4ef711 100644 +--- a/src/tests/softpkcs11/main.c ++++ b/src/tests/softpkcs11/main.c +@@ -413,47 +413,83 @@ add_object_attribute(struct st_object *o, + return CKR_OK; + } + ++#ifdef HAVE_EVP_PKEY_GET_BN_PARAM ++ ++/* Declare owner pointers since EVP_PKEY_get_bn_param() gives us copies. */ ++#define DECLARE_BIGNUM(name) BIGNUM *name = NULL ++#define RELEASE_BIGNUM(bn) BN_clear_free(bn) + static CK_RV +-add_pubkey_info(struct st_object *o, CK_KEY_TYPE key_type, EVP_PKEY *key) ++get_bignums(EVP_PKEY *key, BIGNUM **n, BIGNUM **e) + { +- switch (key_type) { +- case CKK_RSA: { +- CK_BYTE *modulus = NULL; +- size_t modulus_len = 0; +- CK_ULONG modulus_bits = 0; +- CK_BYTE *exponent = NULL; +- size_t exponent_len = 0; +- const RSA *rsa; +- const BIGNUM *n, *e; ++ if (EVP_PKEY_get_bn_param(key, "n", n) == 0 || ++ EVP_PKEY_get_bn_param(key, "e", e) == 0) ++ return CKR_DEVICE_ERROR; + +- rsa = EVP_PKEY_get0_RSA(key); +- RSA_get0_key(rsa, &n, &e, NULL); +- modulus_bits = BN_num_bits(n); +- +- modulus_len = BN_num_bytes(n); +- modulus = malloc(modulus_len); +- BN_bn2bin(n, modulus); +- +- exponent_len = BN_num_bytes(e); +- exponent = malloc(exponent_len); +- BN_bn2bin(e, exponent); +- +- add_object_attribute(o, 0, CKA_MODULUS, modulus, modulus_len); +- add_object_attribute(o, 0, CKA_MODULUS_BITS, +- &modulus_bits, sizeof(modulus_bits)); +- add_object_attribute(o, 0, CKA_PUBLIC_EXPONENT, +- exponent, exponent_len); +- +- free(modulus); +- free(exponent); +- } +- default: +- /* XXX */ +- break; +- } + return CKR_OK; + } + ++#else ++ ++/* Declare const pointers since the old API gives us aliases. */ ++#define DECLARE_BIGNUM(name) const BIGNUM *name ++#define RELEASE_BIGNUM(bn) ++static CK_RV ++get_bignums(EVP_PKEY *key, const BIGNUM **n, const BIGNUM **e) ++{ ++ const RSA *rsa; ++ ++ rsa = EVP_PKEY_get0_RSA(key); ++ RSA_get0_key(rsa, n, e, NULL); ++ ++ return CKR_OK; ++} ++ ++#endif ++ ++static CK_RV ++add_pubkey_info(struct st_object *o, CK_KEY_TYPE key_type, EVP_PKEY *key) ++{ ++ CK_BYTE *modulus = NULL, *exponent = 0; ++ size_t modulus_len = 0, exponent_len = 0; ++ CK_ULONG modulus_bits = 0; ++ CK_RV ret; ++ DECLARE_BIGNUM(n); ++ DECLARE_BIGNUM(e); ++ ++ if (key_type != CKK_RSA) ++ abort(); ++ ++ ret = get_bignums(key, &n, &e); ++ if (ret != CKR_OK) ++ goto done; ++ ++ modulus_bits = BN_num_bits(n); ++ modulus_len = BN_num_bytes(n); ++ exponent_len = BN_num_bytes(e); ++ ++ modulus = malloc(modulus_len); ++ exponent = malloc(exponent_len); ++ if (modulus == NULL || exponent == NULL) { ++ ret = CKR_DEVICE_MEMORY; ++ goto done; ++ } ++ ++ BN_bn2bin(n, modulus); ++ BN_bn2bin(e, exponent); ++ ++ add_object_attribute(o, 0, CKA_MODULUS, modulus, modulus_len); ++ add_object_attribute(o, 0, CKA_MODULUS_BITS, &modulus_bits, ++ sizeof(modulus_bits)); ++ add_object_attribute(o, 0, CKA_PUBLIC_EXPONENT, exponent, exponent_len); ++ ++ ret = CKR_OK; ++done: ++ free(modulus); ++ free(exponent); ++ RELEASE_BIGNUM(n); ++ RELEASE_BIGNUM(e); ++ return ret; ++} + + static int + pem_callback(char *buf, int num, int w, void *key) diff --git a/SOURCES/Support-host-based-GSS-initiator-names.patch b/SOURCES/Support-host-based-GSS-initiator-names.patch new file mode 100644 index 0000000..4a224d0 --- /dev/null +++ b/SOURCES/Support-host-based-GSS-initiator-names.patch @@ -0,0 +1,578 @@ +From e33835c4b6c6ce71757e9f659db03afa4bfd9a9a Mon Sep 17 00:00:00 2001 +From: Greg Hudson +Date: Fri, 15 Jan 2021 13:51:34 -0500 +Subject: [PATCH] Support host-based GSS initiator names + +When checking if we can get initial credentials in the GSS krb5 mech, +use krb5_kt_have_match() to support fallback iteration. When scanning +the ccache or getting initial credentials, rewrite cred->name->princ +to the canonical client name. When a name check is necessary (such as +when the caller specifies both a name and ccache), use a new internal +API k5_sname_compare() to support fallback iteration. Add fallback +iteration to krb5_cc_cache_match() to allow host-based names to be +canonicalized against the cache collection. + +Create and store the matching principal for acceptor names in +acquire_accept_cred() so that it isn't affected by changes in +cred->name->princ during acquire_init_cred(). + +ticket: 8978 (new) +(cherry picked from commit c374ab40dd059a5938ffc0440d87457ac5da3a46) +--- + src/include/k5-int.h | 9 +++ + src/include/k5-trace.h | 3 + + src/lib/gssapi/krb5/accept_sec_context.c | 15 +--- + src/lib/gssapi/krb5/acquire_cred.c | 89 ++++++++++++++---------- + src/lib/gssapi/krb5/gssapiP_krb5.h | 1 + + src/lib/gssapi/krb5/rel_cred.c | 1 + + src/lib/krb5/ccache/cccursor.c | 57 +++++++++++---- + src/lib/krb5/libkrb5.exports | 1 + + src/lib/krb5/os/sn2princ.c | 23 +++++- + src/lib/krb5_32.def | 1 + + src/tests/gssapi/t_client_keytab.py | 44 ++++++++++++ + src/tests/gssapi/t_credstore.py | 32 +++++++++ + 12 files changed, 214 insertions(+), 62 deletions(-) + +diff --git a/src/include/k5-int.h b/src/include/k5-int.h +index efb523689..46f2ce2d3 100644 +--- a/src/include/k5-int.h ++++ b/src/include/k5-int.h +@@ -2411,4 +2411,13 @@ void k5_change_error_message_code(krb5_context ctx, krb5_error_code oldcode, + #define k5_prependmsg krb5_prepend_error_message + #define k5_wrapmsg krb5_wrap_error_message + ++/* ++ * Like krb5_principal_compare(), but with canonicalization of sname if ++ * fallback is enabled. This function should be avoided if multiple matches ++ * are required, since repeated canonicalization is inefficient. ++ */ ++krb5_boolean ++k5_sname_compare(krb5_context context, krb5_const_principal sname, ++ krb5_const_principal princ); ++ + #endif /* _KRB5_INT_H */ +diff --git a/src/include/k5-trace.h b/src/include/k5-trace.h +index b3e039dc8..79b5a7a85 100644 +--- a/src/include/k5-trace.h ++++ b/src/include/k5-trace.h +@@ -105,6 +105,9 @@ void krb5int_trace(krb5_context context, const char *fmt, ...); + + #endif /* DISABLE_TRACING */ + ++#define TRACE_CC_CACHE_MATCH(c, princ, ret) \ ++ TRACE(c, "Matching {princ} in collection with result: {kerr}", \ ++ princ, ret) + #define TRACE_CC_DESTROY(c, cache) \ + TRACE(c, "Destroying ccache {ccache}", cache) + #define TRACE_CC_GEN_NEW(c, cache) \ +diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c +index fcf2c2152..a1d7e0d96 100644 +--- a/src/lib/gssapi/krb5/accept_sec_context.c ++++ b/src/lib/gssapi/krb5/accept_sec_context.c +@@ -683,7 +683,6 @@ kg_accept_krb5(minor_status, context_handle, + krb5_flags ap_req_options = 0; + krb5_enctype negotiated_etype; + krb5_authdata_context ad_context = NULL; +- krb5_principal accprinc = NULL; + krb5_ap_req *request = NULL; + + code = krb5int_accessor (&kaccess, KRB5INT_ACCESS_VERSION); +@@ -849,17 +848,9 @@ kg_accept_krb5(minor_status, context_handle, + } + } + +- if (!cred->default_identity) { +- if ((code = kg_acceptor_princ(context, cred->name, &accprinc))) { +- major_status = GSS_S_FAILURE; +- goto fail; +- } +- } +- +- code = krb5_rd_req_decoded(context, &auth_context, request, accprinc, +- cred->keytab, &ap_req_options, NULL); +- +- krb5_free_principal(context, accprinc); ++ code = krb5_rd_req_decoded(context, &auth_context, request, ++ cred->acceptor_mprinc, cred->keytab, ++ &ap_req_options, NULL); + if (code) { + major_status = GSS_S_FAILURE; + goto fail; +diff --git a/src/lib/gssapi/krb5/acquire_cred.c b/src/lib/gssapi/krb5/acquire_cred.c +index 632ee7def..e226a0269 100644 +--- a/src/lib/gssapi/krb5/acquire_cred.c ++++ b/src/lib/gssapi/krb5/acquire_cred.c +@@ -123,11 +123,11 @@ gss_krb5int_register_acceptor_identity(OM_uint32 *minor_status, + /* Try to verify that keytab contains at least one entry for name. Return 0 if + * it does, KRB5_KT_NOTFOUND if it doesn't, or another error as appropriate. */ + static krb5_error_code +-check_keytab(krb5_context context, krb5_keytab kt, krb5_gss_name_t name) ++check_keytab(krb5_context context, krb5_keytab kt, krb5_gss_name_t name, ++ krb5_principal mprinc) + { + krb5_error_code code; + krb5_keytab_entry ent; +- krb5_principal accprinc = NULL; + char *princname; + + if (name->service == NULL) { +@@ -141,21 +141,15 @@ check_keytab(krb5_context context, krb5_keytab kt, krb5_gss_name_t name) + if (kt->ops->start_seq_get == NULL) + return 0; + +- /* Get the partial principal for the acceptor name. */ +- code = kg_acceptor_princ(context, name, &accprinc); +- if (code) +- return code; +- +- /* Scan the keytab for host-based entries matching accprinc. */ +- code = k5_kt_have_match(context, kt, accprinc); ++ /* Scan the keytab for host-based entries matching mprinc. */ ++ code = k5_kt_have_match(context, kt, mprinc); + if (code == KRB5_KT_NOTFOUND) { +- if (krb5_unparse_name(context, accprinc, &princname) == 0) { ++ if (krb5_unparse_name(context, mprinc, &princname) == 0) { + k5_setmsg(context, code, _("No key table entry found matching %s"), + princname); + free(princname); + } + } +- krb5_free_principal(context, accprinc); + return code; + } + +@@ -202,8 +196,14 @@ acquire_accept_cred(krb5_context context, OM_uint32 *minor_status, + } + + if (cred->name != NULL) { ++ code = kg_acceptor_princ(context, cred->name, &cred->acceptor_mprinc); ++ if (code) { ++ major = GSS_S_FAILURE; ++ goto cleanup; ++ } ++ + /* Make sure we have keys matching the desired name in the keytab. */ +- code = check_keytab(context, kt, cred->name); ++ code = check_keytab(context, kt, cred->name, cred->acceptor_mprinc); + if (code) { + if (code == KRB5_KT_NOTFOUND) { + k5_change_error_message_code(context, code, KG_KEYTAB_NOMATCH); +@@ -324,7 +324,6 @@ static krb5_boolean + can_get_initial_creds(krb5_context context, krb5_gss_cred_id_rec *cred) + { + krb5_error_code code; +- krb5_keytab_entry entry; + + if (cred->password != NULL) + return TRUE; +@@ -336,20 +335,21 @@ can_get_initial_creds(krb5_context context, krb5_gss_cred_id_rec *cred) + if (cred->name == NULL) + return !krb5_kt_have_content(context, cred->client_keytab); + +- /* Check if we have a keytab key for the client principal. */ +- code = krb5_kt_get_entry(context, cred->client_keytab, cred->name->princ, +- 0, 0, &entry); +- if (code) { +- krb5_clear_error_message(context); +- return FALSE; +- } +- krb5_free_keytab_entry_contents(context, &entry); +- return TRUE; ++ /* ++ * Check if we have a keytab key for the client principal. This is a bit ++ * more permissive than we really want because krb5_kt_have_match() ++ * supports wildcarding and obeys ignore_acceptor_hostname, but that should ++ * generally be harmless. ++ */ ++ code = k5_kt_have_match(context, cred->client_keytab, cred->name->princ); ++ return code == 0; + } + +-/* Scan cred->ccache for name, expiry time, impersonator, refresh time. */ ++/* Scan cred->ccache for name, expiry time, impersonator, refresh time. If ++ * check_name is true, verify the cache name against the credential name. */ + static krb5_error_code +-scan_ccache(krb5_context context, krb5_gss_cred_id_rec *cred) ++scan_ccache(krb5_context context, krb5_gss_cred_id_rec *cred, ++ krb5_boolean check_name) + { + krb5_error_code code; + krb5_ccache ccache = cred->ccache; +@@ -365,23 +365,31 @@ scan_ccache(krb5_context context, krb5_gss_cred_id_rec *cred) + if (code) + return code; + +- /* Credentials cache principal must match the initiator name. */ + code = krb5_cc_get_principal(context, ccache, &ccache_princ); + if (code != 0) + goto cleanup; +- if (cred->name != NULL && +- !krb5_principal_compare(context, ccache_princ, cred->name->princ)) { +- code = KG_CCACHE_NOMATCH; +- goto cleanup; +- } + +- /* Save the ccache principal as the credential name if not already set. */ +- if (!cred->name) { ++ if (cred->name == NULL) { ++ /* Save the ccache principal as the credential name. */ + code = kg_init_name(context, ccache_princ, NULL, NULL, NULL, + KG_INIT_NAME_NO_COPY, &cred->name); + if (code) + goto cleanup; + ccache_princ = NULL; ++ } else { ++ /* Check against the desired name if needed. */ ++ if (check_name) { ++ if (!k5_sname_compare(context, cred->name->princ, ccache_princ)) { ++ code = KG_CCACHE_NOMATCH; ++ goto cleanup; ++ } ++ } ++ ++ /* Replace the credential name principal with the canonical client ++ * principal, retaining acceptor_mprinc if set. */ ++ krb5_free_principal(context, cred->name->princ); ++ cred->name->princ = ccache_princ; ++ ccache_princ = NULL; + } + + assert(cred->name->princ != NULL); +@@ -447,7 +455,7 @@ get_cache_for_name(krb5_context context, krb5_gss_cred_id_rec *cred) + assert(cred->name != NULL && cred->ccache == NULL); + #ifdef USE_LEASH + code = get_ccache_leash(context, cred->name->princ, &cred->ccache); +- return code ? code : scan_ccache(context, cred); ++ return code ? code : scan_ccache(context, cred, TRUE); + #else + /* Check first whether we can acquire tickets, to avoid overwriting the + * extended error message from krb5_cc_cache_match. */ +@@ -456,7 +464,7 @@ get_cache_for_name(krb5_context context, krb5_gss_cred_id_rec *cred) + /* Look for an existing cache for the client principal. */ + code = krb5_cc_cache_match(context, cred->name->princ, &cred->ccache); + if (code == 0) +- return scan_ccache(context, cred); ++ return scan_ccache(context, cred, FALSE); + if (code != KRB5_CC_NOTFOUND || !can_get) + return code; + krb5_clear_error_message(context); +@@ -633,6 +641,13 @@ get_initial_cred(krb5_context context, const struct verify_params *verify, + kg_cred_set_initial_refresh(context, cred, &creds.times); + cred->have_tgt = TRUE; + cred->expire = creds.times.endtime; ++ ++ /* Steal the canonical client principal name from creds and save it in the ++ * credential name, retaining acceptor_mprinc if set. */ ++ krb5_free_principal(context, cred->name->princ); ++ cred->name->princ = creds.client; ++ creds.client = NULL; ++ + krb5_free_cred_contents(context, &creds); + cleanup: + krb5_get_init_creds_opt_free(context, opt); +@@ -721,7 +736,7 @@ acquire_init_cred(krb5_context context, OM_uint32 *minor_status, + + if (cred->ccache != NULL) { + /* The caller specified a ccache; check what's in it. */ +- code = scan_ccache(context, cred); ++ code = scan_ccache(context, cred, TRUE); + if (code == KRB5_FCC_NOFILE) { + /* See if we can get initial creds. If the caller didn't specify + * a name, pick one from the client keytab. */ +@@ -984,7 +999,7 @@ kg_cred_resolve(OM_uint32 *minor_status, krb5_context context, + } + } + if (cred->ccache != NULL) { +- code = scan_ccache(context, cred); ++ code = scan_ccache(context, cred, FALSE); + if (code) + goto kerr; + } +@@ -996,7 +1011,7 @@ kg_cred_resolve(OM_uint32 *minor_status, krb5_context context, + code = krb5int_cc_default(context, &cred->ccache); + if (code) + goto kerr; +- code = scan_ccache(context, cred); ++ code = scan_ccache(context, cred, FALSE); + if (code == KRB5_FCC_NOFILE) { + /* Default ccache doesn't exist; fall through to client keytab. */ + krb5_cc_close(context, cred->ccache); +diff --git a/src/lib/gssapi/krb5/gssapiP_krb5.h b/src/lib/gssapi/krb5/gssapiP_krb5.h +index 3bacdcd35..fd7abbd77 100644 +--- a/src/lib/gssapi/krb5/gssapiP_krb5.h ++++ b/src/lib/gssapi/krb5/gssapiP_krb5.h +@@ -175,6 +175,7 @@ typedef struct _krb5_gss_cred_id_rec { + /* name/type of credential */ + gss_cred_usage_t usage; + krb5_gss_name_t name; ++ krb5_principal acceptor_mprinc; + krb5_principal impersonator; + unsigned int default_identity : 1; + unsigned int iakerb_mech : 1; +diff --git a/src/lib/gssapi/krb5/rel_cred.c b/src/lib/gssapi/krb5/rel_cred.c +index a9515daf7..0da6c1b95 100644 +--- a/src/lib/gssapi/krb5/rel_cred.c ++++ b/src/lib/gssapi/krb5/rel_cred.c +@@ -72,6 +72,7 @@ krb5_gss_release_cred(minor_status, cred_handle) + if (cred->name) + kg_release_name(context, &cred->name); + ++ krb5_free_principal(context, cred->acceptor_mprinc); + krb5_free_principal(context, cred->impersonator); + + if (cred->req_enctypes) +diff --git a/src/lib/krb5/ccache/cccursor.c b/src/lib/krb5/ccache/cccursor.c +index 8f5872116..760216d05 100644 +--- a/src/lib/krb5/ccache/cccursor.c ++++ b/src/lib/krb5/ccache/cccursor.c +@@ -30,6 +30,7 @@ + + #include "cc-int.h" + #include "../krb/int-proto.h" ++#include "../os/os-proto.h" + + #include + +@@ -141,18 +142,18 @@ krb5_cccol_cursor_free(krb5_context context, + return 0; + } + +-krb5_error_code KRB5_CALLCONV +-krb5_cc_cache_match(krb5_context context, krb5_principal client, +- krb5_ccache *cache_out) ++static krb5_error_code ++match_caches(krb5_context context, krb5_const_principal client, ++ krb5_ccache *cache_out) + { + krb5_error_code ret; + krb5_cccol_cursor cursor; + krb5_ccache cache = NULL; + krb5_principal princ; +- char *name; + krb5_boolean eq; + + *cache_out = NULL; ++ + ret = krb5_cccol_cursor_new(context, &cursor); + if (ret) + return ret; +@@ -169,20 +170,52 @@ krb5_cc_cache_match(krb5_context context, krb5_principal client, + krb5_cc_close(context, cache); + } + krb5_cccol_cursor_free(context, &cursor); ++ + if (ret) + return ret; +- if (cache == NULL) { +- ret = krb5_unparse_name(context, client, &name); +- if (ret == 0) { +- k5_setmsg(context, KRB5_CC_NOTFOUND, ++ if (cache == NULL) ++ return KRB5_CC_NOTFOUND; ++ ++ *cache_out = cache; ++ return 0; ++} ++ ++krb5_error_code KRB5_CALLCONV ++krb5_cc_cache_match(krb5_context context, krb5_principal client, ++ krb5_ccache *cache_out) ++{ ++ krb5_error_code ret; ++ struct canonprinc iter = { client, .subst_defrealm = TRUE }; ++ krb5_const_principal canonprinc = NULL; ++ krb5_ccache cache = NULL; ++ char *name; ++ ++ *cache_out = NULL; ++ ++ while ((ret = k5_canonprinc(context, &iter, &canonprinc)) == 0 && ++ canonprinc != NULL) { ++ ret = match_caches(context, canonprinc, &cache); ++ if (ret != KRB5_CC_NOTFOUND) ++ break; ++ } ++ free_canonprinc(&iter); ++ ++ if (ret == 0 && canonprinc == NULL) { ++ ret = KRB5_CC_NOTFOUND; ++ if (krb5_unparse_name(context, client, &name) == 0) { ++ k5_setmsg(context, ret, + _("Can't find client principal %s in cache collection"), + name); + krb5_free_unparsed_name(context, name); + } +- ret = KRB5_CC_NOTFOUND; +- } else +- *cache_out = cache; +- return ret; ++ } ++ ++ TRACE_CC_CACHE_MATCH(context, client, ret); ++ if (ret) ++ return ret; ++ ++ *cache_out = cache; ++ return 0; + } + + /* Store the error state for code from context into errsave, but only if code +diff --git a/src/lib/krb5/libkrb5.exports b/src/lib/krb5/libkrb5.exports +index adbfa332b..df6e2ffbe 100644 +--- a/src/lib/krb5/libkrb5.exports ++++ b/src/lib/krb5/libkrb5.exports +@@ -181,6 +181,7 @@ k5_size_authdata_context + k5_size_context + k5_size_keyblock + k5_size_principal ++k5_sname_compare + k5_unmarshal_cred + k5_unmarshal_princ + k5_unwrap_cammac_svc +diff --git a/src/lib/krb5/os/sn2princ.c b/src/lib/krb5/os/sn2princ.c +index 8b7214189..c99b7da17 100644 +--- a/src/lib/krb5/os/sn2princ.c ++++ b/src/lib/krb5/os/sn2princ.c +@@ -277,7 +277,8 @@ k5_canonprinc(krb5_context context, struct canonprinc *iter, + + /* If we're not doing fallback, the input principal is canonical. */ + if (context->dns_canonicalize_hostname != CANONHOST_FALLBACK || +- iter->princ->type != KRB5_NT_SRV_HST || iter->princ->length != 2) { ++ iter->princ->type != KRB5_NT_SRV_HST || iter->princ->length != 2 || ++ iter->princ->data[1].length == 0) { + *princ_out = (step == 1) ? iter->princ : NULL; + return 0; + } +@@ -288,6 +289,26 @@ k5_canonprinc(krb5_context context, struct canonprinc *iter, + return canonicalize_princ(context, iter, step == 2, princ_out); + } + ++krb5_boolean ++k5_sname_compare(krb5_context context, krb5_const_principal sname, ++ krb5_const_principal princ) ++{ ++ krb5_error_code ret; ++ struct canonprinc iter = { sname, .subst_defrealm = TRUE }; ++ krb5_const_principal canonprinc = NULL; ++ krb5_boolean match = FALSE; ++ ++ while ((ret = k5_canonprinc(context, &iter, &canonprinc)) == 0 && ++ canonprinc != NULL) { ++ if (krb5_principal_compare(context, canonprinc, princ)) { ++ match = TRUE; ++ break; ++ } ++ } ++ free_canonprinc(&iter); ++ return match; ++} ++ + krb5_error_code KRB5_CALLCONV + krb5_sname_to_principal(krb5_context context, const char *hostname, + const char *sname, krb5_int32 type, +diff --git a/src/lib/krb5_32.def b/src/lib/krb5_32.def +index 60b8dd311..cf690dbe4 100644 +--- a/src/lib/krb5_32.def ++++ b/src/lib/krb5_32.def +@@ -507,3 +507,4 @@ EXPORTS + ; new in 1.20 + krb5_marshal_credentials @472 + krb5_unmarshal_credentials @473 ++ k5_sname_compare @474 ; PRIVATE GSSAPI +diff --git a/src/tests/gssapi/t_client_keytab.py b/src/tests/gssapi/t_client_keytab.py +index 7847b3ecd..9a61d53b8 100755 +--- a/src/tests/gssapi/t_client_keytab.py ++++ b/src/tests/gssapi/t_client_keytab.py +@@ -141,5 +141,49 @@ msgs = ('Getting initial credentials for user/admin@KRBTEST.COM', + '/Matching credential not found') + realm.run(['./t_ccselect', phost], expected_code=1, + expected_msg='Ticket expired', expected_trace=msgs) ++realm.run([kdestroy, '-A']) ++ ++# Test 19: host-based initiator name ++mark('host-based initiator name') ++hsvc = 'h:svc@' + hostname ++svcprinc = 'svc/%s@%s' % (hostname, realm.realm) ++realm.addprinc(svcprinc) ++realm.extract_keytab(svcprinc, realm.client_keytab) ++# On the first run we match against the keytab while getting tickets, ++# substituting the default realm. ++msgs = ('/Can\'t find client principal svc/%s@ in' % hostname, ++ 'Getting initial credentials for svc/%s@' % hostname, ++ 'Found entries for %s in keytab' % svcprinc, ++ 'Retrieving %s from FILE:%s' % (svcprinc, realm.client_keytab), ++ 'Storing %s -> %s in' % (svcprinc, realm.krbtgt_princ), ++ 'Retrieving %s -> %s from' % (svcprinc, realm.krbtgt_princ), ++ 'authenticator for %s -> %s' % (svcprinc, realm.host_princ)) ++realm.run(['./t_ccselect', phost, hsvc], expected_trace=msgs) ++# On the second run we match against the collection. ++msgs = ('Matching svc/%s@ in collection with result: 0' % hostname, ++ 'Getting credentials %s -> %s' % (svcprinc, realm.host_princ), ++ 'authenticator for %s -> %s' % (svcprinc, realm.host_princ)) ++realm.run(['./t_ccselect', phost, hsvc], expected_trace=msgs) ++realm.run([kdestroy, '-A']) ++ ++# Test 20: host-based initiator name with fallback ++mark('host-based fallback initiator name') ++canonname = canonicalize_hostname(hostname) ++if canonname != hostname: ++ hfsvc = 'h:fsvc@' + hostname ++ canonprinc = 'fsvc/%s@%s' % (canonname, realm.realm) ++ realm.addprinc(canonprinc) ++ realm.extract_keytab(canonprinc, realm.client_keytab) ++ msgs = ('/Can\'t find client principal fsvc/%s@ in' % hostname, ++ 'Found entries for %s in keytab' % canonprinc, ++ 'authenticator for %s -> %s' % (canonprinc, realm.host_princ)) ++ realm.run(['./t_ccselect', phost, hfsvc], expected_trace=msgs) ++ msgs = ('Matching fsvc/%s@ in collection with result: 0' % hostname, ++ 'Getting credentials %s -> %s' % (canonprinc, realm.host_princ)) ++ realm.run(['./t_ccselect', phost, hfsvc], expected_trace=msgs) ++ realm.run([kdestroy, '-A']) ++else: ++ skipped('GSS initiator name fallback test', ++ '%s does not canonicalize to a different name' % hostname) + + success('Client keytab tests') +diff --git a/src/tests/gssapi/t_credstore.py b/src/tests/gssapi/t_credstore.py +index c11975bf5..9be57bb82 100644 +--- a/src/tests/gssapi/t_credstore.py ++++ b/src/tests/gssapi/t_credstore.py +@@ -15,6 +15,38 @@ msgs = ('Storing %s -> %s in %s' % (service_cs, realm.krbtgt_princ, + realm.run(['./t_credstore', '-s', 'p:' + service_cs, 'ccache', storagecache, + 'keytab', servicekeytab], expected_trace=msgs) + ++mark('matching') ++scc = 'FILE:' + os.path.join(realm.testdir, 'service_cache') ++realm.kinit(realm.host_princ, flags=['-k', '-c', scc]) ++realm.run(['./t_credstore', '-i', 'p:' + realm.host_princ, 'ccache', scc]) ++realm.run(['./t_credstore', '-i', 'h:host', 'ccache', scc]) ++realm.run(['./t_credstore', '-i', 'h:host@' + hostname, 'ccache', scc]) ++realm.run(['./t_credstore', '-i', 'p:wrong', 'ccache', scc], ++ expected_code=1, expected_msg='does not match desired name') ++realm.run(['./t_credstore', '-i', 'h:host@-nomatch-', 'ccache', scc], ++ expected_code=1, expected_msg='does not match desired name') ++realm.run(['./t_credstore', '-i', 'h:svc', 'ccache', scc], ++ expected_code=1, expected_msg='does not match desired name') ++ ++mark('matching (fallback)') ++canonname = canonicalize_hostname(hostname) ++if canonname != hostname: ++ canonprinc = 'host/%s@%s' % (canonname, realm.realm) ++ realm.addprinc(canonprinc) ++ realm.extract_keytab(canonprinc, realm.keytab) ++ realm.kinit(canonprinc, flags=['-k', '-c', scc]) ++ realm.run(['./t_credstore', '-i', 'h:host', 'ccache', scc]) ++ realm.run(['./t_credstore', '-i', 'h:host@' + hostname, 'ccache', scc]) ++ realm.run(['./t_credstore', '-i', 'h:host@' + canonname, 'ccache', scc]) ++ realm.run(['./t_credstore', '-i', 'p:' + canonprinc, 'ccache', scc]) ++ realm.run(['./t_credstore', '-i', 'p:' + realm.host_princ, 'ccache', scc], ++ expected_code=1, expected_msg='does not match desired name') ++ realm.run(['./t_credstore', '-i', 'h:host@-nomatch-', 'ccache', scc], ++ expected_code=1, expected_msg='does not match desired name') ++else: ++ skipped('fallback matching test', ++ '%s does not canonicalize to a different name' % hostname) ++ + mark('rcache') + # t_credstore -r should produce a replay error normally, but not with + # rcache set to "none:". diff --git a/SOURCES/Use-KCM_OP_RETRIEVE-in-KCM-client.patch b/SOURCES/Use-KCM_OP_RETRIEVE-in-KCM-client.patch new file mode 100644 index 0000000..4884d1f --- /dev/null +++ b/SOURCES/Use-KCM_OP_RETRIEVE-in-KCM-client.patch @@ -0,0 +1,236 @@ +From 43e3bca2a711de257091454bc5e25a985340d847 Mon Sep 17 00:00:00 2001 +From: Greg Hudson +Date: Fri, 26 Mar 2021 23:38:54 -0400 +Subject: [PATCH] Use KCM_OP_RETRIEVE in KCM client + +In kcm_retrieve(), try KCM_OP_RETRIEVE. Fall back to iteration if the +server doesn't implement it, or if we can an answer incompatible with +KRB5_TC_SUPPORTED_KTYPES. + +In kcmserver.py, implement partial decoding for creds and cred tags so +that we can do a basic principal name match. + +ticket: 8997 (new) +(cherry picked from commit 795ebba8c039be172ab93cd41105c73ffdba0fdb) +(cherry picked from commit c56d4b87de0f30a38dc61d374ad225d02d581eb3) +--- + src/include/kcm.h | 2 +- + src/lib/krb5/ccache/cc_kcm.c | 52 +++++++++++++++++++++++++++++++++--- + src/tests/kcmserver.py | 44 +++++++++++++++++++++++++++--- + src/tests/t_ccache.py | 11 +++++--- + 4 files changed, 99 insertions(+), 10 deletions(-) + +diff --git a/src/include/kcm.h b/src/include/kcm.h +index 9b66f1cbd..85c20d345 100644 +--- a/src/include/kcm.h ++++ b/src/include/kcm.h +@@ -87,7 +87,7 @@ typedef enum kcm_opcode { + KCM_OP_INITIALIZE, /* (name, princ) -> () */ + KCM_OP_DESTROY, /* (name) -> () */ + KCM_OP_STORE, /* (name, cred) -> () */ +- KCM_OP_RETRIEVE, ++ KCM_OP_RETRIEVE, /* (name, flags, credtag) -> (cred) */ + KCM_OP_GET_PRINCIPAL, /* (name) -> (princ) */ + KCM_OP_GET_CRED_UUID_LIST, /* (name) -> (uuid, ...) */ + KCM_OP_GET_CRED_BY_UUID, /* (name, uuid) -> (cred) */ +diff --git a/src/lib/krb5/ccache/cc_kcm.c b/src/lib/krb5/ccache/cc_kcm.c +index 46705f1da..23fcf13ea 100644 +--- a/src/lib/krb5/ccache/cc_kcm.c ++++ b/src/lib/krb5/ccache/cc_kcm.c +@@ -826,9 +826,55 @@ static krb5_error_code KRB5_CALLCONV + kcm_retrieve(krb5_context context, krb5_ccache cache, krb5_flags flags, + krb5_creds *mcred, krb5_creds *cred_out) + { +- /* There is a KCM opcode for retrieving creds, but Heimdal's client doesn't +- * use it. It causes the KCM daemon to actually make a TGS request. */ +- return k5_cc_retrieve_cred_default(context, cache, flags, mcred, cred_out); ++ krb5_error_code ret; ++ struct kcmreq req = EMPTY_KCMREQ; ++ krb5_creds cred; ++ krb5_enctype *enctypes = NULL; ++ ++ memset(&cred, 0, sizeof(cred)); ++ ++ /* Include KCM_GC_CACHED in flags to prevent Heimdal's sssd from making a ++ * TGS request itself. */ ++ kcmreq_init(&req, KCM_OP_RETRIEVE, cache); ++ k5_buf_add_uint32_be(&req.reqbuf, map_tcflags(flags) | KCM_GC_CACHED); ++ k5_marshal_mcred(&req.reqbuf, mcred); ++ ret = cache_call(context, cache, &req); ++ ++ /* Fall back to iteration if the server does not support retrieval. */ ++ if (ret == KRB5_FCC_INTERNAL || ret == KRB5_CC_IO) { ++ ret = k5_cc_retrieve_cred_default(context, cache, flags, mcred, ++ cred_out); ++ goto cleanup; ++ } ++ if (ret) ++ goto cleanup; ++ ++ ret = k5_unmarshal_cred(req.reply.ptr, req.reply.len, 4, &cred); ++ if (ret) ++ goto cleanup; ++ ++ /* In rare cases we might retrieve a credential with a session key this ++ * context can't support, in which case we must retry using iteration. */ ++ if (flags & KRB5_TC_SUPPORTED_KTYPES) { ++ ret = krb5_get_tgs_ktypes(context, cred.server, &enctypes); ++ if (ret) ++ goto cleanup; ++ if (!k5_etypes_contains(enctypes, cred.keyblock.enctype)) { ++ ret = k5_cc_retrieve_cred_default(context, cache, flags, mcred, ++ cred_out); ++ goto cleanup; ++ } ++ } ++ ++ *cred_out = cred; ++ memset(&cred, 0, sizeof(cred)); ++ ++cleanup: ++ kcmreq_free(&req); ++ krb5_free_cred_contents(context, &cred); ++ free(enctypes); ++ /* Heimdal's KCM returns KRB5_CC_END if no cred is found. */ ++ return (ret == KRB5_CC_END) ? KRB5_CC_NOTFOUND : map_invalid(ret); + } + + static krb5_error_code KRB5_CALLCONV +diff --git a/src/tests/kcmserver.py b/src/tests/kcmserver.py +index 8c5e66ff1..25e6f2bbe 100644 +--- a/src/tests/kcmserver.py ++++ b/src/tests/kcmserver.py +@@ -40,6 +40,7 @@ class KCMOpcodes(object): + INITIALIZE = 4 + DESTROY = 5 + STORE = 6 ++ RETRIEVE = 7 + GET_PRINCIPAL = 8 + GET_CRED_UUID_LIST = 9 + GET_CRED_BY_UUID = 10 +@@ -54,6 +55,7 @@ class KCMOpcodes(object): + + + class KRB5Errors(object): ++ KRB5_CC_NOTFOUND = -1765328243 + KRB5_CC_END = -1765328242 + KRB5_CC_NOSUPP = -1765328137 + KRB5_FCC_NOFILE = -1765328189 +@@ -86,11 +88,29 @@ def get_cache(name): + return cache + + ++def unpack_data(argbytes): ++ dlen, = struct.unpack('>L', argbytes[:4]) ++ return argbytes[4:dlen+4], argbytes[dlen+4:] ++ ++ + def unmarshal_name(argbytes): + offset = argbytes.find(b'\0') + return argbytes[0:offset], argbytes[offset+1:] + + ++def unmarshal_princ(argbytes): ++ # Ignore the type at argbytes[0:4]. ++ ncomps, = struct.unpack('>L', argbytes[4:8]) ++ realm, rest = unpack_data(argbytes[8:]) ++ comps = [] ++ for i in range(ncomps): ++ comp, rest = unpack_data(rest) ++ comps.append(comp) ++ # Asssume no quoting is needed. ++ princ = b'/'.join(comps) + b'@' + realm ++ return princ, rest ++ ++ + def op_gen_new(argbytes): + # Does not actually check for uniqueness. + global next_unique +@@ -126,6 +146,22 @@ def op_store(argbytes): + return 0, b'' + + ++def op_retrieve(argbytes): ++ name, rest = unmarshal_name(argbytes) ++ # Ignore the flags at rest[0:4] and the header at rest[4:8]. ++ # Assume there are client and server creds in the tag and match ++ # only against them. ++ cprinc, rest = unmarshal_princ(rest[8:]) ++ sprinc, rest = unmarshal_princ(rest) ++ cache = get_cache(name) ++ for cred in (cache.creds[u] for u in cache.cred_uuids): ++ cred_cprinc, rest = unmarshal_princ(cred) ++ cred_sprinc, rest = unmarshal_princ(rest) ++ if cred_cprinc == cprinc and cred_sprinc == sprinc: ++ return 0, cred ++ return KRB5Errors.KRB5_CC_NOTFOUND, b'' ++ ++ + def op_get_principal(argbytes): + name, rest = unmarshal_name(argbytes) + cache = get_cache(name) +@@ -199,6 +235,7 @@ ophandlers = { + KCMOpcodes.INITIALIZE : op_initialize, + KCMOpcodes.DESTROY : op_destroy, + KCMOpcodes.STORE : op_store, ++ KCMOpcodes.RETRIEVE : op_retrieve, + KCMOpcodes.GET_PRINCIPAL : op_get_principal, + KCMOpcodes.GET_CRED_UUID_LIST : op_get_cred_uuid_list, + KCMOpcodes.GET_CRED_BY_UUID : op_get_cred_by_uuid, +@@ -243,10 +280,11 @@ def service_request(s): + return True + + parser = optparse.OptionParser() +-parser.add_option('-c', '--credlist', action='store_true', dest='credlist', +- default=False, help='Support KCM_OP_GET_CRED_LIST') ++parser.add_option('-f', '--fallback', action='store_true', dest='fallback', ++ default=False, help='Do not support RETRIEVE/GET_CRED_LIST') + (options, args) = parser.parse_args() +-if not options.credlist: ++if options.fallback: ++ del ophandlers[KCMOpcodes.RETRIEVE] + del ophandlers[KCMOpcodes.GET_CRED_LIST] + + server = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM) +diff --git a/src/tests/t_ccache.py b/src/tests/t_ccache.py +index 90040fb7b..6ea9fb969 100755 +--- a/src/tests/t_ccache.py ++++ b/src/tests/t_ccache.py +@@ -25,7 +25,7 @@ from k5test import * + kcm_socket_path = os.path.join(os.getcwd(), 'testdir', 'kcm') + conf = {'libdefaults': {'kcm_socket': kcm_socket_path, + 'kcm_mach_service': '-'}} +-realm = K5Realm(create_host=False, krb5_conf=conf) ++realm = K5Realm(krb5_conf=conf) + + keyctl = which('keyctl') + out = realm.run([klist, '-c', 'KEYRING:process:abcd'], expected_code=1) +@@ -71,6 +71,11 @@ def collection_test(realm, ccname): + realm.kinit('alice', password('alice')) + realm.run([klist], expected_msg='Default principal: alice@') + realm.run([klist, '-A', '-s']) ++ realm.run([kvno, realm.host_princ], expected_msg = 'kvno = 1') ++ realm.run([kvno, realm.host_princ], expected_msg = 'kvno = 1') ++ out = realm.run([klist]) ++ if out.count(realm.host_princ) != 1: ++ fail('Wrong number of service tickets in cache') + realm.run([kdestroy]) + output = realm.run([klist], expected_code=1) + if 'No credentials cache' not in output and 'not found' not in output: +@@ -126,14 +131,14 @@ def collection_test(realm, ccname): + + collection_test(realm, 'DIR:' + os.path.join(realm.testdir, 'cc')) + +-# Test KCM without and with GET_CRED_LIST support. ++# Test KCM with and without RETRIEVE and GET_CRED_LIST support. + kcmserver_path = os.path.join(srctop, 'tests', 'kcmserver.py') + kcmd = realm.start_server([sys.executable, kcmserver_path, kcm_socket_path], + 'starting...') + collection_test(realm, 'KCM:') + stop_daemon(kcmd) + os.remove(kcm_socket_path) +-realm.start_server([sys.executable, kcmserver_path, '-c', kcm_socket_path], ++realm.start_server([sys.executable, kcmserver_path, '-f', kcm_socket_path], + 'starting...') + collection_test(realm, 'KCM:') + diff --git a/SOURCES/Use-OpenSSL-s-KBKDF-and-KRB5KDF-for-deriving-long-te.patch b/SOURCES/Use-OpenSSL-s-KBKDF-and-KRB5KDF-for-deriving-long-te.patch new file mode 100644 index 0000000..927b506 --- /dev/null +++ b/SOURCES/Use-OpenSSL-s-KBKDF-and-KRB5KDF-for-deriving-long-te.patch @@ -0,0 +1,482 @@ +From 21e3b9a4463f1d1aeb71de8a27c298f1307d186b Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Fri, 4 Oct 2019 14:49:29 -0400 +Subject: [PATCH] Use OpenSSL's KBKDF and KRB5KDF for deriving long-term keys + +If supported, use OpenSSL-provided KBKDF (aes-sha2 and camellia) and +KRB5KDF (3des and aes-sha1). We already use OpenSSL's PBKDF2 where +appropriate. OpenSSL added support for these KDFs in 3.0. + +(cherry picked from commit ef8d11f6fb1232201c9efd2ae2ed567023fb85d2) +[rharwood@redhat.com: 3des removal] +--- + src/lib/crypto/krb/derive.c | 409 ++++++++++++++++++++++++++++-------- + 1 file changed, 324 insertions(+), 85 deletions(-) + +diff --git a/src/lib/crypto/krb/derive.c b/src/lib/crypto/krb/derive.c +index 6707a7308..8e474b38e 100644 +--- a/src/lib/crypto/krb/derive.c ++++ b/src/lib/crypto/krb/derive.c +@@ -27,6 +27,12 @@ + + #include "crypto_int.h" + ++#ifdef HAVE_EVP_KDF_FETCH ++#include ++#include ++#include ++#endif ++ + static krb5_key + find_cached_dkey(struct derived_key *list, const krb5_data *constant) + { +@@ -77,55 +83,251 @@ cleanup: + return ENOMEM; + } + ++#ifdef HAVE_EVP_KDF_FETCH + static krb5_error_code +-derive_random_rfc3961(const struct krb5_enc_provider *enc, +- krb5_key inkey, krb5_data *outrnd, +- const krb5_data *in_constant) ++openssl_kbdkf_counter_hmac(const struct krb5_hash_provider *hash, ++ krb5_key inkey, krb5_data *outrnd, ++ const krb5_data *label, const krb5_data *context) + { +- size_t blocksize, keybytes, n; + krb5_error_code ret; +- krb5_data block = empty_data(); ++ EVP_KDF *kdf = NULL; ++ EVP_KDF_CTX *kctx = NULL; ++ OSSL_PARAM params[6]; ++ size_t i = 0; ++ char *digest; + +- blocksize = enc->block_size; +- keybytes = enc->keybytes; ++ /* On NULL hash, preserve default behavior for pbkdf2_string_to_key(). */ ++ if (hash == NULL || !strcmp(hash->hash_name, "SHA1")) { ++ digest = "SHA1"; ++ } else if (!strcmp(hash->hash_name, "SHA-256")) { ++ digest = "SHA256"; ++ } else if (!strcmp(hash->hash_name, "SHA-384")) { ++ digest = "SHA384"; ++ } else { ++ ret = KRB5_CRYPTO_INTERNAL; ++ goto done; ++ } + +- if (blocksize == 1) +- return KRB5_BAD_ENCTYPE; +- if (inkey->keyblock.length != enc->keylength || outrnd->length != keybytes) ++ kdf = EVP_KDF_fetch(NULL, "KBKDF", NULL); ++ if (!kdf) { ++ ret = KRB5_CRYPTO_INTERNAL; ++ goto done; ++ } ++ ++ kctx = EVP_KDF_CTX_new(kdf); ++ if (!kctx) { ++ ret = KRB5_CRYPTO_INTERNAL; ++ goto done; ++ } ++ ++ params[i++] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, ++ digest, 0); ++ params[i++] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC, ++ "HMAC", 0); ++ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, ++ inkey->keyblock.contents, ++ inkey->keyblock.length); ++ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO, ++ context->data, ++ context->length); ++ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, ++ label->data, ++ label->length); ++ params[i] = OSSL_PARAM_construct_end(); ++ if (EVP_KDF_derive(kctx, (unsigned char *)outrnd->data, outrnd->length, ++ params) <= 0) { ++ ret = KRB5_CRYPTO_INTERNAL; ++ goto done; ++ } ++ ++ ret = 0; ++done: ++ if (ret) ++ zap(outrnd->data, outrnd->length); ++ EVP_KDF_free(kdf); ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++ ++static krb5_error_code ++openssl_kbkdf_feedback_cmac(const struct krb5_enc_provider *enc, ++ krb5_key inkey, krb5_data *outrnd, ++ const krb5_data *in_constant) ++{ ++ krb5_error_code ret; ++ EVP_KDF *kdf = NULL; ++ EVP_KDF_CTX *kctx = NULL; ++ OSSL_PARAM params[7]; ++ size_t i = 0; ++ char *cipher; ++ static unsigned char zeroes[16]; ++ ++ memset(zeroes, 0, sizeof(zeroes)); ++ ++ if (!memcmp(enc, &krb5int_enc_camellia128, sizeof(*enc))) { ++ cipher = "CAMELLIA-128-CBC"; ++ } else if (!memcmp(enc, &krb5int_enc_camellia256, sizeof(*enc))) { ++ cipher = "CAMELLIA-256-CBC"; ++ } else { ++ ret = KRB5_CRYPTO_INTERNAL; ++ goto done; ++ } ++ ++ kdf = EVP_KDF_fetch(NULL, "KBKDF", NULL); ++ if (!kdf) { ++ ret = KRB5_CRYPTO_INTERNAL; ++ goto done; ++ } ++ ++ kctx = EVP_KDF_CTX_new(kdf); ++ if (!kctx) { ++ ret = KRB5_CRYPTO_INTERNAL; ++ goto done; ++ } ++ ++ params[i++] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MODE, ++ "FEEDBACK", 0); ++ params[i++] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_MAC, ++ "CMAC", 0); ++ params[i++] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CIPHER, ++ cipher, 0); ++ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, ++ inkey->keyblock.contents, ++ inkey->keyblock.length); ++ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SALT, ++ in_constant->data, ++ in_constant->length); ++ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_SEED, ++ zeroes, sizeof(zeroes)); ++ params[i] = OSSL_PARAM_construct_end(); ++ if (EVP_KDF_derive(kctx, (unsigned char *)outrnd->data, outrnd->length, ++ params) <= 0) { ++ ret = KRB5_CRYPTO_INTERNAL; ++ goto done; ++ } ++ ++ ret = 0; ++done: ++ if (ret) ++ zap(outrnd->data, outrnd->length); ++ EVP_KDF_free(kdf); ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++ ++static krb5_error_code ++openssl_krb5kdf(const struct krb5_enc_provider *enc, krb5_key inkey, ++ krb5_data *outrnd, const krb5_data *in_constant) ++{ ++ krb5_error_code ret; ++ EVP_KDF *kdf = NULL; ++ EVP_KDF_CTX *kctx = NULL; ++ OSSL_PARAM params[4]; ++ size_t i = 0; ++ char *cipher; ++ ++ if (inkey->keyblock.length != enc->keylength || ++ outrnd->length != enc->keybytes) { ++ return KRB5_CRYPTO_INTERNAL; ++ } ++ ++ if (!memcmp(enc, &krb5int_enc_aes128, sizeof(*enc))) { ++ cipher = "AES-128-CBC"; ++ } else if (!memcmp(enc, &krb5int_enc_aes256, sizeof(*enc))) { ++ cipher = "AES-256-CBC"; ++ } else { ++ ret = KRB5_CRYPTO_INTERNAL; ++ goto done; ++ } ++ ++ kdf = EVP_KDF_fetch(NULL, "KRB5KDF", NULL); ++ if (kdf == NULL) { ++ ret = KRB5_CRYPTO_INTERNAL; ++ goto done; ++ } ++ ++ kctx = EVP_KDF_CTX_new(kdf); ++ if (kctx == NULL) { ++ ret = KRB5_CRYPTO_INTERNAL; ++ goto done; ++ } ++ ++ params[i++] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_CIPHER, ++ cipher, 0); ++ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, ++ inkey->keyblock.contents, ++ inkey->keyblock.length); ++ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_CONSTANT, ++ in_constant->data, ++ in_constant->length); ++ params[i] = OSSL_PARAM_construct_end(); ++ if (EVP_KDF_derive(kctx, (unsigned char *)outrnd->data, outrnd->length, ++ params) <= 0) { ++ ret = KRB5_CRYPTO_INTERNAL; ++ goto done; ++ } ++ ++ ret = 0; ++done: ++ if (ret) ++ zap(outrnd->data, outrnd->length); ++ EVP_KDF_free(kdf); ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++ ++#else /* HAVE_EVP_KDF_FETCH */ ++ ++/* ++ * NIST SP800-108 KDF in counter mode (section 5.1). ++ * Parameters: ++ * - HMAC (with hash as the hash provider) is the PRF. ++ * - A block counter of four bytes is used. ++ * - Four bytes are used to encode the output length in the PRF input. ++ * ++ * There are no uses requiring more than a single PRF invocation. ++ */ ++static krb5_error_code ++builtin_sp800_108_counter_hmac(const struct krb5_hash_provider *hash, ++ krb5_key inkey, krb5_data *outrnd, ++ const krb5_data *label, ++ const krb5_data *context) ++{ ++ krb5_crypto_iov iov[5]; ++ krb5_error_code ret; ++ krb5_data prf; ++ unsigned char ibuf[4], lbuf[4]; ++ ++ if (hash == NULL || outrnd->length > hash->hashsize) + return KRB5_CRYPTO_INTERNAL; + + /* Allocate encryption data buffer. */ +- ret = alloc_data(&block, blocksize); ++ ret = alloc_data(&prf, hash->hashsize); + if (ret) + return ret; + +- /* Initialize the input block. */ +- if (in_constant->length == blocksize) { +- memcpy(block.data, in_constant->data, blocksize); +- } else { +- krb5int_nfold(in_constant->length * 8, +- (unsigned char *) in_constant->data, +- blocksize * 8, (unsigned char *) block.data); +- } ++ /* [i]2: four-byte big-endian binary string giving the block counter (1) */ ++ iov[0].flags = KRB5_CRYPTO_TYPE_DATA; ++ iov[0].data = make_data(ibuf, sizeof(ibuf)); ++ store_32_be(1, ibuf); ++ /* Label */ ++ iov[1].flags = KRB5_CRYPTO_TYPE_DATA; ++ iov[1].data = *label; ++ /* 0x00: separator byte */ ++ iov[2].flags = KRB5_CRYPTO_TYPE_DATA; ++ iov[2].data = make_data("", 1); ++ /* Context */ ++ iov[3].flags = KRB5_CRYPTO_TYPE_DATA; ++ iov[3].data = *context; ++ /* [L]2: four-byte big-endian binary string giving the output length */ ++ iov[4].flags = KRB5_CRYPTO_TYPE_DATA; ++ iov[4].data = make_data(lbuf, sizeof(lbuf)); ++ store_32_be(outrnd->length * 8, lbuf); + +- /* Loop encrypting the blocks until enough key bytes are generated. */ +- n = 0; +- while (n < keybytes) { +- ret = encrypt_block(enc, inkey, &block); +- if (ret) +- goto cleanup; +- +- if ((keybytes - n) <= blocksize) { +- memcpy(outrnd->data + n, block.data, (keybytes - n)); +- break; +- } +- +- memcpy(outrnd->data + n, block.data, blocksize); +- n += blocksize; +- } +- +-cleanup: +- zapfree(block.data, blocksize); ++ ret = krb5int_hmac(hash, inkey, iov, 5, &prf); ++ if (!ret) ++ memcpy(outrnd->data, prf.data, outrnd->length); ++ zapfree(prf.data, prf.length); + return ret; + } + +@@ -139,9 +341,9 @@ cleanup: + * - Four bytes are used to encode the output length in the PRF input. + */ + static krb5_error_code +-derive_random_sp800_108_feedback_cmac(const struct krb5_enc_provider *enc, +- krb5_key inkey, krb5_data *outrnd, +- const krb5_data *in_constant) ++builtin_sp800_108_feedback_cmac(const struct krb5_enc_provider *enc, ++ krb5_key inkey, krb5_data *outrnd, ++ const krb5_data *in_constant) + { + size_t blocksize, keybytes, n; + krb5_crypto_iov iov[6]; +@@ -204,56 +406,94 @@ cleanup: + return ret; + } + +-/* +- * NIST SP800-108 KDF in counter mode (section 5.1). +- * Parameters: +- * - HMAC (with hash as the hash provider) is the PRF. +- * - A block counter of four bytes is used. +- * - Four bytes are used to encode the output length in the PRF input. +- * +- * There are no uses requiring more than a single PRF invocation. +- */ ++static krb5_error_code ++builtin_derive_random_rfc3961(const struct krb5_enc_provider *enc, ++ krb5_key inkey, krb5_data *outrnd, ++ const krb5_data *in_constant) ++{ ++ size_t blocksize, keybytes, n; ++ krb5_error_code ret; ++ krb5_data block = empty_data(); ++ ++ blocksize = enc->block_size; ++ keybytes = enc->keybytes; ++ ++ if (blocksize == 1) ++ return KRB5_BAD_ENCTYPE; ++ if (inkey->keyblock.length != enc->keylength || outrnd->length != keybytes) ++ return KRB5_CRYPTO_INTERNAL; ++ ++ /* Allocate encryption data buffer. */ ++ ret = alloc_data(&block, blocksize); ++ if (ret) ++ return ret; ++ ++ /* Initialize the input block. */ ++ if (in_constant->length == blocksize) { ++ memcpy(block.data, in_constant->data, blocksize); ++ } else { ++ krb5int_nfold(in_constant->length * 8, ++ (unsigned char *) in_constant->data, ++ blocksize * 8, (unsigned char *) block.data); ++ } ++ ++ /* Loop encrypting the blocks until enough key bytes are generated. */ ++ n = 0; ++ while (n < keybytes) { ++ ret = encrypt_block(enc, inkey, &block); ++ if (ret) ++ goto cleanup; ++ ++ if ((keybytes - n) <= blocksize) { ++ memcpy(outrnd->data + n, block.data, (keybytes - n)); ++ break; ++ } ++ ++ memcpy(outrnd->data + n, block.data, blocksize); ++ n += blocksize; ++ } ++ ++cleanup: ++ zapfree(block.data, blocksize); ++ return ret; ++} ++#endif /* HAVE_EVP_KDF_FETCH */ ++ + krb5_error_code + k5_sp800_108_counter_hmac(const struct krb5_hash_provider *hash, + krb5_key inkey, krb5_data *outrnd, + const krb5_data *label, const krb5_data *context) + { +- krb5_crypto_iov iov[5]; +- krb5_error_code ret; +- krb5_data prf; +- unsigned char ibuf[4], lbuf[4]; ++#ifdef HAVE_EVP_KDF_FETCH ++ return openssl_kbdkf_counter_hmac(hash, inkey, outrnd, label, context); ++#else ++ return builtin_sp800_108_counter_hmac(hash, inkey, outrnd, label, ++ context); ++#endif ++} + +- if (hash == NULL || outrnd->length > hash->hashsize) +- return KRB5_CRYPTO_INTERNAL; ++static krb5_error_code ++sp800_108_feedback_cmac(const struct krb5_enc_provider *enc, ++ krb5_key inkey, krb5_data *outrnd, ++ const krb5_data *in_constant) ++{ ++#ifdef HAVE_EVP_KDF_FETCH ++ return openssl_kbkdf_feedback_cmac(enc, inkey, outrnd, in_constant); ++#else ++ return builtin_sp800_108_feedback_cmac(enc, inkey, outrnd, in_constant); ++#endif ++} + +- /* Allocate encryption data buffer. */ +- ret = alloc_data(&prf, hash->hashsize); +- if (ret) +- return ret; +- +- /* [i]2: four-byte big-endian binary string giving the block counter (1) */ +- iov[0].flags = KRB5_CRYPTO_TYPE_DATA; +- iov[0].data = make_data(ibuf, sizeof(ibuf)); +- store_32_be(1, ibuf); +- /* Label */ +- iov[1].flags = KRB5_CRYPTO_TYPE_DATA; +- iov[1].data = *label; +- /* 0x00: separator byte */ +- iov[2].flags = KRB5_CRYPTO_TYPE_DATA; +- iov[2].data = make_data("", 1); +- /* Context */ +- iov[3].flags = KRB5_CRYPTO_TYPE_DATA; +- iov[3].data = *context; +- /* [L]2: four-byte big-endian binary string giving the output length */ +- iov[4].flags = KRB5_CRYPTO_TYPE_DATA; +- iov[4].data = make_data(lbuf, sizeof(lbuf)); +- store_32_be(outrnd->length * 8, lbuf); +- +- ret = krb5int_hmac(hash, inkey, iov, 5, &prf); +- if (!ret) +- memcpy(outrnd->data, prf.data, outrnd->length); +- zapfree(prf.data, prf.length); +- return ret; ++static krb5_error_code ++derive_random_rfc3961(const struct krb5_enc_provider *enc, ++ krb5_key inkey, krb5_data *outrnd, ++ const krb5_data *in_constant) ++{ ++#ifdef HAVE_EVP_KDF_FETCH ++ return openssl_krb5kdf(enc, inkey, outrnd, in_constant); ++#else ++ return builtin_derive_random_rfc3961(enc, inkey, outrnd, in_constant); ++#endif + } + + krb5_error_code +@@ -268,8 +508,7 @@ krb5int_derive_random(const struct krb5_enc_provider *enc, + case DERIVE_RFC3961: + return derive_random_rfc3961(enc, inkey, outrnd, in_constant); + case DERIVE_SP800_108_CMAC: +- return derive_random_sp800_108_feedback_cmac(enc, inkey, outrnd, +- in_constant); ++ return sp800_108_feedback_cmac(enc, inkey, outrnd, in_constant); + case DERIVE_SP800_108_HMAC: + return k5_sp800_108_counter_hmac(hash, inkey, outrnd, in_constant, + &empty); diff --git a/SOURCES/Use-OpenSSL-s-SSKDF-in-PKINIT-when-available.patch b/SOURCES/Use-OpenSSL-s-SSKDF-in-PKINIT-when-available.patch new file mode 100644 index 0000000..0a9cde1 --- /dev/null +++ b/SOURCES/Use-OpenSSL-s-SSKDF-in-PKINIT-when-available.patch @@ -0,0 +1,408 @@ +From 8bbb492f2be1418e1e4bb2cf197414810dac9589 Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Fri, 20 Sep 2019 17:20:59 -0400 +Subject: [PATCH] Use OpenSSL's SSKDF in PKINIT when available + +Starting in 3.0, OpenSSL implements SSKDF, which is the basis of our +id-pkinit-kdf (RFC 8636). Factor out common setup code around +other_info. Adjust code to comply to existing style. + +(cherry picked from commit 4376a22e41fb639be31daf81275a332d3f930996) +--- + .../preauth/pkinit/pkinit_crypto_openssl.c | 294 +++++++++++------- + 1 file changed, 181 insertions(+), 113 deletions(-) + +diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c +index e1153344e..350c2118a 100644 +--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c ++++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c +@@ -38,6 +38,12 @@ + #include + #include + ++#ifdef HAVE_EVP_KDF_FETCH ++#include ++#include ++#include ++#endif ++ + static krb5_error_code pkinit_init_pkinit_oids(pkinit_plg_crypto_context ); + static void pkinit_fini_pkinit_oids(pkinit_plg_crypto_context ); + +@@ -2294,15 +2300,16 @@ cleanup: + } + + +-/** ++/* + * Given an algorithm_identifier, this function returns the hash length + * and EVP function associated with that algorithm. ++ * ++ * RFC 8636 defines a SHA384 variant, but we don't use it. + */ + static krb5_error_code +-pkinit_alg_values(krb5_context context, +- const krb5_data *alg_id, +- size_t *hash_bytes, +- const EVP_MD *(**func)(void)) ++pkinit_alg_values(krb5_context context, const krb5_data *alg_id, ++ size_t *hash_bytes, const EVP_MD *(**func)(void), ++ char **hash_name) + { + *hash_bytes = 0; + *func = NULL; +@@ -2311,18 +2318,21 @@ pkinit_alg_values(krb5_context context, + krb5_pkinit_sha1_oid_len))) { + *hash_bytes = 20; + *func = &EVP_sha1; ++ *hash_name = strdup("SHA1"); + return 0; + } else if ((alg_id->length == krb5_pkinit_sha256_oid_len) && + (0 == memcmp(alg_id->data, krb5_pkinit_sha256_oid, + krb5_pkinit_sha256_oid_len))) { + *hash_bytes = 32; + *func = &EVP_sha256; ++ *hash_name = strdup("SHA256"); + return 0; + } else if ((alg_id->length == krb5_pkinit_sha512_oid_len) && + (0 == memcmp(alg_id->data, krb5_pkinit_sha512_oid, + krb5_pkinit_sha512_oid_len))) { + *hash_bytes = 64; + *func = &EVP_sha512; ++ *hash_name = strdup("SHA512"); + return 0; + } else { + krb5_set_error_message(context, KRB5_ERR_BAD_S2K_PARAMS, +@@ -2331,11 +2341,60 @@ pkinit_alg_values(krb5_context context, + } + } /* pkinit_alg_values() */ + ++#ifdef HAVE_EVP_KDF_FETCH ++static krb5_error_code ++openssl_sskdf(krb5_context context, size_t hash_bytes, krb5_data *key, ++ krb5_data *info, char *out, size_t out_len, char *digest) ++{ ++ krb5_error_code ret; ++ EVP_KDF *kdf = NULL; ++ EVP_KDF_CTX *kctx = NULL; ++ OSSL_PARAM params[4]; ++ size_t i = 0; + +-/* pkinit_alg_agility_kdf() -- +- * This function generates a key using the KDF described in +- * draft_ietf_krb_wg_pkinit_alg_agility-04.txt. The algorithm is +- * described as follows: ++ if (digest == NULL) { ++ ret = oerr(context, ENOMEM, ++ _("Failed to allocate space for digest algorithm name")); ++ goto done; ++ } ++ ++ kdf = EVP_KDF_fetch(NULL, "SSKDF", NULL); ++ if (kdf == NULL) { ++ ret = oerr(context, KRB5_CRYPTO_INTERNAL, _("Failed to fetch SSKDF")); ++ goto done; ++ } ++ ++ kctx = EVP_KDF_CTX_new(kdf); ++ if (!kctx) { ++ ret = oerr(context, KRB5_CRYPTO_INTERNAL, ++ _("Failed to instantiate SSKDF")); ++ goto done; ++ } ++ ++ params[i++] = OSSL_PARAM_construct_utf8_string(OSSL_KDF_PARAM_DIGEST, ++ digest, 0); ++ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_KEY, ++ key->data, key->length); ++ params[i++] = OSSL_PARAM_construct_octet_string(OSSL_KDF_PARAM_INFO, ++ info->data, info->length); ++ params[i] = OSSL_PARAM_construct_end(); ++ if (EVP_KDF_derive(kctx, (unsigned char *)out, out_len, params) <= 0) { ++ ret = oerr(context, KRB5_CRYPTO_INTERNAL, ++ _("Failed to derive key using SSKDF")); ++ goto done; ++ } ++ ++ ret = 0; ++done: ++ EVP_KDF_free(kdf); ++ EVP_KDF_CTX_free(kctx); ++ return ret; ++} ++#else ++/* ++ * Generate a key using the KDF described in RFC 8636, also known as SSKDF ++ * (single-step kdf). Our caller precomputes `reps`, but otherwise the ++ * algorithm is as follows: + * + * 1. reps = keydatalen (K) / hash length (H) + * +@@ -2349,95 +2408,16 @@ pkinit_alg_values(krb5_context context, + * + * 4. Set key = Hash1 || Hash2 || ... so that length of key is K bytes. + */ +-krb5_error_code +-pkinit_alg_agility_kdf(krb5_context context, +- krb5_data *secret, +- krb5_data *alg_oid, +- krb5_const_principal party_u_info, +- krb5_const_principal party_v_info, +- krb5_enctype enctype, +- krb5_data *as_req, +- krb5_data *pk_as_rep, +- krb5_keyblock *key_block) ++static krb5_error_code ++builtin_sskdf(krb5_context context, unsigned int reps, size_t hash_len, ++ const EVP_MD *(*EVP_func)(void), krb5_data *secret, ++ krb5_data *other_info, char *out, size_t out_len) + { +- krb5_error_code retval = 0; ++ krb5_error_code ret = 0; + +- unsigned int reps = 0; +- uint32_t counter = 1; /* Does this type work on Windows? */ ++ uint32_t counter = 1; + size_t offset = 0; +- size_t hash_len = 0; +- size_t rand_len = 0; +- size_t key_len = 0; +- krb5_data random_data; +- krb5_sp80056a_other_info other_info_fields; +- krb5_pkinit_supp_pub_info supp_pub_info_fields; +- krb5_data *other_info = NULL; +- krb5_data *supp_pub_info = NULL; +- krb5_algorithm_identifier alg_id; + EVP_MD_CTX *ctx = NULL; +- const EVP_MD *(*EVP_func)(void); +- +- /* initialize random_data here to make clean-up safe */ +- random_data.length = 0; +- random_data.data = NULL; +- +- /* allocate and initialize the key block */ +- key_block->magic = 0; +- key_block->enctype = enctype; +- if (0 != (retval = krb5_c_keylengths(context, enctype, &rand_len, +- &key_len))) +- goto cleanup; +- +- random_data.length = rand_len; +- key_block->length = key_len; +- +- if (NULL == (key_block->contents = malloc(key_block->length))) { +- retval = ENOMEM; +- goto cleanup; +- } +- +- memset (key_block->contents, 0, key_block->length); +- +- /* If this is anonymous pkinit, use the anonymous principle for party_u_info */ +- if (party_u_info && krb5_principal_compare_any_realm(context, party_u_info, +- krb5_anonymous_principal())) +- party_u_info = (krb5_principal)krb5_anonymous_principal(); +- +- if (0 != (retval = pkinit_alg_values(context, alg_oid, &hash_len, &EVP_func))) +- goto cleanup; +- +- /* 1. reps = keydatalen (K) / hash length (H) */ +- reps = key_block->length/hash_len; +- +- /* ... and round up, if necessary */ +- if (key_block->length > (reps * hash_len)) +- reps++; +- +- /* Allocate enough space in the random data buffer to hash directly into +- * it, even if the last hash will make it bigger than the key length. */ +- if (NULL == (random_data.data = malloc(reps * hash_len))) { +- retval = ENOMEM; +- goto cleanup; +- } +- +- /* Encode the ASN.1 octet string for "SuppPubInfo" */ +- supp_pub_info_fields.enctype = enctype; +- supp_pub_info_fields.as_req = *as_req; +- supp_pub_info_fields.pk_as_rep = *pk_as_rep; +- if (0 != ((retval = encode_krb5_pkinit_supp_pub_info(&supp_pub_info_fields, +- &supp_pub_info)))) +- goto cleanup; +- +- /* Now encode the ASN.1 octet string for "OtherInfo" */ +- memset(&alg_id, 0, sizeof alg_id); +- alg_id.algorithm = *alg_oid; /*alias*/ +- +- other_info_fields.algorithm_identifier = alg_id; +- other_info_fields.party_u_info = (krb5_principal) party_u_info; +- other_info_fields.party_v_info = (krb5_principal) party_v_info; +- other_info_fields.supp_pub_info = *supp_pub_info; +- if (0 != (retval = encode_krb5_sp80056a_other_info(&other_info_fields, &other_info))) +- goto cleanup; + + /* 2. Initialize a 32-bit, big-endian bit string counter as 1. + * 3. For i = 1 to reps by 1, do the following: +@@ -2450,7 +2430,7 @@ pkinit_alg_agility_kdf(krb5_context context, + + ctx = EVP_MD_CTX_new(); + if (ctx == NULL) { +- retval = KRB5_CRYPTO_INTERNAL; ++ ret = KRB5_CRYPTO_INTERNAL; + goto cleanup; + } + +@@ -2458,7 +2438,7 @@ pkinit_alg_agility_kdf(krb5_context context, + if (!EVP_DigestInit(ctx, EVP_func())) { + krb5_set_error_message(context, KRB5_CRYPTO_INTERNAL, + "Call to OpenSSL EVP_DigestInit() returned an error."); +- retval = KRB5_CRYPTO_INTERNAL; ++ ret = KRB5_CRYPTO_INTERNAL; + goto cleanup; + } + +@@ -2467,15 +2447,16 @@ pkinit_alg_agility_kdf(krb5_context context, + !EVP_DigestUpdate(ctx, other_info->data, other_info->length)) { + krb5_set_error_message(context, KRB5_CRYPTO_INTERNAL, + "Call to OpenSSL EVP_DigestUpdate() returned an error."); +- retval = KRB5_CRYPTO_INTERNAL; ++ ret = KRB5_CRYPTO_INTERNAL; + goto cleanup; + } + +- /* 4. Set key = Hash1 || Hash2 || ... so that length of key is K bytes. */ +- if (!EVP_DigestFinal(ctx, (uint8_t *)random_data.data + offset, &s)) { ++ /* 4. Set key = Hash1 || Hash2 || ... so that length of key is K ++ * bytes. */ ++ if (!EVP_DigestFinal(ctx, (unsigned char *)out + offset, &s)) { + krb5_set_error_message(context, KRB5_CRYPTO_INTERNAL, + "Call to OpenSSL EVP_DigestUpdate() returned an error."); +- retval = KRB5_CRYPTO_INTERNAL; ++ ret = KRB5_CRYPTO_INTERNAL; + goto cleanup; + } + offset += s; +@@ -2484,26 +2465,113 @@ pkinit_alg_agility_kdf(krb5_context context, + EVP_MD_CTX_free(ctx); + ctx = NULL; + } +- +- retval = krb5_c_random_to_key(context, enctype, &random_data, +- key_block); +- + cleanup: + EVP_MD_CTX_free(ctx); ++ return ret; ++} /* builtin_sskdf() */ ++#endif /* HAVE_EVP_KDF_FETCH */ + +- /* If this has been an error, free the allocated key_block, if any */ +- if (retval) { +- krb5_free_keyblock_contents(context, key_block); ++/* id-pkinit-kdf family, as specified by RFC 8636. */ ++krb5_error_code ++pkinit_alg_agility_kdf(krb5_context context, krb5_data *secret, ++ krb5_data *alg_oid, krb5_const_principal party_u_info, ++ krb5_const_principal party_v_info, ++ krb5_enctype enctype, krb5_data *as_req, ++ krb5_data *pk_as_rep, krb5_keyblock *key_block) ++{ ++ krb5_error_code ret; ++ size_t hash_len = 0, rand_len = 0, key_len = 0; ++ const EVP_MD *(*EVP_func)(void); ++ krb5_sp80056a_other_info other_info_fields; ++ krb5_pkinit_supp_pub_info supp_pub_info_fields; ++ krb5_data *other_info = NULL, *supp_pub_info = NULL; ++ krb5_data random_data = empty_data(); ++ krb5_algorithm_identifier alg_id; ++ unsigned int reps; ++ char *hash_name = NULL; ++ ++ /* Allocate and initialize the key block. */ ++ key_block->magic = 0; ++ key_block->enctype = enctype; ++ ++ /* Use separate variables to avoid alignment restriction problems. */ ++ ret = krb5_c_keylengths(context, enctype, &rand_len, &key_len); ++ if (ret) ++ goto cleanup; ++ random_data.length = rand_len; ++ key_block->length = key_len; ++ ++ key_block->contents = k5calloc(key_block->length, 1, &ret); ++ if (key_block->contents == NULL) ++ goto cleanup; ++ ++ /* If this is anonymous pkinit, use the anonymous principle for ++ * party_u_info. */ ++ if (party_u_info && ++ krb5_principal_compare_any_realm(context, party_u_info, ++ krb5_anonymous_principal())) { ++ party_u_info = (krb5_principal)krb5_anonymous_principal(); + } + +- /* free other allocated resources, either way */ +- if (random_data.data) +- free(random_data.data); ++ ret = pkinit_alg_values(context, alg_oid, &hash_len, &EVP_func, ++ &hash_name); ++ if (ret) ++ goto cleanup; ++ ++ /* 1. reps = keydatalen (K) / hash length (H) */ ++ reps = key_block->length / hash_len; ++ ++ /* ... and round up, if necessary. */ ++ if (key_block->length > (reps * hash_len)) ++ reps++; ++ ++ /* Allocate enough space in the random data buffer to hash directly into ++ * it, even if the last hash will make it bigger than the key length. */ ++ random_data.data = k5alloc(reps * hash_len, &ret); ++ if (random_data.data == NULL) ++ goto cleanup; ++ ++ /* Encode the ASN.1 octet string for "SuppPubInfo". */ ++ supp_pub_info_fields.enctype = enctype; ++ supp_pub_info_fields.as_req = *as_req; ++ supp_pub_info_fields.pk_as_rep = *pk_as_rep; ++ ret = encode_krb5_pkinit_supp_pub_info(&supp_pub_info_fields, ++ &supp_pub_info); ++ if (ret) ++ goto cleanup; ++ ++ /* Now encode the ASN.1 octet string for "OtherInfo". */ ++ memset(&alg_id, 0, sizeof(alg_id)); ++ alg_id.algorithm = *alg_oid; ++ other_info_fields.algorithm_identifier = alg_id; ++ other_info_fields.party_u_info = (krb5_principal)party_u_info; ++ other_info_fields.party_v_info = (krb5_principal)party_v_info; ++ other_info_fields.supp_pub_info = *supp_pub_info; ++ ret = encode_krb5_sp80056a_other_info(&other_info_fields, &other_info); ++ if (ret) ++ goto cleanup; ++ ++#ifdef HAVE_EVP_KDF_FETCH ++ ret = openssl_sskdf(context, hash_len, secret, other_info, ++ random_data.data, key_block->length, hash_name); ++#else ++ ret = builtin_sskdf(context, reps, hash_len, EVP_func, secret, ++ other_info, random_data.data, key_block->length); ++#endif ++ if (ret) ++ goto cleanup; ++ ++ ret = krb5_c_random_to_key(context, enctype, &random_data, key_block); ++cleanup: ++ if (ret) ++ krb5_free_keyblock_contents(context, key_block); ++ ++ free(hash_name); ++ zapfree(random_data.data, random_data.length); + krb5_free_data(context, other_info); + krb5_free_data(context, supp_pub_info); +- +- return retval; +-} /*pkinit_alg_agility_kdf() */ ++ return ret; ++} + + /* Call DH_compute_key() and ensure that we left-pad short results instead of + * leaving junk bytes at the end of the buffer. */ diff --git a/SOURCES/downstream-FIPS-with-PRNG-and-RADIUS-and-MD4.patch b/SOURCES/downstream-FIPS-with-PRNG-and-RADIUS-and-MD4.patch new file mode 100644 index 0000000..3de59f1 --- /dev/null +++ b/SOURCES/downstream-FIPS-with-PRNG-and-RADIUS-and-MD4.patch @@ -0,0 +1,602 @@ +From d2b050a5acfacd8d400560ae097f6d5f392d7398 Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Fri, 9 Nov 2018 15:12:21 -0500 +Subject: [PATCH] [downstream] FIPS with PRNG and RADIUS and MD4 + +NB: Use openssl's PRNG in FIPS mode and taint within krad. + +A lot of the FIPS error conditions from OpenSSL are incredibly +mysterious (at best, things return NULL unexpectedly; at worst, +internal assertions are tripped; most of the time, you just get +ENOMEM). In order to cope with this, we need to have some level of +awareness of what we can and can't safely call. + +This will slow down some calls slightly (FIPS_mode() takes multiple +locks), but not for any ciphers we care about - which is to say that +AES is fine. Shame about SPAKE though. + +post6 restores MD4 (and therefore keygen-only RC4). + +post7 restores MD5 and adds radius_md5_fips_override. + +Last-updated: krb5-1.17 +--- + doc/admin/conf_files/krb5_conf.rst | 6 +++ + src/lib/crypto/krb/prng.c | 11 ++++- + .../crypto/openssl/enc_provider/camellia.c | 6 +++ + src/lib/crypto/openssl/enc_provider/rc4.c | 13 +++++- + .../crypto/openssl/hash_provider/hash_evp.c | 12 +++++ + src/lib/crypto/openssl/hmac.c | 6 ++- + src/lib/krad/attr.c | 46 ++++++++++++++----- + src/lib/krad/attrset.c | 5 +- + src/lib/krad/internal.h | 28 ++++++++++- + src/lib/krad/packet.c | 22 +++++---- + src/lib/krad/remote.c | 10 +++- + src/lib/krad/t_attr.c | 3 +- + src/lib/krad/t_attrset.c | 4 +- + src/plugins/preauth/spake/spake_client.c | 6 +++ + src/plugins/preauth/spake/spake_kdc.c | 6 +++ + 15 files changed, 151 insertions(+), 33 deletions(-) + +diff --git a/doc/admin/conf_files/krb5_conf.rst b/doc/admin/conf_files/krb5_conf.rst +index 675175955..adba8238d 100644 +--- a/doc/admin/conf_files/krb5_conf.rst ++++ b/doc/admin/conf_files/krb5_conf.rst +@@ -330,6 +330,12 @@ The libdefaults section may contain any of the following relations: + qualification of shortnames, set this relation to the empty string + with ``qualify_shortname = ""``. (New in release 1.18.) + ++**radius_md5_fips_override** ++ Downstream-only option to enable use of MD5 in RADIUS ++ communication (libkrad). This allows for local (or protected ++ tunnel) communication with a RADIUS server that doesn't use krad ++ (e.g., freeradius) while in FIPS mode. ++ + **rdns** + If this flag is true, reverse name lookup will be used in addition + to forward name lookup to canonicalizing hostnames for use in +diff --git a/src/lib/crypto/krb/prng.c b/src/lib/crypto/krb/prng.c +index cb9ca9b98..f0e9984ca 100644 +--- a/src/lib/crypto/krb/prng.c ++++ b/src/lib/crypto/krb/prng.c +@@ -26,6 +26,8 @@ + + #include "crypto_int.h" + ++#include ++ + krb5_error_code KRB5_CALLCONV + krb5_c_random_seed(krb5_context context, krb5_data *data) + { +@@ -99,9 +101,16 @@ krb5_boolean + k5_get_os_entropy(unsigned char *buf, size_t len, int strong) + { + const char *device; +-#if defined(__linux__) && defined(SYS_getrandom) + int r; + ++ /* A wild FIPS mode appeared! */ ++ if (FIPS_mode()) { ++ /* The return codes on this API are not good */ ++ r = RAND_bytes(buf, len); ++ return r == 1; ++ } ++ ++#if defined(__linux__) && defined(SYS_getrandom) + while (len > 0) { + /* + * Pull from the /dev/urandom pool, but require it to have been seeded. +diff --git a/src/lib/crypto/openssl/enc_provider/camellia.c b/src/lib/crypto/openssl/enc_provider/camellia.c +index 2da691329..f79679a0b 100644 +--- a/src/lib/crypto/openssl/enc_provider/camellia.c ++++ b/src/lib/crypto/openssl/enc_provider/camellia.c +@@ -304,6 +304,9 @@ krb5int_camellia_cbc_mac(krb5_key key, const krb5_crypto_iov *data, + unsigned char blockY[CAMELLIA_BLOCK_SIZE], blockB[CAMELLIA_BLOCK_SIZE]; + struct iov_cursor cursor; + ++ if (FIPS_mode()) ++ return KRB5_CRYPTO_INTERNAL; ++ + if (output->length < CAMELLIA_BLOCK_SIZE) + return KRB5_BAD_MSIZE; + +@@ -331,6 +334,9 @@ static krb5_error_code + krb5int_camellia_init_state (const krb5_keyblock *key, krb5_keyusage usage, + krb5_data *state) + { ++ if (FIPS_mode()) ++ return KRB5_CRYPTO_INTERNAL; ++ + state->length = 16; + state->data = (void *) malloc(16); + if (state->data == NULL) +diff --git a/src/lib/crypto/openssl/enc_provider/rc4.c b/src/lib/crypto/openssl/enc_provider/rc4.c +index bc87c6f42..9bf407899 100644 +--- a/src/lib/crypto/openssl/enc_provider/rc4.c ++++ b/src/lib/crypto/openssl/enc_provider/rc4.c +@@ -66,6 +66,9 @@ k5_arcfour_docrypt(krb5_key key, const krb5_data *state, krb5_crypto_iov *data, + EVP_CIPHER_CTX *ctx = NULL; + struct arcfour_state *arcstate; + ++ if (FIPS_mode()) ++ return KRB5_CRYPTO_INTERNAL; ++ + arcstate = (state != NULL) ? (void *)state->data : NULL; + if (arcstate != NULL) { + ctx = arcstate->ctx; +@@ -113,7 +116,12 @@ k5_arcfour_docrypt(krb5_key key, const krb5_data *state, krb5_crypto_iov *data, + static void + k5_arcfour_free_state(krb5_data *state) + { +- struct arcfour_state *arcstate = (void *)state->data; ++ struct arcfour_state *arcstate; ++ ++ if (FIPS_mode()) ++ return; ++ ++ arcstate = (void *) state->data; + + EVP_CIPHER_CTX_free(arcstate->ctx); + free(arcstate); +@@ -125,6 +133,9 @@ k5_arcfour_init_state(const krb5_keyblock *key, + { + struct arcfour_state *arcstate; + ++ if (FIPS_mode()) ++ return KRB5_CRYPTO_INTERNAL; ++ + /* + * The cipher state here is a saved pointer to a struct arcfour_state + * object, rather than a flat byte array as in most enc providers. The +diff --git a/src/lib/crypto/openssl/hash_provider/hash_evp.c b/src/lib/crypto/openssl/hash_provider/hash_evp.c +index 1e0fb8fc3..2eb5139c0 100644 +--- a/src/lib/crypto/openssl/hash_provider/hash_evp.c ++++ b/src/lib/crypto/openssl/hash_provider/hash_evp.c +@@ -49,6 +49,11 @@ hash_evp(const EVP_MD *type, const krb5_crypto_iov *data, size_t num_data, + if (ctx == NULL) + return ENOMEM; + ++ if (type == EVP_md4() || type == EVP_md5()) { ++ /* See comments below in hash_md4() and hash_md5(). */ ++ EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW); ++ } ++ + ok = EVP_DigestInit_ex(ctx, type, NULL); + for (i = 0; i < num_data; i++) { + if (!SIGN_IOV(&data[i])) +@@ -64,12 +69,19 @@ hash_evp(const EVP_MD *type, const krb5_crypto_iov *data, size_t num_data, + static krb5_error_code + hash_md4(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) + { ++ /* ++ * MD4 is needed in FIPS mode to perform key generation for RC4 keys used ++ * by IPA. These keys are only used along a (separately) secured channel ++ * for legacy reasons when performing trusts to Active Directory. ++ */ + return hash_evp(EVP_md4(), data, num_data, output); + } + + static krb5_error_code + hash_md5(const krb5_crypto_iov *data, size_t num_data, krb5_data *output) + { ++ /* MD5 is needed in FIPS mode for communication with RADIUS servers. This ++ * is gated in libkrad by libdefaults->radius_md5_fips_override. */ + return hash_evp(EVP_md5(), data, num_data, output); + } + +diff --git a/src/lib/crypto/openssl/hmac.c b/src/lib/crypto/openssl/hmac.c +index 7dc59dcc0..769a50c00 100644 +--- a/src/lib/crypto/openssl/hmac.c ++++ b/src/lib/crypto/openssl/hmac.c +@@ -103,7 +103,11 @@ map_digest(const struct krb5_hash_provider *hash) + return EVP_sha256(); + else if (!strncmp(hash->hash_name, "SHA-384",7)) + return EVP_sha384(); +- else if (!strncmp(hash->hash_name, "MD5", 3)) ++ ++ if (FIPS_mode()) ++ return NULL; ++ ++ if (!strncmp(hash->hash_name, "MD5", 3)) + return EVP_md5(); + else if (!strncmp(hash->hash_name, "MD4", 3)) + return EVP_md4(); +diff --git a/src/lib/krad/attr.c b/src/lib/krad/attr.c +index 9c13d9d75..42d354a3b 100644 +--- a/src/lib/krad/attr.c ++++ b/src/lib/krad/attr.c +@@ -38,7 +38,8 @@ + typedef krb5_error_code + (*attribute_transform_fn)(krb5_context ctx, const char *secret, + const unsigned char *auth, const krb5_data *in, +- unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen); ++ unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen, ++ krb5_boolean *is_fips); + + typedef struct { + const char *name; +@@ -51,12 +52,14 @@ typedef struct { + static krb5_error_code + user_password_encode(krb5_context ctx, const char *secret, + const unsigned char *auth, const krb5_data *in, +- unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen); ++ unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen, ++ krb5_boolean *is_fips); + + static krb5_error_code + user_password_decode(krb5_context ctx, const char *secret, + const unsigned char *auth, const krb5_data *in, +- unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen); ++ unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen, ++ krb5_boolean *ignored); + + static const attribute_record attributes[UCHAR_MAX] = { + {"User-Name", 1, MAX_ATTRSIZE, NULL, NULL}, +@@ -128,7 +131,8 @@ static const attribute_record attributes[UCHAR_MAX] = { + static krb5_error_code + user_password_encode(krb5_context ctx, const char *secret, + const unsigned char *auth, const krb5_data *in, +- unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen) ++ unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen, ++ krb5_boolean *is_fips) + { + const unsigned char *indx; + krb5_error_code retval; +@@ -154,8 +158,15 @@ user_password_encode(krb5_context ctx, const char *secret, + for (blck = 0, indx = auth; blck * BLOCKSIZE < len; blck++) { + memcpy(tmp.data + seclen, indx, BLOCKSIZE); + +- retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0, &tmp, +- &sum); ++ if (kr_use_fips(ctx)) { ++ /* Skip encryption here. Taint so that we won't pass it out of ++ * the machine by accident. */ ++ *is_fips = TRUE; ++ sum.contents = calloc(1, BLOCKSIZE); ++ } else { ++ retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0, &tmp, ++ &sum); ++ } + if (retval != 0) { + zap(tmp.data, tmp.length); + zap(outbuf, len); +@@ -180,7 +191,8 @@ user_password_encode(krb5_context ctx, const char *secret, + static krb5_error_code + user_password_decode(krb5_context ctx, const char *secret, + const unsigned char *auth, const krb5_data *in, +- unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen) ++ unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen, ++ krb5_boolean *is_fips) + { + const unsigned char *indx; + krb5_error_code retval; +@@ -204,8 +216,15 @@ user_password_decode(krb5_context ctx, const char *secret, + for (blck = 0, indx = auth; blck * BLOCKSIZE < in->length; blck++) { + memcpy(tmp.data + seclen, indx, BLOCKSIZE); + +- retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0, +- &tmp, &sum); ++ if (kr_use_fips(ctx)) { ++ /* Skip encryption here. Taint so that we won't pass it out of ++ * the machine by accident. */ ++ *is_fips = TRUE; ++ sum.contents = calloc(1, BLOCKSIZE); ++ } else { ++ retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0, ++ &tmp, &sum); ++ } + if (retval != 0) { + zap(tmp.data, tmp.length); + zap(outbuf, in->length); +@@ -248,7 +267,7 @@ krb5_error_code + kr_attr_encode(krb5_context ctx, const char *secret, + const unsigned char *auth, krad_attr type, + const krb5_data *in, unsigned char outbuf[MAX_ATTRSIZE], +- size_t *outlen) ++ size_t *outlen, krb5_boolean *is_fips) + { + krb5_error_code retval; + +@@ -265,7 +284,8 @@ kr_attr_encode(krb5_context ctx, const char *secret, + return 0; + } + +- return attributes[type - 1].encode(ctx, secret, auth, in, outbuf, outlen); ++ return attributes[type - 1].encode(ctx, secret, auth, in, outbuf, outlen, ++ is_fips); + } + + krb5_error_code +@@ -274,6 +294,7 @@ kr_attr_decode(krb5_context ctx, const char *secret, const unsigned char *auth, + unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen) + { + krb5_error_code retval; ++ krb5_boolean ignored; + + retval = kr_attr_valid(type, in); + if (retval != 0) +@@ -288,7 +309,8 @@ kr_attr_decode(krb5_context ctx, const char *secret, const unsigned char *auth, + return 0; + } + +- return attributes[type - 1].decode(ctx, secret, auth, in, outbuf, outlen); ++ return attributes[type - 1].decode(ctx, secret, auth, in, outbuf, outlen, ++ &ignored); + } + + krad_attr +diff --git a/src/lib/krad/attrset.c b/src/lib/krad/attrset.c +index 03c613716..d89982a13 100644 +--- a/src/lib/krad/attrset.c ++++ b/src/lib/krad/attrset.c +@@ -167,7 +167,8 @@ krad_attrset_copy(const krad_attrset *set, krad_attrset **copy) + krb5_error_code + kr_attrset_encode(const krad_attrset *set, const char *secret, + const unsigned char *auth, +- unsigned char outbuf[MAX_ATTRSETSIZE], size_t *outlen) ++ unsigned char outbuf[MAX_ATTRSETSIZE], size_t *outlen, ++ krb5_boolean *is_fips) + { + unsigned char buffer[MAX_ATTRSIZE]; + krb5_error_code retval; +@@ -181,7 +182,7 @@ kr_attrset_encode(const krad_attrset *set, const char *secret, + + K5_TAILQ_FOREACH(a, &set->list, list) { + retval = kr_attr_encode(set->ctx, secret, auth, a->type, &a->attr, +- buffer, &attrlen); ++ buffer, &attrlen, is_fips); + if (retval != 0) + return retval; + +diff --git a/src/lib/krad/internal.h b/src/lib/krad/internal.h +index 0143d155a..223ffd730 100644 +--- a/src/lib/krad/internal.h ++++ b/src/lib/krad/internal.h +@@ -39,6 +39,8 @@ + #include + #include + ++#include ++ + #ifndef UCHAR_MAX + #define UCHAR_MAX 255 + #endif +@@ -49,6 +51,13 @@ + + typedef struct krad_remote_st krad_remote; + ++struct krad_packet_st { ++ char buffer[KRAD_PACKET_SIZE_MAX]; ++ krad_attrset *attrset; ++ krb5_data pkt; ++ krb5_boolean is_fips; ++}; ++ + /* Validate constraints of an attribute. */ + krb5_error_code + kr_attr_valid(krad_attr type, const krb5_data *data); +@@ -57,7 +66,8 @@ kr_attr_valid(krad_attr type, const krb5_data *data); + krb5_error_code + kr_attr_encode(krb5_context ctx, const char *secret, const unsigned char *auth, + krad_attr type, const krb5_data *in, +- unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen); ++ unsigned char outbuf[MAX_ATTRSIZE], size_t *outlen, ++ krb5_boolean *is_fips); + + /* Decode an attribute. */ + krb5_error_code +@@ -69,7 +79,8 @@ kr_attr_decode(krb5_context ctx, const char *secret, const unsigned char *auth, + krb5_error_code + kr_attrset_encode(const krad_attrset *set, const char *secret, + const unsigned char *auth, +- unsigned char outbuf[MAX_ATTRSETSIZE], size_t *outlen); ++ unsigned char outbuf[MAX_ATTRSETSIZE], size_t *outlen, ++ krb5_boolean *is_fips); + + /* Decode attributes from a buffer. */ + krb5_error_code +@@ -152,4 +163,17 @@ gai_error_code(int err) + } + } + ++static inline krb5_boolean ++kr_use_fips(krb5_context ctx) ++{ ++ int val = 0; ++ ++ if (!FIPS_mode()) ++ return 0; ++ ++ profile_get_boolean(ctx->profile, "libdefaults", ++ "radius_md5_fips_override", NULL, 0, &val); ++ return !val; ++} ++ + #endif /* INTERNAL_H_ */ +diff --git a/src/lib/krad/packet.c b/src/lib/krad/packet.c +index c597174b6..fc2d24800 100644 +--- a/src/lib/krad/packet.c ++++ b/src/lib/krad/packet.c +@@ -53,12 +53,6 @@ typedef unsigned char uchar; + #define pkt_auth(p) ((uchar *)offset(&(p)->pkt, OFFSET_AUTH)) + #define pkt_attr(p) ((unsigned char *)offset(&(p)->pkt, OFFSET_ATTR)) + +-struct krad_packet_st { +- char buffer[KRAD_PACKET_SIZE_MAX]; +- krad_attrset *attrset; +- krb5_data pkt; +-}; +- + typedef struct { + uchar x[(UCHAR_MAX + 1) / 8]; + } idmap; +@@ -187,8 +181,14 @@ auth_generate_response(krb5_context ctx, const char *secret, + memcpy(data.data + response->pkt.length, secret, strlen(secret)); + + /* Hash it. */ +- retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0, &data, +- &hash); ++ if (kr_use_fips(ctx)) { ++ /* This checksum does very little security-wise anyway, so don't ++ * taint. */ ++ hash.contents = calloc(1, AUTH_FIELD_SIZE); ++ } else { ++ retval = krb5_c_make_checksum(ctx, CKSUMTYPE_RSA_MD5, NULL, 0, &data, ++ &hash); ++ } + free(data.data); + if (retval != 0) + return retval; +@@ -276,7 +276,7 @@ krad_packet_new_request(krb5_context ctx, const char *secret, krad_code code, + + /* Encode the attributes. */ + retval = kr_attrset_encode(set, secret, pkt_auth(pkt), pkt_attr(pkt), +- &attrset_len); ++ &attrset_len, &pkt->is_fips); + if (retval != 0) + goto error; + +@@ -314,7 +314,7 @@ krad_packet_new_response(krb5_context ctx, const char *secret, krad_code code, + + /* Encode the attributes. */ + retval = kr_attrset_encode(set, secret, pkt_auth(request), pkt_attr(pkt), +- &attrset_len); ++ &attrset_len, &pkt->is_fips); + if (retval != 0) + goto error; + +@@ -451,6 +451,8 @@ krad_packet_decode_response(krb5_context ctx, const char *secret, + const krb5_data * + krad_packet_encode(const krad_packet *pkt) + { ++ if (pkt->is_fips) ++ return NULL; + return &pkt->pkt; + } + +diff --git a/src/lib/krad/remote.c b/src/lib/krad/remote.c +index c96a9b4ee..eca432424 100644 +--- a/src/lib/krad/remote.c ++++ b/src/lib/krad/remote.c +@@ -263,7 +263,7 @@ on_io_write(krad_remote *rr) + request *r; + + K5_TAILQ_FOREACH(r, &rr->list, list) { +- tmp = krad_packet_encode(r->request); ++ tmp = &r->request->pkt; + + /* If the packet has already been sent, do nothing. */ + if (r->sent == tmp->length) +@@ -359,7 +359,7 @@ on_io_read(krad_remote *rr) + if (req != NULL) { + K5_TAILQ_FOREACH(r, &rr->list, list) { + if (r->request == req && +- r->sent == krad_packet_encode(req)->length) { ++ r->sent == req->pkt.length) { + request_finish(r, 0, rsp); + break; + } +@@ -455,6 +455,12 @@ kr_remote_send(krad_remote *rr, krad_code code, krad_attrset *attrs, + (krad_packet_iter_cb)iterator, &r, &tmp); + if (retval != 0) + goto error; ++ else if (tmp->is_fips && rr->info->ai_family != AF_LOCAL && ++ rr->info->ai_family != AF_UNIX) { ++ /* This would expose cleartext passwords, so abort. */ ++ retval = ESOCKTNOSUPPORT; ++ goto error; ++ } + + K5_TAILQ_FOREACH(r, &rr->list, list) { + if (r->request == tmp) { +diff --git a/src/lib/krad/t_attr.c b/src/lib/krad/t_attr.c +index eb2a780c8..4d285ad9d 100644 +--- a/src/lib/krad/t_attr.c ++++ b/src/lib/krad/t_attr.c +@@ -50,6 +50,7 @@ main() + const char *tmp; + krb5_data in; + size_t len; ++ krb5_boolean is_fips = FALSE; + + noerror(krb5_init_context(&ctx)); + +@@ -73,7 +74,7 @@ main() + in = string2data((char *)decoded); + retval = kr_attr_encode(ctx, secret, auth, + krad_attr_name2num("User-Password"), +- &in, outbuf, &len); ++ &in, outbuf, &len, &is_fips); + insist(retval == 0); + insist(len == sizeof(encoded)); + insist(memcmp(outbuf, encoded, len) == 0); +diff --git a/src/lib/krad/t_attrset.c b/src/lib/krad/t_attrset.c +index 7928335ca..0f9576253 100644 +--- a/src/lib/krad/t_attrset.c ++++ b/src/lib/krad/t_attrset.c +@@ -49,6 +49,7 @@ main() + krb5_context ctx; + size_t len = 0, encode_len; + krb5_data tmp; ++ krb5_boolean is_fips = FALSE; + + noerror(krb5_init_context(&ctx)); + noerror(krad_attrset_new(ctx, &set)); +@@ -62,7 +63,8 @@ main() + noerror(krad_attrset_add(set, krad_attr_name2num("User-Password"), &tmp)); + + /* Encode attrset. */ +- noerror(kr_attrset_encode(set, "foo", auth, buffer, &encode_len)); ++ noerror(kr_attrset_encode(set, "foo", auth, buffer, &encode_len, ++ &is_fips)); + krad_attrset_free(set); + + /* Manually encode User-Name. */ +diff --git a/src/plugins/preauth/spake/spake_client.c b/src/plugins/preauth/spake/spake_client.c +index 00734a13b..a3ce22b70 100644 +--- a/src/plugins/preauth/spake/spake_client.c ++++ b/src/plugins/preauth/spake/spake_client.c +@@ -38,6 +38,8 @@ + #include "groups.h" + #include + ++#include ++ + typedef struct reqstate_st { + krb5_pa_spake *msg; /* set in prep_questions, used in process */ + krb5_keyblock *initial_key; +@@ -375,6 +377,10 @@ clpreauth_spake_initvt(krb5_context context, int maj_ver, int min_ver, + + if (maj_ver != 1) + return KRB5_PLUGIN_VER_NOTSUPP; ++ ++ if (FIPS_mode()) ++ return KRB5_CRYPTO_INTERNAL; ++ + vt = (krb5_clpreauth_vtable)vtable; + vt->name = "spake"; + vt->pa_type_list = pa_types; +diff --git a/src/plugins/preauth/spake/spake_kdc.c b/src/plugins/preauth/spake/spake_kdc.c +index 88c964ce1..c7df0392f 100644 +--- a/src/plugins/preauth/spake/spake_kdc.c ++++ b/src/plugins/preauth/spake/spake_kdc.c +@@ -41,6 +41,8 @@ + + #include + ++#include ++ + /* + * The SPAKE kdcpreauth module uses a secure cookie containing the following + * concatenated fields (all integer fields are big-endian): +@@ -571,6 +573,10 @@ kdcpreauth_spake_initvt(krb5_context context, int maj_ver, int min_ver, + + if (maj_ver != 1) + return KRB5_PLUGIN_VER_NOTSUPP; ++ ++ if (FIPS_mode()) ++ return KRB5_CRYPTO_INTERNAL; ++ + vt = (krb5_kdcpreauth_vtable)vtable; + vt->name = "spake"; + vt->pa_type_list = pa_types; diff --git a/SOURCES/downstream-Remove-3des-support.patch b/SOURCES/downstream-Remove-3des-support.patch new file mode 100644 index 0000000..2bc2479 --- /dev/null +++ b/SOURCES/downstream-Remove-3des-support.patch @@ -0,0 +1,6453 @@ +From fef4e551d3d2dcb55e58cc182304254c36aa8949 Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Tue, 26 Mar 2019 18:51:10 -0400 +Subject: [PATCH] [downstream] Remove 3des support + +Completely remove support for all DES3 enctypes (des3-cbc-raw, +des3-hmac-sha1, des3-cbc-sha1-kd). Update all tests and documentation +to user other enctypes. Mark the 3DES enctypes UNSUPPORTED and retain +their constants. + +Last-updated: 1.19-beta1 +--- + doc/admin/advanced/retiring-des.rst | 11 + + doc/admin/conf_files/kdc_conf.rst | 7 +- + doc/admin/enctypes.rst | 10 +- + doc/admin/troubleshoot.rst | 9 +- + doc/appdev/refs/macros/index.rst | 1 - + doc/conf.py | 2 +- + doc/mitK5features.rst | 2 +- + src/Makefile.in | 4 +- + src/configure.ac | 1 - + src/include/krb5/krb5.hin | 10 +- + src/kadmin/testing/proto/kdc.conf.proto | 4 +- + src/kdc/kdc_util.c | 4 - + src/lib/crypto/Makefile.in | 8 +- + src/lib/crypto/builtin/Makefile.in | 6 +- + src/lib/crypto/builtin/des/ISSUES | 13 - + src/lib/crypto/builtin/des/Makefile.in | 80 ---- + src/lib/crypto/builtin/des/d3_aead.c | 133 ------ + src/lib/crypto/builtin/des/d3_kysched.c | 51 --- + src/lib/crypto/builtin/des/deps | 150 ------- + src/lib/crypto/builtin/des/des_int.h | 285 ------------- + src/lib/crypto/builtin/des/des_keys.c | 40 -- + src/lib/crypto/builtin/des/destest.c | 240 ----------- + src/lib/crypto/builtin/des/doc/libdes.doc | 208 --------- + src/lib/crypto/builtin/des/f_aead.c | 173 -------- + src/lib/crypto/builtin/des/f_cbc.c | 256 ------------ + src/lib/crypto/builtin/des/f_cksum.c | 136 ------ + src/lib/crypto/builtin/des/f_parity.c | 56 --- + src/lib/crypto/builtin/des/f_sched.c | 359 ---------------- + src/lib/crypto/builtin/des/f_tables.c | 370 ---------------- + src/lib/crypto/builtin/des/f_tables.h | 285 ------------- + src/lib/crypto/builtin/des/key_sched.c | 62 --- + src/lib/crypto/builtin/des/keytest.data | 171 -------- + src/lib/crypto/builtin/des/t_verify.c | 395 ------------------ + src/lib/crypto/builtin/des/weak_key.c | 86 ---- + .../crypto/builtin/enc_provider/Makefile.in | 6 +- + src/lib/crypto/builtin/enc_provider/deps | 13 - + src/lib/crypto/builtin/enc_provider/des3.c | 105 ----- + src/lib/crypto/crypto_tests/t_cf2.expected | 1 - + src/lib/crypto/crypto_tests/t_cf2.in | 5 - + src/lib/crypto/crypto_tests/t_cksums.c | 10 - + src/lib/crypto/crypto_tests/t_decrypt.c | 57 --- + src/lib/crypto/crypto_tests/t_derive.c | 36 -- + src/lib/crypto/crypto_tests/t_encrypt.c | 1 - + src/lib/crypto/crypto_tests/t_short.c | 1 - + src/lib/crypto/crypto_tests/t_str2key.c | 52 --- + src/lib/crypto/krb/Makefile.in | 3 - + src/lib/crypto/krb/cksumtypes.c | 6 - + src/lib/crypto/krb/crypto_int.h | 16 - + src/lib/crypto/krb/default_state.c | 10 - + src/lib/crypto/krb/enctype_util.c | 3 + + src/lib/crypto/krb/etypes.c | 21 - + src/lib/crypto/krb/prf_des.c | 47 --- + src/lib/crypto/krb/random_to_key.c | 45 -- + src/lib/crypto/libk5crypto.exports | 1 - + src/lib/crypto/openssl/Makefile.in | 8 +- + src/lib/crypto/openssl/des/Makefile.in | 20 - + src/lib/crypto/openssl/des/deps | 15 - + src/lib/crypto/openssl/des/des_keys.c | 40 -- + .../crypto/openssl/enc_provider/Makefile.in | 3 - + src/lib/crypto/openssl/enc_provider/deps | 11 - + src/lib/crypto/openssl/enc_provider/des3.c | 184 -------- + src/lib/gssapi/krb5/accept_sec_context.c | 1 - + src/lib/gssapi/krb5/gssapiP_krb5.h | 6 +- + src/lib/gssapi/krb5/k5seal.c | 35 +- + src/lib/gssapi/krb5/k5sealiov.c | 27 +- + src/lib/gssapi/krb5/k5unseal.c | 102 ++--- + src/lib/gssapi/krb5/k5unsealiov.c | 38 +- + src/lib/gssapi/krb5/util_crypt.c | 11 - + .../api.current/chpass-principal-v2.exp | 4 +- + .../api.current/get-principal-v2.exp | 4 +- + .../api.current/randkey-principal-v2.exp | 4 +- + src/lib/krb5/krb/init_ctx.c | 3 - + src/lib/krb5/krb/s4u_creds.c | 2 - + src/lib/krb5/krb/t_etypes.c | 48 +-- + src/lib/krb5/os/t_trace.c | 4 +- + src/lib/krb5/os/t_trace.ref | 2 +- + src/plugins/preauth/pkinit/pkcs11.h | 6 +- + src/plugins/preauth/pkinit/pkinit_clnt.c | 8 - + src/plugins/preauth/pkinit/pkinit_crypto.h | 12 - + .../preauth/pkinit/pkinit_crypto_openssl.c | 38 -- + src/plugins/preauth/pkinit/pkinit_kdf_test.c | 31 -- + src/plugins/preauth/spake/t_vectors.c | 25 -- + src/tests/dejagnu/config/default.exp | 78 ---- + src/tests/dejagnu/krb-standalone/kprop.exp | 2 +- + src/tests/gssapi/t_enctypes.py | 33 +- + src/tests/gssapi/t_invalid.c | 12 - + src/tests/gssapi/t_pcontok.c | 16 +- + src/tests/gssapi/t_prf.c | 7 - + src/tests/t_authdata.py | 2 +- + src/tests/t_etype_info.py | 18 +- + src/tests/t_keyrollover.py | 8 +- + src/tests/t_mkey.py | 35 -- + src/tests/t_salt.py | 5 +- + src/util/k5test.py | 7 - + .../leash/htmlhelp/html/Encryption_Types.htm | 13 - + 95 files changed, 160 insertions(+), 4835 deletions(-) + delete mode 100644 src/lib/crypto/builtin/des/ISSUES + delete mode 100644 src/lib/crypto/builtin/des/Makefile.in + delete mode 100644 src/lib/crypto/builtin/des/d3_aead.c + delete mode 100644 src/lib/crypto/builtin/des/d3_kysched.c + delete mode 100644 src/lib/crypto/builtin/des/deps + delete mode 100644 src/lib/crypto/builtin/des/des_int.h + delete mode 100644 src/lib/crypto/builtin/des/des_keys.c + delete mode 100644 src/lib/crypto/builtin/des/destest.c + delete mode 100644 src/lib/crypto/builtin/des/doc/libdes.doc + delete mode 100644 src/lib/crypto/builtin/des/f_aead.c + delete mode 100644 src/lib/crypto/builtin/des/f_cbc.c + delete mode 100644 src/lib/crypto/builtin/des/f_cksum.c + delete mode 100644 src/lib/crypto/builtin/des/f_parity.c + delete mode 100644 src/lib/crypto/builtin/des/f_sched.c + delete mode 100644 src/lib/crypto/builtin/des/f_tables.c + delete mode 100644 src/lib/crypto/builtin/des/f_tables.h + delete mode 100644 src/lib/crypto/builtin/des/key_sched.c + delete mode 100644 src/lib/crypto/builtin/des/keytest.data + delete mode 100644 src/lib/crypto/builtin/des/t_verify.c + delete mode 100644 src/lib/crypto/builtin/des/weak_key.c + delete mode 100644 src/lib/crypto/builtin/enc_provider/des3.c + delete mode 100644 src/lib/crypto/krb/prf_des.c + delete mode 100644 src/lib/crypto/openssl/des/Makefile.in + delete mode 100644 src/lib/crypto/openssl/des/deps + delete mode 100644 src/lib/crypto/openssl/des/des_keys.c + delete mode 100644 src/lib/crypto/openssl/enc_provider/des3.c + +diff --git a/doc/admin/advanced/retiring-des.rst b/doc/admin/advanced/retiring-des.rst +index 38f76d3f4..d5e3c30c0 100644 +--- a/doc/admin/advanced/retiring-des.rst ++++ b/doc/admin/advanced/retiring-des.rst +@@ -10,6 +10,13 @@ ability have rendered DES vulnerable to brute force attacks on its 56-bit + keyspace. As such, it is now considered insecure and should not be + used (:rfc:`6649`). + ++In 1999, MIT krb5 added support for Triple-DES (3DES) encryption types. ++However, due to weakenings of DES and other security concerns, it is now also ++considered insecure and should not be used (:rfc:`8429`). AES encryption ++types were added to MIT in 2003, meaning that the number of deployments with ++3DES as the strongest encryption type is hopefully small. The rotation ++procedure described herein works for both DES and 3DES. ++ + History + ------- + +@@ -27,6 +34,10 @@ and removed DES (single-DES) support in release 1.18. As a + consequence, a release prior to 1.18 is required to perform these + migrations. + ++3DES (a flagged deprecated encryption type) was also removed downstream by ++rharwood@redhat.com starting in 1.18; likewise, a pre-1.18 release is required ++to perform these migrations. ++ + Types of keys + ------------- + +diff --git a/doc/admin/conf_files/kdc_conf.rst b/doc/admin/conf_files/kdc_conf.rst +index 1dc958d62..3a72aabef 100644 +--- a/doc/admin/conf_files/kdc_conf.rst ++++ b/doc/admin/conf_files/kdc_conf.rst +@@ -848,8 +848,6 @@ Encryption types marked as "weak" and "deprecated" are available for + compatibility but not recommended for use. + + ==================================================== ========================================================= +-des3-cbc-raw Triple DES cbc mode raw (weak) +-des3-cbc-sha1 des3-hmac-sha1 des3-cbc-sha1-kd Triple DES cbc mode with HMAC/sha1 (deprecated) + aes256-cts-hmac-sha1-96 aes256-cts aes256-sha1 AES-256 CTS mode with 96-bit SHA-1 HMAC + aes128-cts-hmac-sha1-96 aes128-cts aes128-sha1 AES-128 CTS mode with 96-bit SHA-1 HMAC + aes256-cts-hmac-sha384-192 aes256-sha2 AES-256 CTS mode with 192-bit SHA-384 HMAC +@@ -858,7 +856,6 @@ arcfour-hmac rc4-hmac arcfour-hmac-md5 RC4 with HMAC/MD5 (deprecat + arcfour-hmac-exp rc4-hmac-exp arcfour-hmac-md5-exp Exportable RC4 with HMAC/MD5 (weak) + camellia256-cts-cmac camellia256-cts Camellia-256 CTS mode with CMAC + camellia128-cts-cmac camellia128-cts Camellia-128 CTS mode with CMAC +-des3 The triple DES family: des3-cbc-sha1 + aes The AES family: aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96, aes256-cts-hmac-sha384-192, and aes128-cts-hmac-sha256-128 + rc4 The RC4 family: arcfour-hmac + camellia The Camellia family: camellia256-cts-cmac and camellia128-cts-cmac +@@ -870,8 +867,8 @@ from the current list by prefixing them with a minus sign ("-"). + Types or families can be prefixed with a plus sign ("+") for symmetry; + it has the same meaning as just listing the type or family. For + example, "``DEFAULT -rc4``" would be the default set of encryption +-types with RC4 types removed, and "``des3 DEFAULT``" would be the +-default set of encryption types with triple DES types moved to the ++types with RC4 types removed, and "``aes128-sha2 DEFAULT``" would be ++the default set of encryption types with aes128-sha2 moved to the + front. + + While **aes128-cts** and **aes256-cts** are supported for all Kerberos +diff --git a/doc/admin/enctypes.rst b/doc/admin/enctypes.rst +index 047185afb..b08d954d9 100644 +--- a/doc/admin/enctypes.rst ++++ b/doc/admin/enctypes.rst +@@ -129,7 +129,7 @@ enctype weak? krb5 Windows + des-cbc-crc weak <1.18 >=2000 + des-cbc-md4 weak <1.18 ? + des-cbc-md5 weak <1.18 >=2000 +-des3-cbc-sha1 deprecated >=1.1 none ++des3-cbc-sha1 deprecated <1.18 none + arcfour-hmac deprecated >=1.3 >=2000 + arcfour-hmac-exp weak >=1.3 >=2000 + aes128-cts-hmac-sha1-96 >=1.3 >=Vista +@@ -148,9 +148,11 @@ default. + krb5 releases 1.17 and later flag deprecated encryption types + (including ``des3-cbc-sha1`` and ``arcfour-hmac``) in KDC logs and + kadmin output. krb5 release 1.19 issues a warning during initial +-authentication if ``des3-cbc-sha1`` is used. Future releases will +-disable ``des3-cbc-sha1`` by default and eventually remove support for +-it. ++authentication if ``des3-cbc-sha1`` is used. ++ ++krb5 releases 1.18 and later remove single-DES and 3DES ++(downstream-only patch) enctype support. Microsoft Windows never ++supported 3DES. + + + Migrating away from older encryption types +diff --git a/doc/admin/troubleshoot.rst b/doc/admin/troubleshoot.rst +index ade5e1f87..e4dc54f7e 100644 +--- a/doc/admin/troubleshoot.rst ++++ b/doc/admin/troubleshoot.rst +@@ -73,11 +73,10 @@ credential verification failed: KDC has no support for encryption type + ...................................................................... + + This most commonly happens when trying to use a principal with only +-DES keys, in a release (MIT krb5 1.7 or later) which disables DES by +-default. DES encryption is considered weak due to its inadequate key +-size. If you cannot migrate away from its use, you can re-enable DES +-by adding ``allow_weak_crypto = true`` to the :ref:`libdefaults` +-section of :ref:`krb5.conf(5)`. ++DES/3DES keys, in a release (MIT krb5 1.7 or later) which disables DES ++by default. DES encryption is considered weak due to its inadequate ++key size and has been removed upstream; 3DES is not recommended, and ++has been removed downstream by rharwood@redhat.com. + + + .. _err_cert_chain_cert_expired: +diff --git a/doc/appdev/refs/macros/index.rst b/doc/appdev/refs/macros/index.rst +index cebb6644c..4d51e795c 100644 +--- a/doc/appdev/refs/macros/index.rst ++++ b/doc/appdev/refs/macros/index.rst +@@ -36,7 +36,6 @@ Public + CKSUMTYPE_HMAC_SHA1_96_AES256.rst + CKSUMTYPE_HMAC_SHA256_128_AES128.rst + CKSUMTYPE_HMAC_SHA384_192_AES256.rst +- CKSUMTYPE_HMAC_SHA1_DES3.rst + CKSUMTYPE_MD5_HMAC_ARCFOUR.rst + CKSUMTYPE_NIST_SHA.rst + CKSUMTYPE_RSA_MD4.rst +diff --git a/doc/conf.py b/doc/conf.py +index 543202bf4..4fb6aae14 100644 +--- a/doc/conf.py ++++ b/doc/conf.py +@@ -271,7 +271,7 @@ else: + rst_epilog += ''' + .. |krb5conf| replace:: ``/etc/krb5.conf`` + .. |defkeysalts| replace:: ``aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:normal`` +-.. |defetypes| replace:: ``aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192 aes128-cts-hmac-sha256-128 des3-cbc-sha1 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac`` ++.. |defetypes| replace:: ``aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 aes256-cts-hmac-sha384-192 aes128-cts-hmac-sha256-128 arcfour-hmac-md5 camellia256-cts-cmac camellia128-cts-cmac`` + .. |defmkey| replace:: ``aes256-cts-hmac-sha1-96`` + .. |copy| unicode:: U+000A9 + ''' +diff --git a/doc/mitK5features.rst b/doc/mitK5features.rst +index 4954bb3aa..92ce2a772 100644 +--- a/doc/mitK5features.rst ++++ b/doc/mitK5features.rst +@@ -37,7 +37,7 @@ Database backends: LDAP, DB2, LMDB + + krb4 support: Kerberos 5 release < 1.8 + +-DES support: Kerberos 5 release < 1.18 (See :ref:`retiring-des`) ++DES/3DES support: Kerberos 5 release < 1.18 (See :ref:`retiring-des`) + + Interoperability + ---------------- +diff --git a/src/Makefile.in b/src/Makefile.in +index 7d2507ef8..c16715ac7 100644 +--- a/src/Makefile.in ++++ b/src/Makefile.in +@@ -130,7 +130,7 @@ WINMAKEFILES=Makefile \ + lib\Makefile lib\crypto\Makefile lib\crypto\krb\Makefile \ + lib\crypto\builtin\Makefile lib\crypto\builtin\aes\Makefile \ + lib\crypto\builtin\enc_provider\Makefile \ +- lib\crypto\builtin\des\Makefile lib\crypto\builtin\md5\Makefile \ ++ lib\crypto\builtin\md5\Makefile \ + lib\crypto\builtin\camellia\Makefile lib\crypto\builtin\md4\Makefile \ + lib\crypto\builtin\hash_provider\Makefile \ + lib\crypto\builtin\sha2\Makefile lib\crypto\builtin\sha1\Makefile \ +@@ -202,8 +202,6 @@ WINMAKEFILES=Makefile \ + ##DOS## $(WCONFIG) config < $@.in > $@ + ##DOS##lib\crypto\builtin\enc_provider\Makefile: lib\crypto\builtin\enc_provider\Makefile.in $(MKFDEP) + ##DOS## $(WCONFIG) config < $@.in > $@ +-##DOS##lib\crypto\builtin\des\Makefile: lib\crypto\builtin\des\Makefile.in $(MKFDEP) +-##DOS## $(WCONFIG) config < $@.in > $@ + ##DOS##lib\crypto\builtin\md5\Makefile: lib\crypto\builtin\md5\Makefile.in $(MKFDEP) + ##DOS## $(WCONFIG) config < $@.in > $@ + ##DOS##lib\crypto\builtin\camellia\Makefile: lib\crypto\builtin\camellia\Makefile.in $(MKFDEP) +diff --git a/src/configure.ac b/src/configure.ac +index dd2cad3ee..3e1052db7 100644 +--- a/src/configure.ac ++++ b/src/configure.ac +@@ -1480,7 +1480,6 @@ V5_AC_OUTPUT_MAKEFILE(. + lib/crypto lib/crypto/krb lib/crypto/$CRYPTO_IMPL + lib/crypto/$CRYPTO_IMPL/enc_provider + lib/crypto/$CRYPTO_IMPL/hash_provider +- lib/crypto/$CRYPTO_IMPL/des + lib/crypto/$CRYPTO_IMPL/md4 lib/crypto/$CRYPTO_IMPL/md5 + lib/crypto/$CRYPTO_IMPL/sha1 lib/crypto/$CRYPTO_IMPL/sha2 + lib/crypto/$CRYPTO_IMPL/aes lib/crypto/$CRYPTO_IMPL/camellia +diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin +index db80063eb..63e67a2ba 100644 +--- a/src/include/krb5/krb5.hin ++++ b/src/include/krb5/krb5.hin +@@ -426,8 +426,8 @@ typedef struct _krb5_crypto_iov { + #define ENCTYPE_DES_CBC_MD4 0x0002 /**< @deprecated no longer supported */ + #define ENCTYPE_DES_CBC_MD5 0x0003 /**< @deprecated no longer supported */ + #define ENCTYPE_DES_CBC_RAW 0x0004 /**< @deprecated no longer supported */ +-#define ENCTYPE_DES3_CBC_SHA 0x0005 /**< @deprecated DES-3 cbc with SHA1 */ +-#define ENCTYPE_DES3_CBC_RAW 0x0006 /**< @deprecated DES-3 cbc mode raw */ ++#define ENCTYPE_DES3_CBC_SHA 0x0005 /**< @deprecated no longer supported */ ++#define ENCTYPE_DES3_CBC_RAW 0x0006 /**< @deprecated no longer supported */ + #define ENCTYPE_DES_HMAC_SHA1 0x0008 /**< @deprecated no longer supported */ + /* PKINIT */ + #define ENCTYPE_DSA_SHA1_CMS 0x0009 /**< DSA with SHA1, CMS signature */ +@@ -436,9 +436,9 @@ typedef struct _krb5_crypto_iov { + #define ENCTYPE_RC2_CBC_ENV 0x000c /**< RC2 cbc mode, CMS enveloped data */ + #define ENCTYPE_RSA_ENV 0x000d /**< RSA encryption, CMS enveloped data */ + #define ENCTYPE_RSA_ES_OAEP_ENV 0x000e /**< RSA w/OEAP encryption, CMS enveloped data */ +-#define ENCTYPE_DES3_CBC_ENV 0x000f /**< DES-3 cbc mode, CMS enveloped data */ ++#define ENCTYPE_DES3_CBC_ENV 0x000f /**< @deprecated no longer supported */ + +-#define ENCTYPE_DES3_CBC_SHA1 0x0010 ++#define ENCTYPE_DES3_CBC_SHA1 0x0010 /**< @deprecated removed */ + #define ENCTYPE_AES128_CTS_HMAC_SHA1_96 0x0011 /**< RFC 3962 */ + #define ENCTYPE_AES256_CTS_HMAC_SHA1_96 0x0012 /**< RFC 3962 */ + #define ENCTYPE_AES128_CTS_HMAC_SHA256_128 0x0013 /**< RFC 8009 */ +@@ -458,7 +458,7 @@ typedef struct _krb5_crypto_iov { + #define CKSUMTYPE_RSA_MD5 0x0007 + #define CKSUMTYPE_RSA_MD5_DES 0x0008 + #define CKSUMTYPE_NIST_SHA 0x0009 +-#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c ++#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c /* @deprecated removed */ + #define CKSUMTYPE_HMAC_SHA1_96_AES128 0x000f /**< RFC 3962. Used with + ENCTYPE_AES128_CTS_HMAC_SHA1_96 */ + #define CKSUMTYPE_HMAC_SHA1_96_AES256 0x0010 /**< RFC 3962. Used with +diff --git a/src/kadmin/testing/proto/kdc.conf.proto b/src/kadmin/testing/proto/kdc.conf.proto +index 8a4b87de1..d7f1d076b 100644 +--- a/src/kadmin/testing/proto/kdc.conf.proto ++++ b/src/kadmin/testing/proto/kdc.conf.proto +@@ -11,6 +11,6 @@ + dict_file = __K5ROOT__/ovsec_adm.dict + kadmind_port = 1751 + kpasswd_port = 1752 +- master_key_type = des3-hmac-sha1 +- supported_enctypes = des3-hmac-sha1:normal aes256-cts:normal aes128-cts:normal aes256-sha2:normal aes128-sha2:normal ++ master_key_type = aes256-cts ++ supported_enctypes = aes256-cts:normal aes128-cts:normal aes256-sha2:normal aes128-sha2:normal + } +diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c +index 60f30c4f4..c65375aef 100644 +--- a/src/kdc/kdc_util.c ++++ b/src/kdc/kdc_util.c +@@ -1017,8 +1017,6 @@ enctype_name(krb5_enctype ktype, char *buf, size_t buflen) + name = "rsaEncryption-EnvOID"; + else if (ktype == ENCTYPE_RSA_ES_OAEP_ENV) + name = "id-RSAES-OAEP-EnvOID"; +- else if (ktype == ENCTYPE_DES3_CBC_ENV) +- name = "des-ede3-cbc-EnvOID"; + else + return krb5_enctype_to_name(ktype, FALSE, buf, buflen); + +@@ -1605,8 +1603,6 @@ krb5_boolean + enctype_requires_etype_info_2(krb5_enctype enctype) + { + switch(enctype) { +- case ENCTYPE_DES3_CBC_SHA1: +- case ENCTYPE_DES3_CBC_RAW: + case ENCTYPE_ARCFOUR_HMAC: + case ENCTYPE_ARCFOUR_HMAC_EXP : + return 0; +diff --git a/src/lib/crypto/Makefile.in b/src/lib/crypto/Makefile.in +index c3fcfd7e8..890d54adf 100644 +--- a/src/lib/crypto/Makefile.in ++++ b/src/lib/crypto/Makefile.in +@@ -13,7 +13,7 @@ STOBJLISTS=$(CRYPTO_IMPL)/enc_provider/OBJS.ST \ + $(CRYPTO_IMPL)/hash_provider/OBJS.ST \ + $(CRYPTO_IMPL)/md4/OBJS.ST $(CRYPTO_IMPL)/md5/OBJS.ST \ + $(CRYPTO_IMPL)/sha1/OBJS.ST $(CRYPTO_IMPL)/sha2/OBJS.ST \ +- $(CRYPTO_IMPL)/aes/OBJS.ST $(CRYPTO_IMPL)/des/OBJS.ST \ ++ $(CRYPTO_IMPL)/aes/OBJS.ST \ + $(CRYPTO_IMPL)/camellia/OBJS.ST krb/OBJS.ST \ + $(CRYPTO_IMPL)/OBJS.ST + +@@ -21,7 +21,7 @@ SUBDIROBJLISTS=$(CRYPTO_IMPL)/enc_provider/OBJS.ST \ + $(CRYPTO_IMPL)/hash_provider/OBJS.ST \ + $(CRYPTO_IMPL)/md4/OBJS.ST $(CRYPTO_IMPL)/md5/OBJS.ST \ + $(CRYPTO_IMPL)/sha1/OBJS.ST $(CRYPTO_IMPL)/sha2/OBJS.ST \ +- $(CRYPTO_IMPL)/aes/OBJS.ST $(CRYPTO_IMPL)/des/OBJS.ST \ ++ $(CRYPTO_IMPL)/aes/OBJS.ST \ + $(CRYPTO_IMPL)/camellia/OBJS.ST krb/OBJS.ST \ + $(CRYPTO_IMPL)/OBJS.ST + +@@ -34,8 +34,8 @@ SHLIB_EXPDEPLIBS= $(SUPPORT_DEPLIB) + SHLIB_LDFLAGS= $(LDFLAGS) @SHLIB_RPATH_DIRS@ + + ##DOS##LIBNAME=$(OUTPRE)crypto.lib +-##DOS##OBJFILEDEP=$(OUTPRE)krb.lst $(OUTPRE)aes.lst $(OUTPRE)enc_provider.lst $(OUTPRE)des.lst $(OUTPRE)md5.lst $(OUTPRE)camellia.lst $(OUTPRE)md4.lst $(OUTPRE)hash_provider.lst $(OUTPRE)sha2.lst $(OUTPRE)sha1.lst $(OUTPRE)builtin.lst +-##DOS##OBJFILELIST=@$(OUTPRE)krb.lst @$(OUTPRE)aes.lst @$(OUTPRE)enc_provider.lst @$(OUTPRE)des.lst @$(OUTPRE)md5.lst @$(OUTPRE)camellia.lst @$(OUTPRE)md4.lst @$(OUTPRE)hash_provider.lst @$(OUTPRE)sha2.lst @$(OUTPRE)sha1.lst @$(OUTPRE)builtin.lst ++##DOS##OBJFILEDEP=$(OUTPRE)krb.lst $(OUTPRE)aes.lst $(OUTPRE)enc_provider.lst $(OUTPRE)md5.lst $(OUTPRE)camellia.lst $(OUTPRE)md4.lst $(OUTPRE)hash_provider.lst $(OUTPRE)sha2.lst $(OUTPRE)sha1.lst $(OUTPRE)builtin.lst ++##DOS##OBJFILELIST=@$(OUTPRE)krb.lst @$(OUTPRE)aes.lst @$(OUTPRE)enc_provider.lst @$(OUTPRE)md5.lst @$(OUTPRE)camellia.lst @$(OUTPRE)md4.lst @$(OUTPRE)hash_provider.lst @$(OUTPRE)sha2.lst @$(OUTPRE)sha1.lst @$(OUTPRE)builtin.lst + + all-unix: all-liblinks + install-unix: install-libs +diff --git a/src/lib/crypto/builtin/Makefile.in b/src/lib/crypto/builtin/Makefile.in +index baf5d974f..82adf1dec 100644 +--- a/src/lib/crypto/builtin/Makefile.in ++++ b/src/lib/crypto/builtin/Makefile.in +@@ -1,6 +1,6 @@ + mydir=lib$(S)crypto$(S)builtin + BUILDTOP=$(REL)..$(S)..$(S).. +-SUBDIRS=camellia des aes md4 md5 sha1 sha2 enc_provider hash_provider ++SUBDIRS=camellia aes md4 md5 sha1 sha2 enc_provider hash_provider + LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir) + + ##DOS##BUILDTOP = ..\..\.. +@@ -22,7 +22,7 @@ SRCS=\ + $(srcdir)/init.c \ + $(srcdir)/pbkdf2.c + +-STOBJLISTS= des/OBJS.ST md4/OBJS.ST \ ++STOBJLISTS= md4/OBJS.ST \ + md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \ + enc_provider/OBJS.ST \ + hash_provider/OBJS.ST \ +@@ -30,7 +30,7 @@ STOBJLISTS= des/OBJS.ST md4/OBJS.ST \ + camellia/OBJS.ST \ + OBJS.ST + +-SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST \ ++SUBDIROBJLISTS= md4/OBJS.ST \ + md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \ + enc_provider/OBJS.ST \ + hash_provider/OBJS.ST \ +diff --git a/src/lib/crypto/builtin/des/ISSUES b/src/lib/crypto/builtin/des/ISSUES +deleted file mode 100644 +index 157891103..000000000 +--- a/src/lib/crypto/builtin/des/ISSUES ++++ /dev/null +@@ -1,13 +0,0 @@ +-Issues to be addressed for src/lib/crypto/des: -*- text -*- +- +- +-"const" could be used in more places +- +- +-Array types are used in calling interfaces. Under ANSI C, a value of +-type "arraytype *" cannot be assigned to a variable of type "const +-arraytype *", so we get compilation warnings. +- +-Possible fix: Rewrite internal interfaces to not use arrays this way. +-Provide external routines compatible with old API, but not using +-const? +diff --git a/src/lib/crypto/builtin/des/Makefile.in b/src/lib/crypto/builtin/des/Makefile.in +deleted file mode 100644 +index 54b329d0f..000000000 +--- a/src/lib/crypto/builtin/des/Makefile.in ++++ /dev/null +@@ -1,80 +0,0 @@ +-mydir=lib$(S)crypto$(S)builtin$(S)des +-BUILDTOP=$(REL)..$(S)..$(S)..$(S).. +-LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir)/../../krb +- +-##DOS##BUILDTOP = ..\..\..\.. +-##DOS##PREFIXDIR = builtin\des +-##DOS##OBJFILE = ..\..\$(OUTPRE)des.lst +- +-STLIBOBJS=\ +- d3_aead.o \ +- d3_kysched.o \ +- des_keys.o \ +- f_aead.o \ +- f_cksum.o \ +- f_parity.o \ +- f_sched.o \ +- f_tables.o \ +- key_sched.o \ +- weak_key.o +- +-OBJS= $(OUTPRE)d3_aead.$(OBJEXT) \ +- $(OUTPRE)d3_kysched.$(OBJEXT) \ +- $(OUTPRE)des_keys.$(OBJEXT) \ +- $(OUTPRE)f_aead.$(OBJEXT) \ +- $(OUTPRE)f_cksum.$(OBJEXT) \ +- $(OUTPRE)f_parity.$(OBJEXT) \ +- $(OUTPRE)f_sched.$(OBJEXT) \ +- $(OUTPRE)f_tables.$(OBJEXT) \ +- $(OUTPRE)key_sched.$(OBJEXT) \ +- $(OUTPRE)weak_key.$(OBJEXT) +- +-SRCS= $(srcdir)/d3_aead.c \ +- $(srcdir)/d3_kysched.c \ +- $(srcdir)/des_keys.c \ +- $(srcdir)/f_aead.c \ +- $(srcdir)/f_cksum.c \ +- $(srcdir)/f_parity.c \ +- $(srcdir)/f_sched.c \ +- $(srcdir)/f_tables.c \ +- $(srcdir)/key_sched.c \ +- $(srcdir)/weak_key.c +- +-EXTRADEPSRCS = $(srcdir)/destest.c $(srcdir)/f_cbc.c $(srcdir)/t_verify.c +- +-##DOS##LIBOBJS = $(OBJS) +- +-TOBJS = $(OUTPRE)key_sched.$(OBJEXT) $(OUTPRE)f_sched.$(OBJEXT) \ +- $(OUTPRE)f_cbc.$(OBJEXT) $(OUTPRE)f_tables.$(OBJEXT) \ +- $(OUTPRE)f_cksum.$(OBJEXT) +- +-verify$(EXEEXT): t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \ +- $(COM_ERR_DEPLIB) $(SUPPORT_DEPLIB) +- $(CC_LINK) -o $@ t_verify.$(OBJEXT) $(TOBJS) f_parity.$(OBJEXT) \ +- $(COM_ERR_LIB) $(SUPPORT_LIB) +- +-destest$(EXEEXT): destest.$(OBJEXT) $(TOBJS) $(SUPPORT_DEPLIB) +- $(CC_LINK) -o $@ destest.$(OBJEXT) $(TOBJS) $(SUPPORT_LIB) +- +-all-unix: all-libobjs +- +-check-unix: verify destest +- $(RUN_TEST) ./verify -z +- $(RUN_TEST) ./verify -m +- $(RUN_TEST) ./verify +- $(RUN_TEST) ./destest < $(srcdir)/keytest.data +- +-includes: depend +- +-depend: $(SRCS) +- +-check-windows: +- +-clean: +- $(RM) destest.$(OBJEXT) destest$(EXEEXT) verify$(EXEEXT) \ +- t_verify.$(OBJEXT) $(TOBJS) +- +-clean-unix:: clean-libobjs +- +-@libobj_frag@ +- +diff --git a/src/lib/crypto/builtin/des/d3_aead.c b/src/lib/crypto/builtin/des/d3_aead.c +deleted file mode 100644 +index bddf75a47..000000000 +--- a/src/lib/crypto/builtin/des/d3_aead.c ++++ /dev/null +@@ -1,133 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* +- * Copyright (C) 2008 by the Massachusetts Institute of Technology. +- * Copyright 1995 by Richard P. Basch. All Rights Reserved. +- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used +- * in advertising or publicity pertaining to distribution of the software +- * without specific, written prior permission. Richard P. Basch, +- * Lehman Brothers and M.I.T. make no representations about the suitability +- * of this software for any purpose. It is provided "as is" without +- * express or implied warranty. +- */ +- +-#include "crypto_int.h" +-#include "des_int.h" +-#include "f_tables.h" +- +-void +-krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data, +- const mit_des_key_schedule ks1, +- const mit_des_key_schedule ks2, +- const mit_des_key_schedule ks3, +- mit_des_cblock ivec) +-{ +- unsigned DES_INT32 left, right; +- const unsigned DES_INT32 *kp1, *kp2, *kp3; +- const unsigned char *ip; +- struct iov_cursor cursor; +- unsigned char block[MIT_DES_BLOCK_LENGTH]; +- +- /* Get key pointers here. These won't need to be reinitialized. */ +- kp1 = (const unsigned DES_INT32 *)ks1; +- kp2 = (const unsigned DES_INT32 *)ks2; +- kp3 = (const unsigned DES_INT32 *)ks3; +- +- /* Initialize left and right with the contents of the initial vector. */ +- ip = (ivec != NULL) ? ivec : mit_des_zeroblock; +- left = load_32_be(ip); +- right = load_32_be(ip + 4); +- +- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE); +- while (k5_iov_cursor_get(&cursor, block)) { +- /* xor this block with the previous ciphertext. */ +- left ^= load_32_be(block); +- right ^= load_32_be(block + 4); +- +- /* Encrypt what we have and store it back into block. */ +- DES_DO_ENCRYPT(left, right, kp1); +- DES_DO_DECRYPT(left, right, kp2); +- DES_DO_ENCRYPT(left, right, kp3); +- store_32_be(left, block); +- store_32_be(right, block + 4); +- +- k5_iov_cursor_put(&cursor, block); +- } +- +- if (ivec != NULL) { +- store_32_be(left, ivec); +- store_32_be(right, ivec + 4); +- } +-} +- +-void +-krb5int_des3_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data, +- const mit_des_key_schedule ks1, +- const mit_des_key_schedule ks2, +- const mit_des_key_schedule ks3, +- mit_des_cblock ivec) +-{ +- unsigned DES_INT32 left, right; +- const unsigned DES_INT32 *kp1, *kp2, *kp3; +- const unsigned char *ip; +- unsigned DES_INT32 ocipherl, ocipherr; +- unsigned DES_INT32 cipherl, cipherr; +- struct iov_cursor cursor; +- unsigned char block[MIT_DES_BLOCK_LENGTH]; +- +- /* Get key pointers here. These won't need to be reinitialized. */ +- kp1 = (const unsigned DES_INT32 *)ks1; +- kp2 = (const unsigned DES_INT32 *)ks2; +- kp3 = (const unsigned DES_INT32 *)ks3; +- +- /* +- * Decrypting is harder than encrypting because of +- * the necessity of remembering a lot more things. +- * Should think about this a little more... +- */ +- +- /* Prime the old cipher with ivec.*/ +- ip = (ivec != NULL) ? ivec : mit_des_zeroblock; +- ocipherl = load_32_be(ip); +- ocipherr = load_32_be(ip + 4); +- +- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE); +- while (k5_iov_cursor_get(&cursor, block)) { +- /* Split this block into left and right. */ +- cipherl = left = load_32_be(block); +- cipherr = right = load_32_be(block + 4); +- +- /* Decrypt and xor with the old cipher to get plain text. */ +- DES_DO_DECRYPT(left, right, kp3); +- DES_DO_ENCRYPT(left, right, kp2); +- DES_DO_DECRYPT(left, right, kp1); +- left ^= ocipherl; +- right ^= ocipherr; +- +- /* Store the encrypted halves back into block. */ +- store_32_be(left, block); +- store_32_be(right, block + 4); +- +- /* Save current cipher block halves. */ +- ocipherl = cipherl; +- ocipherr = cipherr; +- +- k5_iov_cursor_put(&cursor, block); +- } +- +- if (ivec != NULL) { +- store_32_be(ocipherl, ivec); +- store_32_be(ocipherr, ivec + 4); +- } +-} +diff --git a/src/lib/crypto/builtin/des/d3_kysched.c b/src/lib/crypto/builtin/des/d3_kysched.c +deleted file mode 100644 +index ebd1050b1..000000000 +--- a/src/lib/crypto/builtin/des/d3_kysched.c ++++ /dev/null +@@ -1,51 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* +- * Copyright 1995 by Richard P. Basch. All Rights Reserved. +- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used +- * in advertising or publicity pertaining to distribution of the software +- * without specific, written prior permission. Richard P. Basch, +- * Lehman Brothers and M.I.T. make no representations about the suitability +- * of this software for any purpose. It is provided "as is" without +- * express or implied warranty. +- */ +- +-#include "k5-int.h" +-#include "des_int.h" +- +-int +-mit_des3_key_sched(mit_des3_cblock k, mit_des3_key_schedule schedule) +-{ +- mit_des_make_key_sched(k[0],schedule[0]); +- mit_des_make_key_sched(k[1],schedule[1]); +- mit_des_make_key_sched(k[2],schedule[2]); +- +- if (!mit_des_check_key_parity(k[0])) /* bad parity --> return -1 */ +- return(-1); +- if (mit_des_is_weak_key(k[0])) +- return(-2); +- +- if (!mit_des_check_key_parity(k[1])) +- return(-1); +- if (mit_des_is_weak_key(k[1])) +- return(-2); +- +- if (!mit_des_check_key_parity(k[2])) +- return(-1); +- if (mit_des_is_weak_key(k[2])) +- return(-2); +- +- /* if key was good, return 0 */ +- return 0; +-} +diff --git a/src/lib/crypto/builtin/des/deps b/src/lib/crypto/builtin/des/deps +deleted file mode 100644 +index a1db1f36e..000000000 +--- a/src/lib/crypto/builtin/des/deps ++++ /dev/null +@@ -1,150 +0,0 @@ +-# +-# Generated makefile dependencies follow. +-# +-d3_aead.so d3_aead.po $(OUTPRE)d3_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ +- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ +- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ +- $(srcdir)/../aes/aes.h $(srcdir)/../aes/brg_types.h \ +- $(srcdir)/../crypto_mod.h $(srcdir)/../sha2/sha2.h \ +- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ +- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ +- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ +- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ +- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ +- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ +- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ +- d3_aead.c des_int.h f_tables.h +-d3_kysched.so d3_kysched.po $(OUTPRE)d3_kysched.$(OBJEXT): \ +- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ +- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ +- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ +- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ +- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ +- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ +- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ +- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ +- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ +- d3_kysched.c des_int.h +-des_keys.so des_keys.po $(OUTPRE)des_keys.$(OBJEXT): \ +- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ +- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ +- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../aes/aes.h \ +- $(srcdir)/../aes/brg_types.h $(srcdir)/../crypto_mod.h \ +- $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ +- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ +- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ +- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ +- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ +- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ +- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ +- $(top_srcdir)/include/socket-utils.h des_int.h des_keys.c +-f_aead.so f_aead.po $(OUTPRE)f_aead.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ +- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ +- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ +- $(srcdir)/../aes/aes.h $(srcdir)/../aes/brg_types.h \ +- $(srcdir)/../crypto_mod.h $(srcdir)/../sha2/sha2.h \ +- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ +- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ +- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ +- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ +- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ +- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ +- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ +- des_int.h f_aead.c f_tables.h +-f_cksum.so f_cksum.po $(OUTPRE)f_cksum.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ +- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ +- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ +- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ +- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ +- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ +- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ +- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ +- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ +- $(top_srcdir)/include/socket-utils.h des_int.h f_cksum.c \ +- f_tables.h +-f_parity.so f_parity.po $(OUTPRE)f_parity.$(OBJEXT): \ +- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ +- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ +- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ +- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ +- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ +- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ +- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ +- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ +- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ +- des_int.h f_parity.c +-f_sched.so f_sched.po $(OUTPRE)f_sched.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ +- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ +- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ +- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ +- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ +- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ +- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ +- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ +- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ +- $(top_srcdir)/include/socket-utils.h des_int.h f_sched.c +-f_tables.so f_tables.po $(OUTPRE)f_tables.$(OBJEXT): \ +- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ +- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ +- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ +- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ +- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ +- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ +- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ +- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ +- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ +- des_int.h f_tables.c f_tables.h +-key_sched.so key_sched.po $(OUTPRE)key_sched.$(OBJEXT): \ +- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ +- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ +- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ +- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ +- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ +- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ +- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ +- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ +- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ +- des_int.h key_sched.c +-weak_key.so weak_key.po $(OUTPRE)weak_key.$(OBJEXT): \ +- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ +- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ +- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ +- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ +- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ +- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ +- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ +- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ +- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ +- des_int.h weak_key.c +-destest.so destest.po $(OUTPRE)destest.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ +- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ +- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ +- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ +- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ +- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ +- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ +- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ +- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ +- $(top_srcdir)/include/socket-utils.h des_int.h destest.c +-f_cbc.so f_cbc.po $(OUTPRE)f_cbc.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ +- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ +- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h \ +- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ +- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ +- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ +- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ +- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ +- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ +- $(top_srcdir)/include/socket-utils.h des_int.h f_cbc.c \ +- f_tables.h +-t_verify.so t_verify.po $(OUTPRE)t_verify.$(OBJEXT): \ +- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ +- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ +- $(COM_ERR_DEPS) $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ +- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ +- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ +- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ +- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ +- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ +- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ +- des_int.h t_verify.c +diff --git a/src/lib/crypto/builtin/des/des_int.h b/src/lib/crypto/builtin/des/des_int.h +deleted file mode 100644 +index f8dc6b296..000000000 +--- a/src/lib/crypto/builtin/des/des_int.h ++++ /dev/null +@@ -1,285 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* lib/crypto/builtin/des/des_int.h */ +-/* +- * Copyright 1987, 1988, 1990, 2002 by the Massachusetts Institute of +- * Technology. All Rights Reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of M.I.T. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. Furthermore if you modify this software you must label +- * your software as modified software and not distribute it in such a +- * fashion that it might be confused with the original M.I.T. software. +- * M.I.T. makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- */ +-/* +- * Copyright (C) 1998 by the FundsXpress, INC. +- * +- * All rights reserved. +- * +- * Export of this software from the United States of America may require +- * a specific license from the United States Government. It is the +- * responsibility of any person or organization contemplating export to +- * obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of FundsXpress. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. FundsXpress makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- * +- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR +- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED +- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. +- */ +- +-/* Private include file for the Data Encryption Standard library. */ +- +-/* only do the whole thing once */ +-#ifndef DES_INTERNAL_DEFS +-#define DES_INTERNAL_DEFS +- +-#include "k5-int.h" +-/* +- * Begin "mit-des.h" +- */ +-#ifndef KRB5_MIT_DES__ +-#define KRB5_MIT_DES__ +- +-#if defined(__MACH__) && defined(__APPLE__) +-#include +-#include +-#if TARGET_RT_MAC_CFM +-#error "Use KfM 4.0 SDK headers for CFM compilation." +-#endif +-#if defined(DEPRECATED_IN_MAC_OS_X_VERSION_10_5) && !defined(KRB5_SUPRESS_DEPRECATED_WARNINGS) +-#define KRB5INT_DES_DEPRECATED DEPRECATED_IN_MAC_OS_X_VERSION_10_5 +-#endif +-#endif /* defined(__MACH__) && defined(__APPLE__) */ +- +-/* Macro to add deprecated attribute to DES types and functions */ +-/* Currently only defined on macOS 10.5 and later. */ +-#ifndef KRB5INT_DES_DEPRECATED +-#define KRB5INT_DES_DEPRECATED +-#endif +- +-#include +- +-#if UINT_MAX >= 0xFFFFFFFFUL +-#define DES_INT32 int +-#define DES_UINT32 unsigned int +-#else +-#define DES_INT32 long +-#define DES_UINT32 unsigned long +-#endif +- +-typedef unsigned char des_cblock[8] /* crypto-block size */ +-KRB5INT_DES_DEPRECATED; +- +-/* +- * Key schedule. +- * +- * This used to be +- * +- * typedef struct des_ks_struct { +- * union { DES_INT32 pad; des_cblock _;} __; +- * } des_key_schedule[16]; +- * +- * but it would cause trouble if DES_INT32 were ever more than 4 +- * bytes. The reason is that all the encryption functions cast it to +- * (DES_INT32 *), and treat it as if it were DES_INT32[32]. If +- * 2*sizeof(DES_INT32) is ever more than sizeof(des_cblock), the +- * caller-allocated des_key_schedule will be overflowed by the key +- * scheduling functions. We can't assume that every platform will +- * have an exact 32-bit int, and nothing should be looking inside a +- * des_key_schedule anyway. +- */ +-typedef struct des_ks_struct { DES_INT32 _[2]; } des_key_schedule[16] +-KRB5INT_DES_DEPRECATED; +- +-typedef des_cblock mit_des_cblock; +-typedef des_key_schedule mit_des_key_schedule; +- +-/* Triple-DES structures */ +-typedef mit_des_cblock mit_des3_cblock[3]; +-typedef mit_des_key_schedule mit_des3_key_schedule[3]; +- +-#define MIT_DES_ENCRYPT 1 +-#define MIT_DES_DECRYPT 0 +- +-typedef struct mit_des_ran_key_seed { +- krb5_encrypt_block eblock; +- krb5_data sequence; +-} mit_des_random_state; +- +-/* the first byte of the key is already in the keyblock */ +- +-#define MIT_DES_BLOCK_LENGTH (8*sizeof(krb5_octet)) +-/* This used to be 8*sizeof(krb5_octet) */ +-#define MIT_DES_KEYSIZE 8 +- +-#define MIT_DES_CBC_CKSUM_LENGTH (4*sizeof(krb5_octet)) +- +-#endif /* KRB5_MIT_DES__ */ +-/* +- * End "mit-des.h" +- */ +- +-/* afsstring2key.c */ +-krb5_error_code mit_afs_string_to_key(krb5_keyblock *keyblock, +- const krb5_data *data, +- const krb5_data *salt); +-char *mit_afs_crypt(const char *pw, const char *salt, char *iobuf); +- +-/* f_cksum.c */ +-unsigned long mit_des_cbc_cksum(const krb5_octet *, krb5_octet *, +- unsigned long, const mit_des_key_schedule, +- const krb5_octet *); +- +-/* f_cbc.c (used by test programs) */ +-int +-mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, +- unsigned long length, const mit_des_key_schedule schedule, +- const mit_des_cblock ivec, int enc); +- +-#define mit_des_zeroblock krb5int_c_mit_des_zeroblock +-extern const mit_des_cblock mit_des_zeroblock; +- +-/* fin_rndkey.c */ +-krb5_error_code mit_des_finish_random_key(const krb5_encrypt_block *, +- krb5_pointer *); +- +-/* finish_key.c */ +-krb5_error_code mit_des_finish_key(krb5_encrypt_block *); +- +-/* init_rkey.c */ +-krb5_error_code mit_des_init_random_key(const krb5_encrypt_block *, +- const krb5_keyblock *, +- krb5_pointer *); +- +-/* key_parity.c */ +-void mit_des_fixup_key_parity(mit_des_cblock); +-int mit_des_check_key_parity(mit_des_cblock); +- +-/* key_sched.c */ +-int mit_des_key_sched(mit_des_cblock, mit_des_key_schedule); +- +-/* process_ky.c */ +-krb5_error_code mit_des_process_key(krb5_encrypt_block *, +- const krb5_keyblock *); +- +-/* random_key.c */ +-krb5_error_code mit_des_random_key(const krb5_encrypt_block *, +- krb5_pointer, krb5_keyblock **); +- +-/* string2key.c */ +-krb5_error_code mit_des_string_to_key(const krb5_encrypt_block *, +- krb5_keyblock *, const krb5_data *, +- const krb5_data *); +-krb5_error_code mit_des_string_to_key_int(krb5_keyblock *, const krb5_data *, +- const krb5_data *); +- +-/* weak_key.c */ +-int mit_des_is_weak_key(mit_des_cblock); +- +-/* cmb_keys.c */ +-krb5_error_code mit_des_combine_subkeys(const krb5_keyblock *, +- const krb5_keyblock *, +- krb5_keyblock **); +- +-/* f_pcbc.c */ +-int mit_des_pcbc_encrypt(); +- +-/* f_sched.c */ +-int mit_des_make_key_sched(mit_des_cblock, mit_des_key_schedule); +- +- +-/* misc.c */ +-extern void swap_bits(char *); +-extern unsigned long long_swap_bits(unsigned long); +-extern unsigned long swap_six_bits_to_ansi(unsigned long); +-extern unsigned long swap_four_bits_to_ansi(unsigned long); +-extern unsigned long swap_bit_pos_1(unsigned long); +-extern unsigned long swap_bit_pos_0(unsigned long); +-extern unsigned long swap_bit_pos_0_to_ansi(unsigned long); +-extern unsigned long rev_swap_bit_pos_0(unsigned long); +-extern unsigned long swap_byte_bits(unsigned long); +-extern unsigned long swap_long_bytes_bit_number(unsigned long); +-#ifdef FILE +-/* XXX depends on FILE being a #define! */ +-extern void test_set(FILE *, const char *, int, const char *, int); +-#endif +- +-void +-krb5int_des3_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data, +- const mit_des_key_schedule ks1, +- const mit_des_key_schedule ks2, +- const mit_des_key_schedule ks3, +- mit_des_cblock ivec); +- +-void +-krb5int_des3_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data, +- const mit_des_key_schedule ks1, +- const mit_des_key_schedule ks2, +- const mit_des_key_schedule ks3, +- mit_des_cblock ivec); +- +-void +-krb5int_des_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data, +- const mit_des_key_schedule schedule, +- mit_des_cblock ivec); +- +-void +-krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data, +- const mit_des_key_schedule schedule, +- mit_des_cblock ivec); +- +-void +-krb5int_des_cbc_mac(const krb5_crypto_iov *data, unsigned long num_data, +- const mit_des_key_schedule schedule, mit_des_cblock ivec, +- mit_des_cblock out); +- +-/* d3_procky.c */ +-krb5_error_code mit_des3_process_key(krb5_encrypt_block *eblock, +- const krb5_keyblock *keyblock); +- +-/* d3_kysched.c */ +-int mit_des3_key_sched(mit_des3_cblock key, mit_des3_key_schedule schedule); +- +-/* d3_str2ky.c */ +-krb5_error_code mit_des3_string_to_key(const krb5_encrypt_block *eblock, +- krb5_keyblock *keyblock, +- const krb5_data *data, +- const krb5_data *salt); +- +-/* u_nfold.c */ +-krb5_error_code mit_des_n_fold(const krb5_octet *input, const size_t in_len, +- krb5_octet *output, const size_t out_len); +- +-/* u_rn_key.c */ +-int mit_des_is_weak_keyblock(krb5_keyblock *keyblock); +- +-void mit_des_fixup_keyblock_parity(krb5_keyblock *keyblock); +- +-krb5_error_code mit_des_set_random_generator_seed(const krb5_data *seed, +- krb5_pointer random_state); +- +-krb5_error_code mit_des_set_random_sequence_number(const krb5_data *sequence, +- krb5_pointer random_state); +-#endif /*DES_INTERNAL_DEFS*/ +diff --git a/src/lib/crypto/builtin/des/des_keys.c b/src/lib/crypto/builtin/des/des_keys.c +deleted file mode 100644 +index 32b119aad..000000000 +--- a/src/lib/crypto/builtin/des/des_keys.c ++++ /dev/null +@@ -1,40 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* lib/crypto/builtin/des/des_keys.c - Key functions used by Kerberos code */ +-/* +- * Copyright (C) 2011 by the Massachusetts Institute of Technology. +- * All rights reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of M.I.T. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. Furthermore if you modify this software you must label +- * your software as modified software and not distribute it in such a +- * fashion that it might be confused with the original M.I.T. software. +- * M.I.T. makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- */ +- +-#include "crypto_int.h" +-#include "des_int.h" +- +-void +-k5_des_fixup_key_parity(unsigned char *keybits) +-{ +- mit_des_fixup_key_parity(keybits); +-} +- +-krb5_boolean +-k5_des_is_weak_key(unsigned char *keybits) +-{ +- return mit_des_is_weak_key(keybits); +-} +diff --git a/src/lib/crypto/builtin/des/destest.c b/src/lib/crypto/builtin/des/destest.c +deleted file mode 100644 +index 52114304e..000000000 +--- a/src/lib/crypto/builtin/des/destest.c ++++ /dev/null +@@ -1,240 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* lib/crypto/builtin/des/destest.c */ +-/* +- * Copyright 1990,1991 by the Massachusetts Institute of Technology. +- * All Rights Reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of M.I.T. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. Furthermore if you modify this software you must label +- * your software as modified software and not distribute it in such a +- * fashion that it might be confused with the original M.I.T. software. +- * M.I.T. makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- */ +-/* +- * Copyright (C) 1998 by the FundsXpress, INC. +- * +- * All rights reserved. +- * +- * Export of this software from the United States of America may require +- * a specific license from the United States Government. It is the +- * responsibility of any person or organization contemplating export to +- * obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of FundsXpress. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. FundsXpress makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- * +- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR +- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED +- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. +- */ +- +-/* Test a DES implementation against known inputs & outputs. */ +- +-#include "des_int.h" +-#include +-#include +- +-void convert (char *, unsigned char []); +- +-void des_cblock_print_file (mit_des_cblock, FILE *); +- +-krb5_octet zeroblock[8] = {0,0,0,0,0,0,0,0}; +- +-int +-main(argc, argv) +- int argc; +- char *argv[]; +-{ +- char block1[17], block2[17], block3[17]; +- /* Force tests of unaligned accesses. */ +- union { unsigned char c[8*4+3]; long l; } u; +- unsigned char *ioblocks = u.c; +- unsigned char *input = ioblocks+1; +- unsigned char *output = ioblocks+10; +- unsigned char *output2 = ioblocks+19; +- unsigned char *key = ioblocks+27; +- mit_des_key_schedule sched; +- int num = 0; +- int retval; +- +- int error = 0; +- +- while (scanf("%16s %16s %16s", block1, block2, block3) == 3) { +- convert(block1, key); +- convert(block2, input); +- convert(block3, output); +- +- retval = mit_des_key_sched(key, sched); +- if (retval) { +- fprintf(stderr, "des test: can't process key: %d\n", retval); +- fprintf(stderr, "des test: %s %s %s\n", block1, block2, block3); +- exit(1); +- } +- mit_des_cbc_encrypt((const mit_des_cblock *) input, +- (mit_des_cblock *) output2, 8, +- sched, zeroblock, 1); +- +- if (memcmp((char *)output2, (char *)output, 8)) { +- fprintf(stderr, +- "DES ENCRYPT ERROR, key %s, text %s, real cipher %s, computed cyphertext %02X%02X%02X%02X%02X%02X%02X%02X\n", +- block1, block2, block3, +- output2[0],output2[1],output2[2],output2[3], +- output2[4],output2[5],output2[6],output2[7]); +- error++; +- } +- +- /* +- * Now try decrypting.... +- */ +- mit_des_cbc_encrypt((const mit_des_cblock *) output, +- (mit_des_cblock *) output2, 8, +- sched, zeroblock, 0); +- +- if (memcmp((char *)output2, (char *)input, 8)) { +- fprintf(stderr, +- "DES DECRYPT ERROR, key %s, text %s, real cipher %s, computed cleartext %02X%02X%02X%02X%02X%02X%02X%02X\n", +- block1, block2, block3, +- output2[0],output2[1],output2[2],output2[3], +- output2[4],output2[5],output2[6],output2[7]); +- error++; +- } +- +- num++; +- } +- +- if (error) +- printf("destest: failed to pass the test\n"); +- else +- printf("destest: %d tests passed successfully\n", num); +- +- exit( (error > 256 && error % 256) ? 1 : error); +-} +- +-int value[128] = { +- -1, -1, -1, -1, -1, -1, -1, -1, +- -1, -1, -1, -1, -1, -1, -1, -1, +- -1, -1, -1, -1, -1, -1, -1, -1, +- -1, -1, -1, -1, -1, -1, -1, -1, +- -1, -1, -1, -1, -1, -1, -1, -1, +- -1, -1, -1, -1, -1, -1, -1, -1, +- 0, 1, 2, 3, 4, 5, 6, 7, +- 8, 9, -1, -1, -1, -1, -1, -1, +- -1, 10, 11, 12, 13, 14, 15, -1, +- -1, -1, -1, -1, -1, -1, -1, -1, +- -1, -1, -1, -1, -1, -1, -1, -1, +- -1, -1, -1, -1, -1, -1, -1, -1, +- -1, -1, -1, -1, -1, -1, -1, -1, +- -1, -1, -1, -1, -1, -1, -1, -1, +- -1, -1, -1, -1, -1, -1, -1, -1, +- -1, -1, -1, -1, -1, -1, -1, -1, +-}; +- +-void +-convert(text, cblock) +- char *text; +- unsigned char cblock[]; +-{ +- int i; +- for (i = 0; i < 8; i++) { +- if (!isascii((unsigned char)text[i * 2])) +- abort (); +- if (value[(int) text[i*2]] == -1 || value[(int) text[i*2+1]] == -1) { +- printf("Bad value byte %d in %s\n", i, text); +- exit(1); +- } +- cblock[i] = 16*value[(int) text[i*2]] + value[(int) text[i*2+1]]; +- } +- return; +-} +- +-/* +- * Fake out the DES library, for the purposes of testing. +- */ +- +-int +-mit_des_is_weak_key(key) +- mit_des_cblock key; +-{ +- return 0; /* fake it out for testing */ +-} +- +-void +-des_cblock_print_file(x, fp) +- mit_des_cblock x; +- FILE *fp; +-{ +- unsigned char *y = (unsigned char *) x; +- int i = 0; +- fprintf(fp," 0x { "); +- +- while (i++ < 8) { +- fprintf(fp,"%x",*y++); +- if (i < 8) +- fprintf(fp,", "); +- } +- fprintf(fp," }"); +-} +- +- +-#define smask(step) ((1<>step)&smask(step))) +-#define parity_char(x) pstep(pstep(pstep((x),4),2),1) +- +-/* +- * des_check_key_parity: returns true iff key has the correct des parity. +- * See des_fix_key_parity for the definition of +- * correct des parity. +- */ +-int +-mit_des_check_key_parity(key) +- mit_des_cblock key; +-{ +- unsigned int i; +- +- for (i=0; i decrypt, else encrypt */ +- Key_schedule schedule; /* addr of key schedule */ +- +-This is the low level routine that encrypts or decrypts a single 8-byte +-block in electronic code book mode. Always transforms the input +-data into the output data. +- +-If encrypt is non-zero, the input (cleartext) is encrypted into the +-output (ciphertext) using the specified key_schedule, pre-set via "des_set_key". +- +-If encrypt is zero, the input (now ciphertext) is decrypted into +-the output (now cleartext). +- +-Input and output may be the same space. +- +-Does not return any meaningful value. Void is not used for compatibility +-with other compilers. +- +-/* -------------------------------------------------------------- */ +- +-int +- cbc_encrypt(input,output,length,schedule,ivec,encrypt) +- +- C_Block *input; /* ptr to input data */ +- C_Block *output; /* ptr to output data */ +- int length; /* desired length, in bytes */ +- Key_schedule schedule; /* addr of precomputed schedule */ +- C_Block *ivec; /* pointer to 8 byte initialization +- * vector +- */ +- int encrypt /* 0 ==> decrypt; else encrypt*/ +- +- +- If encrypt is non-zero, the routine cipher-block-chain encrypts +- the INPUT (cleartext) into the OUTPUT (ciphertext) using the provided +- key schedule and initialization vector. If the length is not an integral +- multiple of eight bytes, the last block is copied to a temp and zero +- filled (highest addresses). The output is ALWAYS an integral multiple +- of eight bytes. +- +- If encrypt is zero, the routine cipher-block chain decrypts the INPUT +- (ciphertext) into the OUTPUT (cleartext) using the provided key schedule +- and initialization vector. Decryption ALWAYS operates on integral +- multiples of 8 bytes, so will round the length provided up to the +- appropriate multiple. Consequently, it will always produce the rounded-up +- number of bytes of output cleartext. The application must determine if +- the output cleartext was zero-padded due to cleartext lengths not integral +- multiples of 8. +- +- No errors or meaningful value are returned. Void is not used for +- compatibility with other compilers. +- +- +-/* cbc checksum (MAC) only routine ---------------------------------------- */ +-int +- cbc_cksum(input,output,length,schedule,ivec) +- +- C_Block *input; /* >= length bytes of inputtext */ +- C_Block *output; /* >= length bytes of outputtext */ +- int length; /* in bytes */ +- Key_schedule schedule; /* precomputed key schedule */ +- C_Block *ivec; /* 8 bytes of ivec */ +- +- +- Produces a cryptographic checksum, 8 bytes, by cipher-block-chain +- encrypting the input, discarding the ciphertext output, and only retaining +- the last ciphertext 8-byte block. Uses the provided key schedule and ivec. +- The input is effectively zero-padded to an integral multiple of +- eight bytes, though the original input is not modified. +- +- No meaningful value is returned. Void is not used for compatibility +- with other compilers. +- +- +-/* random_key ----------------------------------------*/ +-int +- random_key(key) +- +- C_Block *key; +- +- The start for the random number generated is set from the current time +- in microseconds, then the random number generator is invoked +- to create an eight byte output key (not a schedule). The key +- generated is set to odd parity per FIPS spec. +- +- The caller must supply space for the output key, pointed to +- by "*key", then after getting a new key, call the des_set_key() +- routine when needed. +- +- No meaningful value is returned. Void is not used for compatibility +- with other compilers. +- +- +-/* string_to_key --------------------------------------------*/ +- +-int +- string_to_key(str,key) +- char *str; +- C_Block *key; +- +- This routines converts an arbitrary length, null terminated string +- to an 8 byte DES key, with each byte parity set to odd, per FIPS spec. +- +- The algorithm is as follows: +- +-| Take the first 8 bytes and remove the parity (leaving 56 bits). +-| Do the same for the second 8 bytes, and the third, etc. Do this for +-| as many sets of 8 bytes as necessary, filling in the remainder of the +-| last set with nulls. Fold the second set back on the first (i.e. bit +-| 0 over bit 55, and bit 55 over bit 0). Fold the third over the second +-| (bit 0 of the third set is now over bit 0 of the first set). Repeat +-| until you have done this to all sets. Xor the folded sets. Break the +-| result into 8 7 bit bytes, and generate odd parity for each byte. You +-| now have 64 bits. Note that DES takes a 64 bit key, and uses only the +-| non parity bits. +- +- +-/* read_password -------------------------------------------*/ +- +-read_password(k,prompt,verify) +- C_Block *k; +- char *prompt; +- int verify; +- +-This routine issues the supplied prompt, turns off echo, if possible, and +-reads an input string. If verify is non-zero, it does it again, for use +-in applications such as changing a password. If verify is non-zero, both +-versions are compared, and the input is requested repeatedly until they +-match. Then, the input string is mapped into a valid DES key, internally +-using the string_to_key routine. The newly created key is copied to the +-area pointed to by parameter "k". +- +-No meaningful value is returned. If an error occurs trying to manipulate +-the terminal echo, the routine forces the process to exit. +- +-/* get_line ------------------------*/ +-long get_line(p,max) +- char *p; +- long max; +- +-Reads input characters from standard input until either a newline appears or +-else the max length is reached. The characters read are stuffed into +-the string pointed to, which will always be null terminated. The newline +-is not inserted in the string. The max parameter includes the byte needed +-for the null terminator, so allocate and pass one more than the maximum +-string length desired. +diff --git a/src/lib/crypto/builtin/des/f_aead.c b/src/lib/crypto/builtin/des/f_aead.c +deleted file mode 100644 +index 71b8dff4d..000000000 +--- a/src/lib/crypto/builtin/des/f_aead.c ++++ /dev/null +@@ -1,173 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* +- * Copyright (C) 2008 by the Massachusetts Institute of Technology. +- * Copyright 1995 by Richard P. Basch. All Rights Reserved. +- * Copyright 1995 by Lehman Brothers, Inc. All Rights Reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of Richard P. Basch, Lehman Brothers and M.I.T. not be used +- * in advertising or publicity pertaining to distribution of the software +- * without specific, written prior permission. Richard P. Basch, +- * Lehman Brothers and M.I.T. make no representations about the suitability +- * of this software for any purpose. It is provided "as is" without +- * express or implied warranty. +- */ +- +-#include "crypto_int.h" +-#include "des_int.h" +-#include "f_tables.h" +- +-const mit_des_cblock mit_des_zeroblock /* = all zero */; +- +-void +-krb5int_des_cbc_encrypt(krb5_crypto_iov *data, unsigned long num_data, +- const mit_des_key_schedule schedule, +- mit_des_cblock ivec) +-{ +- unsigned DES_INT32 left, right; +- const unsigned DES_INT32 *kp; +- const unsigned char *ip; +- struct iov_cursor cursor; +- unsigned char block[MIT_DES_BLOCK_LENGTH]; +- +- /* Get key pointer here. This won't need to be reinitialized. */ +- kp = (const unsigned DES_INT32 *)schedule; +- +- /* Initialize left and right with the contents of the initial vector. */ +- ip = (ivec != NULL) ? ivec : mit_des_zeroblock; +- left = load_32_be(ip); +- right = load_32_be(ip + 4); +- +- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE); +- while (k5_iov_cursor_get(&cursor, block)) { +- /* Decompose this block and xor it with the previous ciphertext. */ +- left ^= load_32_be(block); +- right ^= load_32_be(block + 4); +- +- /* Encrypt what we have and put back into block. */ +- DES_DO_ENCRYPT(left, right, kp); +- store_32_be(left, block); +- store_32_be(right, block + 4); +- +- k5_iov_cursor_put(&cursor, block); +- } +- +- if (ivec != NULL) { +- store_32_be(left, ivec); +- store_32_be(right, ivec + 4); +- } +-} +- +-void +-krb5int_des_cbc_decrypt(krb5_crypto_iov *data, unsigned long num_data, +- const mit_des_key_schedule schedule, +- mit_des_cblock ivec) +-{ +- unsigned DES_INT32 left, right; +- const unsigned DES_INT32 *kp; +- const unsigned char *ip; +- unsigned DES_INT32 ocipherl, ocipherr; +- unsigned DES_INT32 cipherl, cipherr; +- struct iov_cursor cursor; +- unsigned char block[MIT_DES_BLOCK_LENGTH]; +- +- /* Get key pointer here. This won't need to be reinitialized. */ +- kp = (const unsigned DES_INT32 *)schedule; +- +- /* +- * Decrypting is harder than encrypting because of +- * the necessity of remembering a lot more things. +- * Should think about this a little more... +- */ +- +- /* Prime the old cipher with ivec. */ +- ip = (ivec != NULL) ? ivec : mit_des_zeroblock; +- ocipherl = load_32_be(ip); +- ocipherr = load_32_be(ip + 4); +- +- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, FALSE); +- while (k5_iov_cursor_get(&cursor, block)) { +- /* Split this block into left and right. */ +- cipherl = left = load_32_be(block); +- cipherr = right = load_32_be(block + 4); +- +- /* Decrypt and xor with the old cipher to get plain text. */ +- DES_DO_DECRYPT(left, right, kp); +- left ^= ocipherl; +- right ^= ocipherr; +- +- /* Store the encrypted halves back into block. */ +- store_32_be(left, block); +- store_32_be(right, block + 4); +- +- /* Save current cipher block halves. */ +- ocipherl = cipherl; +- ocipherr = cipherr; +- +- k5_iov_cursor_put(&cursor, block); +- } +- +- if (ivec != NULL) { +- store_32_be(ocipherl, ivec); +- store_32_be(ocipherr, ivec + 4); +- } +-} +- +-void +-krb5int_des_cbc_mac(const krb5_crypto_iov *data, unsigned long num_data, +- const mit_des_key_schedule schedule, mit_des_cblock ivec, +- mit_des_cblock out) +-{ +- unsigned DES_INT32 left, right; +- const unsigned DES_INT32 *kp; +- const unsigned char *ip; +- struct iov_cursor cursor; +- unsigned char block[MIT_DES_BLOCK_LENGTH]; +- +- /* Get key pointer here. This won't need to be reinitialized. */ +- kp = (const unsigned DES_INT32 *)schedule; +- +- /* Initialize left and right with the contents of the initial vector. */ +- ip = (ivec != NULL) ? ivec : mit_des_zeroblock; +- left = load_32_be(ip); +- right = load_32_be(ip + 4); +- +- k5_iov_cursor_init(&cursor, data, num_data, MIT_DES_BLOCK_LENGTH, TRUE); +- while (k5_iov_cursor_get(&cursor, block)) { +- /* Decompose this block and xor it with the previous ciphertext. */ +- left ^= load_32_be(block); +- right ^= load_32_be(block + 4); +- +- /* Encrypt what we have. */ +- DES_DO_ENCRYPT(left, right, kp); +- } +- +- /* Output the final ciphertext block. */ +- store_32_be(left, out); +- store_32_be(right, out + 4); +-} +- +-#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO) +-void krb5int_des_do_encrypt_2 (unsigned DES_INT32 *left, +- unsigned DES_INT32 *right, +- const unsigned DES_INT32 *kp) +-{ +- DES_DO_ENCRYPT_1 (*left, *right, kp); +-} +- +-void krb5int_des_do_decrypt_2 (unsigned DES_INT32 *left, +- unsigned DES_INT32 *right, +- const unsigned DES_INT32 *kp) +-{ +- DES_DO_DECRYPT_1 (*left, *right, kp); +-} +-#endif +diff --git a/src/lib/crypto/builtin/des/f_cbc.c b/src/lib/crypto/builtin/des/f_cbc.c +deleted file mode 100644 +index 84d5382f2..000000000 +--- a/src/lib/crypto/builtin/des/f_cbc.c ++++ /dev/null +@@ -1,256 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* lib/crypto/builtin/des/f_cbc.c */ +-/* +- * Copyright (C) 1990 by the Massachusetts Institute of Technology. +- * All rights reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of M.I.T. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. Furthermore if you modify this software you must label +- * your software as modified software and not distribute it in such a +- * fashion that it might be confused with the original M.I.T. software. +- * M.I.T. makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- */ +- +-/* +- * CBC functions; used only by the test programs at this time. (krb5 uses the +- * functions in f_aead.c instead.) +- */ +- +-/* +- * des_cbc_encrypt.c - an implementation of the DES cipher function in cbc mode +- */ +-#include "des_int.h" +-#include "f_tables.h" +- +-/* +- * des_cbc_encrypt - {en,de}crypt a stream in CBC mode +- */ +- +-/* +- * This routine performs DES cipher-block-chaining operation, either +- * encrypting from cleartext to ciphertext, if encrypt != 0 or +- * decrypting from ciphertext to cleartext, if encrypt == 0. +- * +- * The key schedule is passed as an arg, as well as the cleartext or +- * ciphertext. The cleartext and ciphertext should be in host order. +- * +- * NOTE-- the output is ALWAYS an multiple of 8 bytes long. If not +- * enough space was provided, your program will get trashed. +- * +- * For encryption, the cleartext string is null padded, at the end, to +- * an integral multiple of eight bytes. +- * +- * For decryption, the ciphertext will be used in integral multiples +- * of 8 bytes, but only the first "length" bytes returned into the +- * cleartext. +- */ +- +-const mit_des_cblock mit_des_zeroblock /* = all zero */; +- +-static void +-des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, +- unsigned long length, const mit_des_key_schedule schedule, +- const mit_des_cblock ivec) +-{ +- unsigned DES_INT32 left, right; +- const unsigned DES_INT32 *kp; +- const unsigned char *ip; +- unsigned char *op; +- +- /* +- * Get key pointer here. This won't need to be reinitialized +- */ +- kp = (const unsigned DES_INT32 *)schedule; +- +- /* +- * Initialize left and right with the contents of the initial +- * vector. +- */ +- ip = ivec; +- GET_HALF_BLOCK(left, ip); +- GET_HALF_BLOCK(right, ip); +- +- /* +- * Suitably initialized, now work the length down 8 bytes +- * at a time. +- */ +- ip = *in; +- op = *out; +- while (length > 0) { +- /* +- * Get more input, xor it in. If the length is +- * greater than or equal to 8 this is straight +- * forward. Otherwise we have to fart around. +- */ +- if (length >= 8) { +- unsigned DES_INT32 temp; +- GET_HALF_BLOCK(temp, ip); +- left ^= temp; +- GET_HALF_BLOCK(temp, ip); +- right ^= temp; +- length -= 8; +- } else { +- /* +- * Oh, shoot. We need to pad the +- * end with zeroes. Work backwards +- * to do this. +- */ +- ip += (int) length; +- switch(length) { +- case 7: +- right ^= (*(--ip) & FF_UINT32) << 8; +- case 6: +- right ^= (*(--ip) & FF_UINT32) << 16; +- case 5: +- right ^= (*(--ip) & FF_UINT32) << 24; +- case 4: +- left ^= *(--ip) & FF_UINT32; +- case 3: +- left ^= (*(--ip) & FF_UINT32) << 8; +- case 2: +- left ^= (*(--ip) & FF_UINT32) << 16; +- case 1: +- left ^= (*(--ip) & FF_UINT32) << 24; +- break; +- } +- length = 0; +- } +- +- /* +- * Encrypt what we have +- */ +- DES_DO_ENCRYPT(left, right, kp); +- +- /* +- * Copy the results out +- */ +- PUT_HALF_BLOCK(left, op); +- PUT_HALF_BLOCK(right, op); +- } +-} +- +-static void +-des_cbc_decrypt(const mit_des_cblock *in, mit_des_cblock *out, +- unsigned long length, const mit_des_key_schedule schedule, +- const mit_des_cblock ivec) +-{ +- unsigned DES_INT32 left, right; +- const unsigned DES_INT32 *kp; +- const unsigned char *ip; +- unsigned char *op; +- unsigned DES_INT32 ocipherl, ocipherr; +- unsigned DES_INT32 cipherl, cipherr; +- +- /* +- * Get key pointer here. This won't need to be reinitialized +- */ +- kp = (const unsigned DES_INT32 *)schedule; +- +- /* +- * Decrypting is harder than encrypting because of +- * the necessity of remembering a lot more things. +- * Should think about this a little more... +- */ +- +- if (length <= 0) +- return; +- +- /* +- * Prime the old cipher with ivec. +- */ +- ip = ivec; +- GET_HALF_BLOCK(ocipherl, ip); +- GET_HALF_BLOCK(ocipherr, ip); +- +- /* +- * Now do this in earnest until we run out of length. +- */ +- ip = *in; +- op = *out; +- for (;;) { /* check done inside loop */ +- /* +- * Read a block from the input into left and +- * right. Save this cipher block for later. +- */ +- GET_HALF_BLOCK(left, ip); +- GET_HALF_BLOCK(right, ip); +- cipherl = left; +- cipherr = right; +- +- /* +- * Decrypt this. +- */ +- DES_DO_DECRYPT(left, right, kp); +- +- /* +- * Xor with the old cipher to get plain +- * text. Output 8 or less bytes of this. +- */ +- left ^= ocipherl; +- right ^= ocipherr; +- if (length > 8) { +- length -= 8; +- PUT_HALF_BLOCK(left, op); +- PUT_HALF_BLOCK(right, op); +- /* +- * Save current cipher block here +- */ +- ocipherl = cipherl; +- ocipherr = cipherr; +- } else { +- /* +- * Trouble here. Start at end of output, +- * work backwards. +- */ +- op += (int) length; +- switch(length) { +- case 8: +- *(--op) = (unsigned char) (right & 0xff); +- case 7: +- *(--op) = (unsigned char) ((right >> 8) & 0xff); +- case 6: +- *(--op) = (unsigned char) ((right >> 16) & 0xff); +- case 5: +- *(--op) = (unsigned char) ((right >> 24) & 0xff); +- case 4: +- *(--op) = (unsigned char) (left & 0xff); +- case 3: +- *(--op) = (unsigned char) ((left >> 8) & 0xff); +- case 2: +- *(--op) = (unsigned char) ((left >> 16) & 0xff); +- case 1: +- *(--op) = (unsigned char) ((left >> 24) & 0xff); +- break; +- } +- break; /* we're done */ +- } +- } +-} +- +-int +-mit_des_cbc_encrypt(const mit_des_cblock *in, mit_des_cblock *out, +- unsigned long length, const mit_des_key_schedule schedule, +- const mit_des_cblock ivec, int enc) +-{ +- /* +- * Deal with encryption and decryption separately. +- */ +- if (enc) +- des_cbc_encrypt(in, out, length, schedule, ivec); +- else +- des_cbc_decrypt(in, out, length, schedule, ivec); +- return 0; +-} +diff --git a/src/lib/crypto/builtin/des/f_cksum.c b/src/lib/crypto/builtin/des/f_cksum.c +deleted file mode 100644 +index cb482b009..000000000 +--- a/src/lib/crypto/builtin/des/f_cksum.c ++++ /dev/null +@@ -1,136 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* lib/crypto/builtin/des/f_cksum.c */ +-/* +- * Copyright (C) 1990 by the Massachusetts Institute of Technology. +- * All rights reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of M.I.T. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. Furthermore if you modify this software you must label +- * your software as modified software and not distribute it in such a +- * fashion that it might be confused with the original M.I.T. software. +- * M.I.T. makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- */ +- +-/* DES implementation donated by Dennis Ferguson */ +- +-/* +- * des_cbc_cksum.c - compute an 8 byte checksum using DES in CBC mode +- */ +-#include "des_int.h" +-#include "f_tables.h" +- +-/* +- * This routine performs DES cipher-block-chaining checksum operation, +- * a.k.a. Message Authentication Code. It ALWAYS encrypts from input +- * to a single 64 bit output MAC checksum. +- * +- * The key schedule is passed as an arg, as well as the cleartext or +- * ciphertext. The cleartext and ciphertext should be in host order. +- * +- * NOTE-- the output is ALWAYS 8 bytes long. If not enough space was +- * provided, your program will get trashed. +- * +- * The input is null padded, at the end (highest addr), to an integral +- * multiple of eight bytes. +- */ +- +-unsigned long +-mit_des_cbc_cksum(const krb5_octet *in, krb5_octet *out, +- unsigned long length, const mit_des_key_schedule schedule, +- const krb5_octet *ivec) +-{ +- unsigned DES_INT32 left, right; +- const unsigned DES_INT32 *kp; +- const unsigned char *ip; +- unsigned char *op; +- DES_INT32 len; +- +- /* +- * Initialize left and right with the contents of the initial +- * vector. +- */ +- ip = ivec; +- GET_HALF_BLOCK(left, ip); +- GET_HALF_BLOCK(right, ip); +- +- /* +- * Suitably initialized, now work the length down 8 bytes +- * at a time. +- */ +- ip = in; +- len = length; +- while (len > 0) { +- /* +- * Get more input, xor it in. If the length is +- * greater than or equal to 8 this is straight +- * forward. Otherwise we have to fart around. +- */ +- if (len >= 8) { +- unsigned DES_INT32 temp; +- GET_HALF_BLOCK(temp, ip); +- left ^= temp; +- GET_HALF_BLOCK(temp, ip); +- right ^= temp; +- len -= 8; +- } else { +- /* +- * Oh, shoot. We need to pad the +- * end with zeroes. Work backwards +- * to do this. +- */ +- ip += (int) len; +- switch(len) { +- case 7: +- right ^= (*(--ip) & FF_UINT32) << 8; +- case 6: +- right ^= (*(--ip) & FF_UINT32) << 16; +- case 5: +- right ^= (*(--ip) & FF_UINT32) << 24; +- case 4: +- left ^= *(--ip) & FF_UINT32; +- case 3: +- left ^= (*(--ip) & FF_UINT32) << 8; +- case 2: +- left ^= (*(--ip) & FF_UINT32) << 16; +- case 1: +- left ^= (*(--ip) & FF_UINT32) << 24; +- break; +- } +- len = 0; +- } +- +- /* +- * Encrypt what we have +- */ +- kp = (const unsigned DES_INT32 *)schedule; +- DES_DO_ENCRYPT(left, right, kp); +- } +- +- /* +- * Done. Left and right have the checksum. Put it into +- * the output. +- */ +- op = out; +- PUT_HALF_BLOCK(left, op); +- PUT_HALF_BLOCK(right, op); +- +- /* +- * Return right. I'll bet the MIT code returns this +- * inconsistantly (with the low order byte of the checksum +- * not always in the low order byte of the DES_INT32). We won't. +- */ +- return right & 0xFFFFFFFFUL; +-} +diff --git a/src/lib/crypto/builtin/des/f_parity.c b/src/lib/crypto/builtin/des/f_parity.c +deleted file mode 100644 +index 460b5061b..000000000 +--- a/src/lib/crypto/builtin/des/f_parity.c ++++ /dev/null +@@ -1,56 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* +- * These routines check and fix parity of encryption keys for the DES +- * algorithm. +- * +- * They are a replacement for routines in key_parity.c, that don't require +- * the table building that they do. +- * +- * Mark Eichin -- Cygnus Support +- */ +- +- +-#include "des_int.h" +- +-/* +- * des_fixup_key_parity: Forces odd parity per byte; parity is bits +- * 8,16,...64 in des order, implies 0, 8, 16, ... +- * vax order. +- */ +-#define smask(step) ((1<>step)&smask(step))) +-#define parity_char(x) pstep(pstep(pstep((x),4),2),1) +- +-void +-mit_des_fixup_key_parity(mit_des_cblock key) +-{ +- unsigned int i; +- for (i=0; i> 29) & 0x7] +- | (PC1_CL[(tmp >> 21) & 0x7] << 1) +- | (PC1_CL[(tmp >> 13) & 0x7] << 2) +- | (PC1_CL[(tmp >> 5) & 0x7] << 3); +- d = PC1_DL[(tmp >> 25) & 0xf] +- | (PC1_DL[(tmp >> 17) & 0xf] << 1) +- | (PC1_DL[(tmp >> 9) & 0xf] << 2) +- | (PC1_DL[(tmp >> 1) & 0xf] << 3); +- +- tmp = load_32_be(k), k += 4; +- +- c |= PC1_CR[(tmp >> 28) & 0xf] +- | (PC1_CR[(tmp >> 20) & 0xf] << 1) +- | (PC1_CR[(tmp >> 12) & 0xf] << 2) +- | (PC1_CR[(tmp >> 4) & 0xf] << 3); +- d |= PC1_DR[(tmp >> 25) & 0x7] +- | (PC1_DR[(tmp >> 17) & 0x7] << 1) +- | (PC1_DR[(tmp >> 9) & 0x7] << 2) +- | (PC1_DR[(tmp >> 1) & 0x7] << 3); +- } +- +- { +- /* +- * Need several temporaries in here +- */ +- unsigned DES_INT32 ltmp, rtmp; +- unsigned DES_INT32 *k; +- int two_bit_shifts; +- int i; +- /* +- * Now iterate to compute the key schedule. Note that we +- * record the entire set of subkeys in 6 bit chunks since +- * they are used that way. At 6 bits/char, we need +- * 48/6 char's/subkey * 16 subkeys/encryption == 128 bytes. +- * The schedule must be this big. +- */ +- k = (unsigned DES_INT32 *)schedule; +- two_bit_shifts = TWO_BIT_SHIFTS; +- for (i = 16; i > 0; i--) { +- /* +- * Do the rotation. One bit and two bit rotations +- * are done separately. Note C and D are 28 bits. +- */ +- if (two_bit_shifts & 0x1) { +- c = ((c << 2) & 0xffffffc) | (c >> 26); +- d = ((d << 2) & 0xffffffc) | (d >> 26); +- } else { +- c = ((c << 1) & 0xffffffe) | (c >> 27); +- d = ((d << 1) & 0xffffffe) | (d >> 27); +- } +- two_bit_shifts >>= 1; +- +- /* +- * Apply permutted choice 2 to C to get the first +- * 24 bits worth of keys. Note that bits 9, 18, 22 +- * and 25 (using DES numbering) in C are unused. The +- * shift-mask stuff is done to delete these bits from +- * the indices, since this cuts the table size in half. +- * +- * The table is torqued, by the way. If the standard +- * byte order for this (high to low order) is 1234, +- * the table actually gives us 4132. +- */ +- ltmp = PC2_C[0][((c >> 22) & 0x3f)] +- | PC2_C[1][((c >> 15) & 0xf) | ((c >> 16) & 0x30)] +- | PC2_C[2][((c >> 4) & 0x3) | ((c >> 9) & 0x3c)] +- | PC2_C[3][((c ) & 0x7) | ((c >> 4) & 0x38)]; +- /* +- * Apply permutted choice 2 to D to get the other half. +- * Here, bits 7, 10, 15 and 26 go unused. The sqeezing +- * actually turns out to be cheaper here. +- * +- * This table is similarly torqued. If the standard +- * byte order is 5678, the table has the bytes permuted +- * to give us 7685. +- */ +- rtmp = PC2_D[0][((d >> 22) & 0x3f)] +- | PC2_D[1][((d >> 14) & 0xf) | ((d >> 15) & 0x30)] +- | PC2_D[2][((d >> 7) & 0x3f)] +- | PC2_D[3][((d ) & 0x3) | ((d >> 1) & 0x3c)]; +- +- /* +- * Make up two words of the key schedule, with a +- * byte order which is convenient for the DES +- * inner loop. The high order (first) word will +- * hold bytes 7135 (high to low order) while the +- * second holds bytes 4682. +- */ +- *k++ = (ltmp & 0x00ffff00) | (rtmp & 0xff0000ff); +- *k++ = (ltmp & 0xff0000ff) | (rtmp & 0x00ffff00); +- } +- } +- return (0); +-} +diff --git a/src/lib/crypto/builtin/des/f_tables.c b/src/lib/crypto/builtin/des/f_tables.c +deleted file mode 100644 +index 6308cb0d5..000000000 +--- a/src/lib/crypto/builtin/des/f_tables.c ++++ /dev/null +@@ -1,370 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* lib/crypto/builtin/des/f_tables.c */ +-/* +- * Copyright (C) 1990 by the Massachusetts Institute of Technology. +- * All rights reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of M.I.T. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. Furthermore if you modify this software you must label +- * your software as modified software and not distribute it in such a +- * fashion that it might be confused with the original M.I.T. software. +- * M.I.T. makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- */ +- +-/* DES implementation donated by Dennis Ferguson */ +- +-/* +- * des_tables.c - precomputed tables used for the DES cipher function +- */ +- +-/* +- * Include the header file so something will complain if the +- * declarations get out of sync +- */ +-#include "des_int.h" +-#include "f_tables.h" +- +-/* +- * These tables may be declared const if you want. Many compilers +- * don't support this, though. +- */ +- +-/* +- * The DES algorithm which uses these is intended to be fairly speedy +- * at the expense of some memory. All the standard hacks are used. +- * The S boxes and the P permutation are precomputed into one table. +- * The E box never actually appears explicitly since it is easy to apply +- * this algorithmically as needed. The initial permutation and final +- * (inverse initial) permutation are computed from tables designed to +- * permute one byte at a time. This should run pretty fast on machines +- * with 32 bit words and bit field/multiple bit shift instructions which +- * are fast. +- */ +- +-/* +- * The initial permutation array. This is used to compute both the +- * left and the right halves of the initial permutation using bytes +- * from words made from the following operations: +- * +- * ((left & 0x55555555) << 1) | (right & 0x55555555) for left half +- * (left & 0xaaaaaaaa) | ((right & 0xaaaaaaaa) >> 1) for right half +- * +- * The scheme is that we index into the table using each byte. The +- * result from the high order byte is or'd with the result from the +- * next byte shifted left once is or'd with the result from the next +- * byte shifted left twice if or'd with the result from the low order +- * byte shifted left by three. Clear? +- */ +- +-const unsigned DES_INT32 des_IP_table[256] = { +- 0x00000000, 0x00000010, 0x00000001, 0x00000011, +- 0x00001000, 0x00001010, 0x00001001, 0x00001011, +- 0x00000100, 0x00000110, 0x00000101, 0x00000111, +- 0x00001100, 0x00001110, 0x00001101, 0x00001111, +- 0x00100000, 0x00100010, 0x00100001, 0x00100011, +- 0x00101000, 0x00101010, 0x00101001, 0x00101011, +- 0x00100100, 0x00100110, 0x00100101, 0x00100111, +- 0x00101100, 0x00101110, 0x00101101, 0x00101111, +- 0x00010000, 0x00010010, 0x00010001, 0x00010011, +- 0x00011000, 0x00011010, 0x00011001, 0x00011011, +- 0x00010100, 0x00010110, 0x00010101, 0x00010111, +- 0x00011100, 0x00011110, 0x00011101, 0x00011111, +- 0x00110000, 0x00110010, 0x00110001, 0x00110011, +- 0x00111000, 0x00111010, 0x00111001, 0x00111011, +- 0x00110100, 0x00110110, 0x00110101, 0x00110111, +- 0x00111100, 0x00111110, 0x00111101, 0x00111111, +- 0x10000000, 0x10000010, 0x10000001, 0x10000011, +- 0x10001000, 0x10001010, 0x10001001, 0x10001011, +- 0x10000100, 0x10000110, 0x10000101, 0x10000111, +- 0x10001100, 0x10001110, 0x10001101, 0x10001111, +- 0x10100000, 0x10100010, 0x10100001, 0x10100011, +- 0x10101000, 0x10101010, 0x10101001, 0x10101011, +- 0x10100100, 0x10100110, 0x10100101, 0x10100111, +- 0x10101100, 0x10101110, 0x10101101, 0x10101111, +- 0x10010000, 0x10010010, 0x10010001, 0x10010011, +- 0x10011000, 0x10011010, 0x10011001, 0x10011011, +- 0x10010100, 0x10010110, 0x10010101, 0x10010111, +- 0x10011100, 0x10011110, 0x10011101, 0x10011111, +- 0x10110000, 0x10110010, 0x10110001, 0x10110011, +- 0x10111000, 0x10111010, 0x10111001, 0x10111011, +- 0x10110100, 0x10110110, 0x10110101, 0x10110111, +- 0x10111100, 0x10111110, 0x10111101, 0x10111111, +- 0x01000000, 0x01000010, 0x01000001, 0x01000011, +- 0x01001000, 0x01001010, 0x01001001, 0x01001011, +- 0x01000100, 0x01000110, 0x01000101, 0x01000111, +- 0x01001100, 0x01001110, 0x01001101, 0x01001111, +- 0x01100000, 0x01100010, 0x01100001, 0x01100011, +- 0x01101000, 0x01101010, 0x01101001, 0x01101011, +- 0x01100100, 0x01100110, 0x01100101, 0x01100111, +- 0x01101100, 0x01101110, 0x01101101, 0x01101111, +- 0x01010000, 0x01010010, 0x01010001, 0x01010011, +- 0x01011000, 0x01011010, 0x01011001, 0x01011011, +- 0x01010100, 0x01010110, 0x01010101, 0x01010111, +- 0x01011100, 0x01011110, 0x01011101, 0x01011111, +- 0x01110000, 0x01110010, 0x01110001, 0x01110011, +- 0x01111000, 0x01111010, 0x01111001, 0x01111011, +- 0x01110100, 0x01110110, 0x01110101, 0x01110111, +- 0x01111100, 0x01111110, 0x01111101, 0x01111111, +- 0x11000000, 0x11000010, 0x11000001, 0x11000011, +- 0x11001000, 0x11001010, 0x11001001, 0x11001011, +- 0x11000100, 0x11000110, 0x11000101, 0x11000111, +- 0x11001100, 0x11001110, 0x11001101, 0x11001111, +- 0x11100000, 0x11100010, 0x11100001, 0x11100011, +- 0x11101000, 0x11101010, 0x11101001, 0x11101011, +- 0x11100100, 0x11100110, 0x11100101, 0x11100111, +- 0x11101100, 0x11101110, 0x11101101, 0x11101111, +- 0x11010000, 0x11010010, 0x11010001, 0x11010011, +- 0x11011000, 0x11011010, 0x11011001, 0x11011011, +- 0x11010100, 0x11010110, 0x11010101, 0x11010111, +- 0x11011100, 0x11011110, 0x11011101, 0x11011111, +- 0x11110000, 0x11110010, 0x11110001, 0x11110011, +- 0x11111000, 0x11111010, 0x11111001, 0x11111011, +- 0x11110100, 0x11110110, 0x11110101, 0x11110111, +- 0x11111100, 0x11111110, 0x11111101, 0x11111111 +-}; +- +-/* +- * The final permutation array. Like the IP array, used +- * to compute both the left and right results from the bytes +- * of words computed from: +- * +- * ((left & 0x0f0f0f0f) << 4) | (right & 0x0f0f0f0f) for left result +- * (left & 0xf0f0f0f0) | ((right & 0xf0f0f0f0) >> 4) for right result +- * +- * The result from the high order byte is shifted left 6 bits and +- * or'd with the result from the next byte shifted left 4 bits, which +- * is or'd with the result from the next byte shifted left 2 bits, +- * which is or'd with the result from the low byte. +- */ +-const unsigned DES_INT32 des_FP_table[256] = { +- 0x00000000, 0x02000000, 0x00020000, 0x02020000, +- 0x00000200, 0x02000200, 0x00020200, 0x02020200, +- 0x00000002, 0x02000002, 0x00020002, 0x02020002, +- 0x00000202, 0x02000202, 0x00020202, 0x02020202, +- 0x01000000, 0x03000000, 0x01020000, 0x03020000, +- 0x01000200, 0x03000200, 0x01020200, 0x03020200, +- 0x01000002, 0x03000002, 0x01020002, 0x03020002, +- 0x01000202, 0x03000202, 0x01020202, 0x03020202, +- 0x00010000, 0x02010000, 0x00030000, 0x02030000, +- 0x00010200, 0x02010200, 0x00030200, 0x02030200, +- 0x00010002, 0x02010002, 0x00030002, 0x02030002, +- 0x00010202, 0x02010202, 0x00030202, 0x02030202, +- 0x01010000, 0x03010000, 0x01030000, 0x03030000, +- 0x01010200, 0x03010200, 0x01030200, 0x03030200, +- 0x01010002, 0x03010002, 0x01030002, 0x03030002, +- 0x01010202, 0x03010202, 0x01030202, 0x03030202, +- 0x00000100, 0x02000100, 0x00020100, 0x02020100, +- 0x00000300, 0x02000300, 0x00020300, 0x02020300, +- 0x00000102, 0x02000102, 0x00020102, 0x02020102, +- 0x00000302, 0x02000302, 0x00020302, 0x02020302, +- 0x01000100, 0x03000100, 0x01020100, 0x03020100, +- 0x01000300, 0x03000300, 0x01020300, 0x03020300, +- 0x01000102, 0x03000102, 0x01020102, 0x03020102, +- 0x01000302, 0x03000302, 0x01020302, 0x03020302, +- 0x00010100, 0x02010100, 0x00030100, 0x02030100, +- 0x00010300, 0x02010300, 0x00030300, 0x02030300, +- 0x00010102, 0x02010102, 0x00030102, 0x02030102, +- 0x00010302, 0x02010302, 0x00030302, 0x02030302, +- 0x01010100, 0x03010100, 0x01030100, 0x03030100, +- 0x01010300, 0x03010300, 0x01030300, 0x03030300, +- 0x01010102, 0x03010102, 0x01030102, 0x03030102, +- 0x01010302, 0x03010302, 0x01030302, 0x03030302, +- 0x00000001, 0x02000001, 0x00020001, 0x02020001, +- 0x00000201, 0x02000201, 0x00020201, 0x02020201, +- 0x00000003, 0x02000003, 0x00020003, 0x02020003, +- 0x00000203, 0x02000203, 0x00020203, 0x02020203, +- 0x01000001, 0x03000001, 0x01020001, 0x03020001, +- 0x01000201, 0x03000201, 0x01020201, 0x03020201, +- 0x01000003, 0x03000003, 0x01020003, 0x03020003, +- 0x01000203, 0x03000203, 0x01020203, 0x03020203, +- 0x00010001, 0x02010001, 0x00030001, 0x02030001, +- 0x00010201, 0x02010201, 0x00030201, 0x02030201, +- 0x00010003, 0x02010003, 0x00030003, 0x02030003, +- 0x00010203, 0x02010203, 0x00030203, 0x02030203, +- 0x01010001, 0x03010001, 0x01030001, 0x03030001, +- 0x01010201, 0x03010201, 0x01030201, 0x03030201, +- 0x01010003, 0x03010003, 0x01030003, 0x03030003, +- 0x01010203, 0x03010203, 0x01030203, 0x03030203, +- 0x00000101, 0x02000101, 0x00020101, 0x02020101, +- 0x00000301, 0x02000301, 0x00020301, 0x02020301, +- 0x00000103, 0x02000103, 0x00020103, 0x02020103, +- 0x00000303, 0x02000303, 0x00020303, 0x02020303, +- 0x01000101, 0x03000101, 0x01020101, 0x03020101, +- 0x01000301, 0x03000301, 0x01020301, 0x03020301, +- 0x01000103, 0x03000103, 0x01020103, 0x03020103, +- 0x01000303, 0x03000303, 0x01020303, 0x03020303, +- 0x00010101, 0x02010101, 0x00030101, 0x02030101, +- 0x00010301, 0x02010301, 0x00030301, 0x02030301, +- 0x00010103, 0x02010103, 0x00030103, 0x02030103, +- 0x00010303, 0x02010303, 0x00030303, 0x02030303, +- 0x01010101, 0x03010101, 0x01030101, 0x03030101, +- 0x01010301, 0x03010301, 0x01030301, 0x03030301, +- 0x01010103, 0x03010103, 0x01030103, 0x03030103, +- 0x01010303, 0x03010303, 0x01030303, 0x03030303 +-}; +- +- +-/* +- * The SP table is actually the S boxes and the P permutation +- * table combined. This table is actually reordered from the +- * spec, to match the order of key application we follow. +- */ +-const unsigned DES_INT32 des_SP_table[8][64] = { +- { +- 0x00100000, 0x02100001, 0x02000401, 0x00000000, /* 7 */ +- 0x00000400, 0x02000401, 0x00100401, 0x02100400, +- 0x02100401, 0x00100000, 0x00000000, 0x02000001, +- 0x00000001, 0x02000000, 0x02100001, 0x00000401, +- 0x02000400, 0x00100401, 0x00100001, 0x02000400, +- 0x02000001, 0x02100000, 0x02100400, 0x00100001, +- 0x02100000, 0x00000400, 0x00000401, 0x02100401, +- 0x00100400, 0x00000001, 0x02000000, 0x00100400, +- 0x02000000, 0x00100400, 0x00100000, 0x02000401, +- 0x02000401, 0x02100001, 0x02100001, 0x00000001, +- 0x00100001, 0x02000000, 0x02000400, 0x00100000, +- 0x02100400, 0x00000401, 0x00100401, 0x02100400, +- 0x00000401, 0x02000001, 0x02100401, 0x02100000, +- 0x00100400, 0x00000000, 0x00000001, 0x02100401, +- 0x00000000, 0x00100401, 0x02100000, 0x00000400, +- 0x02000001, 0x02000400, 0x00000400, 0x00100001, +- }, +- { +- 0x00808200, 0x00000000, 0x00008000, 0x00808202, /* 1 */ +- 0x00808002, 0x00008202, 0x00000002, 0x00008000, +- 0x00000200, 0x00808200, 0x00808202, 0x00000200, +- 0x00800202, 0x00808002, 0x00800000, 0x00000002, +- 0x00000202, 0x00800200, 0x00800200, 0x00008200, +- 0x00008200, 0x00808000, 0x00808000, 0x00800202, +- 0x00008002, 0x00800002, 0x00800002, 0x00008002, +- 0x00000000, 0x00000202, 0x00008202, 0x00800000, +- 0x00008000, 0x00808202, 0x00000002, 0x00808000, +- 0x00808200, 0x00800000, 0x00800000, 0x00000200, +- 0x00808002, 0x00008000, 0x00008200, 0x00800002, +- 0x00000200, 0x00000002, 0x00800202, 0x00008202, +- 0x00808202, 0x00008002, 0x00808000, 0x00800202, +- 0x00800002, 0x00000202, 0x00008202, 0x00808200, +- 0x00000202, 0x00800200, 0x00800200, 0x00000000, +- 0x00008002, 0x00008200, 0x00000000, 0x00808002, +- }, +- { +- 0x00000104, 0x04010100, 0x00000000, 0x04010004, /* 3 */ +- 0x04000100, 0x00000000, 0x00010104, 0x04000100, +- 0x00010004, 0x04000004, 0x04000004, 0x00010000, +- 0x04010104, 0x00010004, 0x04010000, 0x00000104, +- 0x04000000, 0x00000004, 0x04010100, 0x00000100, +- 0x00010100, 0x04010000, 0x04010004, 0x00010104, +- 0x04000104, 0x00010100, 0x00010000, 0x04000104, +- 0x00000004, 0x04010104, 0x00000100, 0x04000000, +- 0x04010100, 0x04000000, 0x00010004, 0x00000104, +- 0x00010000, 0x04010100, 0x04000100, 0x00000000, +- 0x00000100, 0x00010004, 0x04010104, 0x04000100, +- 0x04000004, 0x00000100, 0x00000000, 0x04010004, +- 0x04000104, 0x00010000, 0x04000000, 0x04010104, +- 0x00000004, 0x00010104, 0x00010100, 0x04000004, +- 0x04010000, 0x04000104, 0x00000104, 0x04010000, +- 0x00010104, 0x00000004, 0x04010004, 0x00010100, +- }, +- { +- 0x00000080, 0x01040080, 0x01040000, 0x21000080, /* 5 */ +- 0x00040000, 0x00000080, 0x20000000, 0x01040000, +- 0x20040080, 0x00040000, 0x01000080, 0x20040080, +- 0x21000080, 0x21040000, 0x00040080, 0x20000000, +- 0x01000000, 0x20040000, 0x20040000, 0x00000000, +- 0x20000080, 0x21040080, 0x21040080, 0x01000080, +- 0x21040000, 0x20000080, 0x00000000, 0x21000000, +- 0x01040080, 0x01000000, 0x21000000, 0x00040080, +- 0x00040000, 0x21000080, 0x00000080, 0x01000000, +- 0x20000000, 0x01040000, 0x21000080, 0x20040080, +- 0x01000080, 0x20000000, 0x21040000, 0x01040080, +- 0x20040080, 0x00000080, 0x01000000, 0x21040000, +- 0x21040080, 0x00040080, 0x21000000, 0x21040080, +- 0x01040000, 0x00000000, 0x20040000, 0x21000000, +- 0x00040080, 0x01000080, 0x20000080, 0x00040000, +- 0x00000000, 0x20040000, 0x01040080, 0x20000080, +- }, +- { +- 0x80401000, 0x80001040, 0x80001040, 0x00000040, /* 4 */ +- 0x00401040, 0x80400040, 0x80400000, 0x80001000, +- 0x00000000, 0x00401000, 0x00401000, 0x80401040, +- 0x80000040, 0x00000000, 0x00400040, 0x80400000, +- 0x80000000, 0x00001000, 0x00400000, 0x80401000, +- 0x00000040, 0x00400000, 0x80001000, 0x00001040, +- 0x80400040, 0x80000000, 0x00001040, 0x00400040, +- 0x00001000, 0x00401040, 0x80401040, 0x80000040, +- 0x00400040, 0x80400000, 0x00401000, 0x80401040, +- 0x80000040, 0x00000000, 0x00000000, 0x00401000, +- 0x00001040, 0x00400040, 0x80400040, 0x80000000, +- 0x80401000, 0x80001040, 0x80001040, 0x00000040, +- 0x80401040, 0x80000040, 0x80000000, 0x00001000, +- 0x80400000, 0x80001000, 0x00401040, 0x80400040, +- 0x80001000, 0x00001040, 0x00400000, 0x80401000, +- 0x00000040, 0x00400000, 0x00001000, 0x00401040, +- }, +- { +- 0x10000008, 0x10200000, 0x00002000, 0x10202008, /* 6 */ +- 0x10200000, 0x00000008, 0x10202008, 0x00200000, +- 0x10002000, 0x00202008, 0x00200000, 0x10000008, +- 0x00200008, 0x10002000, 0x10000000, 0x00002008, +- 0x00000000, 0x00200008, 0x10002008, 0x00002000, +- 0x00202000, 0x10002008, 0x00000008, 0x10200008, +- 0x10200008, 0x00000000, 0x00202008, 0x10202000, +- 0x00002008, 0x00202000, 0x10202000, 0x10000000, +- 0x10002000, 0x00000008, 0x10200008, 0x00202000, +- 0x10202008, 0x00200000, 0x00002008, 0x10000008, +- 0x00200000, 0x10002000, 0x10000000, 0x00002008, +- 0x10000008, 0x10202008, 0x00202000, 0x10200000, +- 0x00202008, 0x10202000, 0x00000000, 0x10200008, +- 0x00000008, 0x00002000, 0x10200000, 0x00202008, +- 0x00002000, 0x00200008, 0x10002008, 0x00000000, +- 0x10202000, 0x10000000, 0x00200008, 0x10002008, +- }, +- { +- 0x08000820, 0x00000800, 0x00020000, 0x08020820, /* 8 */ +- 0x08000000, 0x08000820, 0x00000020, 0x08000000, +- 0x00020020, 0x08020000, 0x08020820, 0x00020800, +- 0x08020800, 0x00020820, 0x00000800, 0x00000020, +- 0x08020000, 0x08000020, 0x08000800, 0x00000820, +- 0x00020800, 0x00020020, 0x08020020, 0x08020800, +- 0x00000820, 0x00000000, 0x00000000, 0x08020020, +- 0x08000020, 0x08000800, 0x00020820, 0x00020000, +- 0x00020820, 0x00020000, 0x08020800, 0x00000800, +- 0x00000020, 0x08020020, 0x00000800, 0x00020820, +- 0x08000800, 0x00000020, 0x08000020, 0x08020000, +- 0x08020020, 0x08000000, 0x00020000, 0x08000820, +- 0x00000000, 0x08020820, 0x00020020, 0x08000020, +- 0x08020000, 0x08000800, 0x08000820, 0x00000000, +- 0x08020820, 0x00020800, 0x00020800, 0x00000820, +- 0x00000820, 0x00020020, 0x08000000, 0x08020800, +- }, +- { +- 0x40084010, 0x40004000, 0x00004000, 0x00084010, /* 2 */ +- 0x00080000, 0x00000010, 0x40080010, 0x40004010, +- 0x40000010, 0x40084010, 0x40084000, 0x40000000, +- 0x40004000, 0x00080000, 0x00000010, 0x40080010, +- 0x00084000, 0x00080010, 0x40004010, 0x00000000, +- 0x40000000, 0x00004000, 0x00084010, 0x40080000, +- 0x00080010, 0x40000010, 0x00000000, 0x00084000, +- 0x00004010, 0x40084000, 0x40080000, 0x00004010, +- 0x00000000, 0x00084010, 0x40080010, 0x00080000, +- 0x40004010, 0x40080000, 0x40084000, 0x00004000, +- 0x40080000, 0x40004000, 0x00000010, 0x40084010, +- 0x00084010, 0x00000010, 0x00004000, 0x40000000, +- 0x00004010, 0x40084000, 0x00080000, 0x40000010, +- 0x00080010, 0x40004010, 0x40000010, 0x00080010, +- 0x00084000, 0x00000000, 0x40004000, 0x00004010, +- 0x40000000, 0x40080010, 0x40084010, 0x00084000 +- }, +-}; +diff --git a/src/lib/crypto/builtin/des/f_tables.h b/src/lib/crypto/builtin/des/f_tables.h +deleted file mode 100644 +index fc91b566c..000000000 +--- a/src/lib/crypto/builtin/des/f_tables.h ++++ /dev/null +@@ -1,285 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* lib/crypto/builtin/des/f_tables.h */ +-/* +- * Copyright (C) 1990 by the Massachusetts Institute of Technology. +- * All rights reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of M.I.T. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. Furthermore if you modify this software you must label +- * your software as modified software and not distribute it in such a +- * fashion that it might be confused with the original M.I.T. software. +- * M.I.T. makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- */ +- +-/* +- * DES implementation donated by Dennis Ferguson +- */ +- +-/* +- * des_tables.h - declarations to import the DES tables, used internally +- * by some of the library routines. +- */ +-#ifndef __DES_TABLES_H__ +-#define __DES_TABLES_H__ /* nothing */ +- +-#include "k5-platform.h" +-/* +- * These may be declared const if you wish. Be sure to change the +- * declarations in des_tables.c as well. +- */ +-extern const unsigned DES_INT32 des_IP_table[256]; +-extern const unsigned DES_INT32 des_FP_table[256]; +-extern const unsigned DES_INT32 des_SP_table[8][64]; +- +-/* +- * Use standard shortforms to reference these to save typing +- */ +-#define IP des_IP_table +-#define FP des_FP_table +-#define SP des_SP_table +- +-#ifdef DEBUG +-#define DEB(foofraw) printf foofraw +-#else +-#define DEB(foofraw) /* nothing */ +-#endif +- +-/* +- * Code to do a DES round using the tables. Note that the E expansion +- * is easy to compute algorithmically, especially if done out-of-order. +- * Take a look at its form and compare it to everything involving temp +- * below. Since SP[0-7] don't have any bits in common set it is okay +- * to do the successive xor's. +- * +- * Note too that the SP table has been reordered to match the order of +- * the keys (if the original order of SP was 12345678, the reordered +- * table is 71354682). This is unnecessary, but was done since some +- * compilers seem to like you going through the matrix from beginning +- * to end. +- * +- * There is a difference in the best way to do this depending on whether +- * one is encrypting or decrypting. If encrypting we move forward through +- * the keys and hence should move forward through the table. If decrypting +- * we go back. Part of the need for this comes from trying to emulate +- * existing software which generates a single key schedule and uses it +- * both for encrypting and decrypting. Generating separate encryption +- * and decryption key schedules would allow one to use the same code +- * for both. +- * +- * left, right and temp should be unsigned DES_INT32 values. left and right +- * should be the high and low order parts of the cipher block at the +- * current stage of processing (this makes sense if you read the spec). +- * kp should be an unsigned DES_INT32 pointer which points at the current +- * set of subkeys in the key schedule. It is advanced to the next set +- * (i.e. by 8 bytes) when this is done. +- * +- * This occurs in the innermost loop of the DES function. The four +- * variables should really be in registers. +- * +- * When using this, the inner loop of the DES function might look like: +- * +- * for (i = 0; i < 8; i++) { +- * DES_SP_{EN,DE}CRYPT_ROUND(left, right, temp, kp); +- * DES_SP_{EN,DE}CRYPT_ROUND(right, left, temp, kp); +- * } +- * +- * Note the trick above. You are supposed to do 16 rounds, swapping +- * left and right at the end of each round. By doing two rounds at +- * a time and swapping left and right in the code we can avoid the +- * swaps altogether. +- */ +-#define DES_SP_ENCRYPT_ROUND(left, right, temp, kp) do { \ +- (temp) = (((right) >> 11) | ((right) << 21)) ^ *(kp)++; \ +- (left) ^= SP[0][((temp) >> 24) & 0x3f] \ +- | SP[1][((temp) >> 16) & 0x3f] \ +- | SP[2][((temp) >> 8) & 0x3f] \ +- | SP[3][((temp) ) & 0x3f]; \ +- (temp) = (((right) >> 23) | ((right) << 9)) ^ *(kp)++; \ +- (left) ^= SP[4][((temp) >> 24) & 0x3f] \ +- | SP[5][((temp) >> 16) & 0x3f] \ +- | SP[6][((temp) >> 8) & 0x3f] \ +- | SP[7][((temp) ) & 0x3f]; \ +- } while(0); +- +-#define DES_SP_DECRYPT_ROUND(left, right, temp, kp) do { \ +- (temp) = (((right) >> 23) | ((right) << 9)) ^ *(--(kp)); \ +- (left) ^= SP[7][((temp) ) & 0x3f] \ +- | SP[6][((temp) >> 8) & 0x3f] \ +- | SP[5][((temp) >> 16) & 0x3f] \ +- | SP[4][((temp) >> 24) & 0x3f]; \ +- (temp) = (((right) >> 11) | ((right) << 21)) ^ *(--(kp)); \ +- (left) ^= SP[3][((temp) ) & 0x3f] \ +- | SP[2][((temp) >> 8) & 0x3f] \ +- | SP[1][((temp) >> 16) & 0x3f] \ +- | SP[0][((temp) >> 24) & 0x3f]; \ +- } while (0); +- +-/* +- * Macros to help deal with the initial permutation table. Note +- * the IP table only deals with 32 bits at a time, allowing us to +- * collect the bits we need to deal with each half into an unsigned +- * DES_INT32. By carefully selecting how the bits are ordered we also +- * take advantages of symmetries in the table so that we can use a +- * single table to compute the permutation of all bytes. This sounds +- * complicated, but if you go through the process of designing the +- * table you'll find the symmetries fall right out. +- * +- * The follow macros compute the set of bits used to index the +- * table for produce the left and right permuted result. +- * +- * The inserted cast to unsigned DES_INT32 circumvents a bug in +- * the Macintosh MPW 3.2 C compiler which loses the unsignedness and +- * propagates the high-order bit in the shift. +- */ +-#define DES_IP_LEFT_BITS(left, right) \ +- ((((left) & 0x55555555) << 1) | ((right) & 0x55555555)) +-#define DES_IP_RIGHT_BITS(left, right) \ +- (((left) & 0xaaaaaaaa) | \ +- ( ( (unsigned DES_INT32) ((right) & 0xaaaaaaaa) ) >> 1)) +- +-/* +- * The following macro does an in-place initial permutation given +- * the current left and right parts of the block and a single +- * temporary. Use this more as a guide for rolling your own, though. +- * The best way to do the IP depends on the form of the data you +- * are dealing with. If you use this, though, try to make left, +- * right and temp unsigned DES_INT32s. +- */ +-#define DES_INITIAL_PERM(left, right, temp) do { \ +- (temp) = DES_IP_RIGHT_BITS((left), (right)); \ +- (right) = DES_IP_LEFT_BITS((left), (right)); \ +- (left) = IP[((right) >> 24) & 0xff] \ +- | (IP[((right) >> 16) & 0xff] << 1) \ +- | (IP[((right) >> 8) & 0xff] << 2) \ +- | (IP[(right) & 0xff] << 3); \ +- (right) = IP[((temp) >> 24) & 0xff] \ +- | (IP[((temp) >> 16) & 0xff] << 1) \ +- | (IP[((temp) >> 8) & 0xff] << 2) \ +- | (IP[(temp) & 0xff] << 3); \ +- } while(0); +- +-/* +- * Now the final permutation stuff. The same comments apply to +- * this as to the initial permutation, except that we use different +- * bits and shifts. +- * +- * The inserted cast to unsigned DES_INT32 circumvents a bug in +- * the Macintosh MPW 3.2 C compiler which loses the unsignedness and +- * propagates the high-order bit in the shift. +- */ +-#define DES_FP_LEFT_BITS(left, right) \ +- ((((left) & 0x0f0f0f0f) << 4) | ((right) & 0x0f0f0f0f)) +-#define DES_FP_RIGHT_BITS(left, right) \ +- (((left) & 0xf0f0f0f0) | \ +- ( ( (unsigned DES_INT32) ((right) & 0xf0f0f0f0) ) >> 4)) +- +- +-/* +- * Here is a sample final permutation. Note that there is a trick +- * here. DES requires swapping the left and right parts after the +- * last cipher round but before the final permutation. We do this +- * swapping internally, which is why left and right are confused +- * at the beginning. +- */ +-#define DES_FINAL_PERM(left, right, temp) do { \ +- (temp) = DES_FP_RIGHT_BITS((right), (left)); \ +- (right) = DES_FP_LEFT_BITS((right), (left)); \ +- (left) = (FP[((right) >> 24) & 0xff] << 6) \ +- | (FP[((right) >> 16) & 0xff] << 4) \ +- | (FP[((right) >> 8) & 0xff] << 2) \ +- | FP[(right) & 0xff]; \ +- (right) = (FP[((temp) >> 24) & 0xff] << 6) \ +- | (FP[((temp) >> 16) & 0xff] << 4) \ +- | (FP[((temp) >> 8) & 0xff] << 2) \ +- | FP[temp & 0xff]; \ +- } while(0); +- +- +-/* +- * Finally, as a sample of how all this might be held together, the +- * following two macros do in-place encryptions and decryptions. left +- * and right are two unsigned DES_INT32 variables which at the beginning +- * are expected to hold the clear (encrypted) block in host byte order +- * (left the high order four bytes, right the low order). At the end +- * they will contain the encrypted (clear) block. temp is an unsigned DES_INT32 +- * used as a temporary. kp is an unsigned DES_INT32 pointer pointing at +- * the start of the key schedule. All these should be in registers. +- * +- * You can probably do better than these by rewriting for particular +- * situations. These aren't bad, though. +- * +- * The DEB macros enable debugging when this code breaks (typically +- * when a buggy compiler breaks it), by printing the intermediate values +- * at each stage of the encryption, so that by comparing the output to +- * a known good machine, the location of the first error can be found. +- */ +-#define DES_DO_ENCRYPT_1(left, right, kp) \ +- do { \ +- int i; \ +- unsigned DES_INT32 temp1; \ +- DEB (("do_encrypt %8lX %8lX \n", left, right)); \ +- DES_INITIAL_PERM((left), (right), (temp1)); \ +- DEB ((" after IP %8lX %8lX\n", left, right)); \ +- for (i = 0; i < 8; i++) { \ +- DES_SP_ENCRYPT_ROUND((left), (right), (temp1), (kp)); \ +- DEB ((" round %2d %8lX %8lX \n", i*2, left, right)); \ +- DES_SP_ENCRYPT_ROUND((right), (left), (temp1), (kp)); \ +- DEB ((" round %2d %8lX %8lX \n", 1+i*2, left, right)); \ +- } \ +- DES_FINAL_PERM((left), (right), (temp1)); \ +- (kp) -= (2 * 16); \ +- DEB ((" after FP %8lX %8lX \n", left, right)); \ +- } while (0) +- +-#define DES_DO_DECRYPT_1(left, right, kp) \ +- do { \ +- int i; \ +- unsigned DES_INT32 temp2; \ +- DES_INITIAL_PERM((left), (right), (temp2)); \ +- (kp) += (2 * 16); \ +- for (i = 0; i < 8; i++) { \ +- DES_SP_DECRYPT_ROUND((left), (right), (temp2), (kp)); \ +- DES_SP_DECRYPT_ROUND((right), (left), (temp2), (kp)); \ +- } \ +- DES_FINAL_PERM((left), (right), (temp2)); \ +- } while (0) +- +-#if defined(CONFIG_SMALL) && !defined(CONFIG_SMALL_NO_CRYPTO) +-extern void krb5int_des_do_encrypt_2(unsigned DES_INT32 *l, +- unsigned DES_INT32 *r, +- const unsigned DES_INT32 *k); +-extern void krb5int_des_do_decrypt_2(unsigned DES_INT32 *l, +- unsigned DES_INT32 *r, +- const unsigned DES_INT32 *k); +-#define DES_DO_ENCRYPT(L,R,K) krb5int_des_do_encrypt_2(&(L), &(R), (K)) +-#define DES_DO_DECRYPT(L,R,K) krb5int_des_do_decrypt_2(&(L), &(R), (K)) +-#else +-#define DES_DO_ENCRYPT DES_DO_ENCRYPT_1 +-#define DES_DO_DECRYPT DES_DO_DECRYPT_1 +-#endif +- +-/* +- * These are handy dandy utility thingies for straightening out bytes. +- * Included here because they're used a couple of places. +- */ +-#define GET_HALF_BLOCK(lr, ip) ((lr) = load_32_be(ip), (ip) += 4) +-#define PUT_HALF_BLOCK(lr, op) (store_32_be(lr, op), (op) += 4) +- +-/* Shorthand that we'll need in several places, for creating values that +- really can hold 32 bits regardless of the prevailing int size. */ +-#define FF_UINT32 ((unsigned DES_INT32) 0xFF) +- +-#endif /* __DES_TABLES_H__ */ +diff --git a/src/lib/crypto/builtin/des/key_sched.c b/src/lib/crypto/builtin/des/key_sched.c +deleted file mode 100644 +index 87f02b6a9..000000000 +--- a/src/lib/crypto/builtin/des/key_sched.c ++++ /dev/null +@@ -1,62 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* lib/crypto/builtin/des/key_sched.c */ +-/* +- * Copyright 1985, 1986, 1987, 1988, 1990 by the Massachusetts Institute +- * of Technology. +- * All Rights Reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of M.I.T. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. Furthermore if you modify this software you must label +- * your software as modified software and not distribute it in such a +- * fashion that it might be confused with the original M.I.T. software. +- * M.I.T. makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- */ +- +-/* +- * This routine computes the DES key schedule given a key. The +- * permutations and shifts have been done at compile time, resulting +- * in a direct one-step mapping from the input key to the key +- * schedule. +- * +- * Also checks parity and weak keys. +- * +- * Watch out for the subscripts -- most effectively start at 1 instead +- * of at zero. Maybe some bugs in that area. +- * +- * In case the user wants to cache the computed key schedule, it is +- * passed as an arg. Also implies that caller has explicit control +- * over zeroing both the key schedule and the key. +- * +- * Originally written 6/85 by Steve Miller, MIT Project Athena. +- */ +- +-#include "k5-int.h" +-#include "des_int.h" +- +-int +-mit_des_key_sched(mit_des_cblock k, mit_des_key_schedule schedule) +-{ +- mit_des_make_key_sched(k,schedule); +- +- if (!mit_des_check_key_parity(k)) /* bad parity --> return -1 */ +- return(-1); +- +- if (mit_des_is_weak_key(k)) +- return(-2); +- +- /* if key was good, return 0 */ +- return 0; +-} +diff --git a/src/lib/crypto/builtin/des/keytest.data b/src/lib/crypto/builtin/des/keytest.data +deleted file mode 100644 +index 7ff34eedc..000000000 +--- a/src/lib/crypto/builtin/des/keytest.data ++++ /dev/null +@@ -1,171 +0,0 @@ +-0101010101010101 95F8A5E5DD31D900 8000000000000000 +-0101010101010101 DD7F121CA5015619 4000000000000000 +-0101010101010101 2E8653104F3834EA 2000000000000000 +-0101010101010101 4BD388FF6CD81D4F 1000000000000000 +-0101010101010101 20B9E767B2FB1456 0800000000000000 +-0101010101010101 55579380D77138EF 0400000000000000 +-0101010101010101 6CC5DEFAAF04512F 0200000000000000 +-0101010101010101 0D9F279BA5D87260 0100000000000000 +-0101010101010101 D9031B0271BD5A0A 0080000000000000 +-0101010101010101 424250B37C3DD951 0040000000000000 +-0101010101010101 B8061B7ECD9A21E5 0020000000000000 +-0101010101010101 F15D0F286B65BD28 0010000000000000 +-0101010101010101 ADD0CC8D6E5DEBA1 0008000000000000 +-0101010101010101 E6D5F82752AD63D1 0004000000000000 +-0101010101010101 ECBFE3BD3F591A5E 0002000000000000 +-0101010101010101 F356834379D165CD 0001000000000000 +-0101010101010101 2B9F982F20037FA9 0000800000000000 +-0101010101010101 889DE068A16F0BE6 0000400000000000 +-0101010101010101 E19E275D846A1298 0000200000000000 +-0101010101010101 329A8ED523D71AEC 0000100000000000 +-0101010101010101 E7FCE22557D23C97 0000080000000000 +-0101010101010101 12A9F5817FF2D65D 0000040000000000 +-0101010101010101 A484C3AD38DC9C19 0000020000000000 +-0101010101010101 FBE00A8A1EF8AD72 0000010000000000 +-0101010101010101 750D079407521363 0000008000000000 +-0101010101010101 64FEED9C724C2FAF 0000004000000000 +-0101010101010101 F02B263B328E2B60 0000002000000000 +-0101010101010101 9D64555A9A10B852 0000001000000000 +-0101010101010101 D106FF0BED5255D7 0000000800000000 +-0101010101010101 E1652C6B138C64A5 0000000400000000 +-0101010101010101 E428581186EC8F46 0000000200000000 +-0101010101010101 AEB5F5EDE22D1A36 0000000100000000 +-0101010101010101 E943D7568AEC0C5C 0000000080000000 +-0101010101010101 DF98C8276F54B04B 0000000040000000 +-0101010101010101 B160E4680F6C696F 0000000020000000 +-0101010101010101 FA0752B07D9C4AB8 0000000010000000 +-0101010101010101 CA3A2B036DBC8502 0000000008000000 +-0101010101010101 5E0905517BB59BCF 0000000004000000 +-0101010101010101 814EEB3B91D90726 0000000002000000 +-0101010101010101 4D49DB1532919C9F 0000000001000000 +-0101010101010101 25EB5FC3F8CF0621 0000000000800000 +-0101010101010101 AB6A20C0620D1C6F 0000000000400000 +-0101010101010101 79E90DBC98F92CCA 0000000000200000 +-0101010101010101 866ECEDD8072BB0E 0000000000100000 +-0101010101010101 8B54536F2F3E64A8 0000000000080000 +-0101010101010101 EA51D3975595B86B 0000000000040000 +-0101010101010101 CAFFC6AC4542DE31 0000000000020000 +-0101010101010101 8DD45A2DDF90796C 0000000000010000 +-0101010101010101 1029D55E880EC2D0 0000000000008000 +-0101010101010101 5D86CB23639DBEA9 0000000000004000 +-0101010101010101 1D1CA853AE7C0C5F 0000000000002000 +-0101010101010101 CE332329248F3228 0000000000001000 +-0101010101010101 8405D1ABE24FB942 0000000000000800 +-0101010101010101 E643D78090CA4207 0000000000000400 +-0101010101010101 48221B9937748A23 0000000000000200 +-0101010101010101 DD7C0BBD61FAFD54 0000000000000100 +-0101010101010101 2FBC291A570DB5C4 0000000000000080 +-0101010101010101 E07C30D7E4E26E12 0000000000000040 +-0101010101010101 0953E2258E8E90A1 0000000000000020 +-0101010101010101 5B711BC4CEEBF2EE 0000000000000010 +-0101010101010101 CC083F1E6D9E85F6 0000000000000008 +-0101010101010101 D2FD8867D50D2DFE 0000000000000004 +-0101010101010101 06E7EA22CE92708F 0000000000000002 +-0101010101010101 166B40B44ABA4BD6 0000000000000001 +-8001010101010101 0000000000000000 95A8D72813DAA94D +-4001010101010101 0000000000000000 0EEC1487DD8C26D5 +-2001010101010101 0000000000000000 7AD16FFB79C45926 +-1001010101010101 0000000000000000 D3746294CA6A6CF3 +-0801010101010101 0000000000000000 809F5F873C1FD761 +-0401010101010101 0000000000000000 C02FAFFEC989D1FC +-0201010101010101 0000000000000000 4615AA1D33E72F10 +-0180010101010101 0000000000000000 2055123350C00858 +-0140010101010101 0000000000000000 DF3B99D6577397C8 +-0120010101010101 0000000000000000 31FE17369B5288C9 +-0110010101010101 0000000000000000 DFDD3CC64DAE1642 +-0108010101010101 0000000000000000 178C83CE2B399D94 +-0104010101010101 0000000000000000 50F636324A9B7F80 +-0102010101010101 0000000000000000 A8468EE3BC18F06D +-0101800101010101 0000000000000000 A2DC9E92FD3CDE92 +-0101400101010101 0000000000000000 CAC09F797D031287 +-0101200101010101 0000000000000000 90BA680B22AEB525 +-0101100101010101 0000000000000000 CE7A24F350E280B6 +-0101080101010101 0000000000000000 882BFF0AA01A0B87 +-0101040101010101 0000000000000000 25610288924511C2 +-0101020101010101 0000000000000000 C71516C29C75D170 +-0101018001010101 0000000000000000 5199C29A52C9F059 +-0101014001010101 0000000000000000 C22F0A294A71F29F +-0101012001010101 0000000000000000 EE371483714C02EA +-0101011001010101 0000000000000000 A81FBD448F9E522F +-0101010801010101 0000000000000000 4F644C92E192DFED +-0101010401010101 0000000000000000 1AFA9A66A6DF92AE +-0101010201010101 0000000000000000 B3C1CC715CB879D8 +-0101010180010101 0000000000000000 19D032E64AB0BD8B +-0101010140010101 0000000000000000 3CFAA7A7DC8720DC +-0101010120010101 0000000000000000 B7265F7F447AC6F3 +-0101010110010101 0000000000000000 9DB73B3C0D163F54 +-0101010108010101 0000000000000000 8181B65BABF4A975 +-0101010104010101 0000000000000000 93C9B64042EAA240 +-0101010102010101 0000000000000000 5570530829705592 +-0101010101800101 0000000000000000 8638809E878787A0 +-0101010101400101 0000000000000000 41B9A79AF79AC208 +-0101010101200101 0000000000000000 7A9BE42F2009A892 +-0101010101100101 0000000000000000 29038D56BA6D2745 +-0101010101080101 0000000000000000 5495C6ABF1E5DF51 +-0101010101040101 0000000000000000 AE13DBD561488933 +-0101010101020101 0000000000000000 024D1FFA8904E389 +-0101010101018001 0000000000000000 D1399712F99BF02E +-0101010101014001 0000000000000000 14C1D7C1CFFEC79E +-0101010101012001 0000000000000000 1DE5279DAE3BED6F +-0101010101011001 0000000000000000 E941A33F85501303 +-0101010101010801 0000000000000000 DA99DBBC9A03F379 +-0101010101010401 0000000000000000 B7FC92F91D8E92E9 +-0101010101010201 0000000000000000 AE8E5CAA3CA04E85 +-0101010101010180 0000000000000000 9CC62DF43B6EED74 +-0101010101010140 0000000000000000 D863DBB5C59A91A0 +-0101010101010120 0000000000000000 A1AB2190545B91D7 +-0101010101010110 0000000000000000 0875041E64C570F7 +-0101010101010108 0000000000000000 5A594528BEBEF1CC +-0101010101010104 0000000000000000 FCDB3291DE21F0C0 +-0101010101010102 0000000000000000 869EFD7F9F265A09 +-1046913489980131 0000000000000000 88D55E54F54C97B4 +-1007103489988020 0000000000000000 0C0CC00C83EA48FD +-10071034C8980120 0000000000000000 83BC8EF3A6570183 +-1046103489988020 0000000000000000 DF725DCAD94EA2E9 +-1086911519190101 0000000000000000 E652B53B550BE8B0 +-1086911519580101 0000000000000000 AF527120C485CBB0 +-5107B01519580101 0000000000000000 0F04CE393DB926D5 +-1007B01519190101 0000000000000000 C9F00FFC74079067 +-3107915498080101 0000000000000000 7CFD82A593252B4E +-3107919498080101 0000000000000000 CB49A2F9E91363E3 +-10079115B9080140 0000000000000000 00B588BE70D23F56 +-3107911598080140 0000000000000000 406A9A6AB43399AE +-1007D01589980101 0000000000000000 6CB773611DCA9ADA +-9107911589980101 0000000000000000 67FD21C17DBB5D70 +-9107D01589190101 0000000000000000 9592CB4110430787 +-1007D01598980120 0000000000000000 A6B7FF68A318DDD3 +-1007940498190101 0000000000000000 4D102196C914CA16 +-0107910491190401 0000000000000000 2DFA9F4573594965 +-0107910491190101 0000000000000000 B46604816C0E0774 +-0107940491190401 0000000000000000 6E7E6221A4F34E87 +-19079210981A0101 0000000000000000 AA85E74643233199 +-1007911998190801 0000000000000000 2E5A19DB4D1962D6 +-10079119981A0801 0000000000000000 23A866A809D30894 +-1007921098190101 0000000000000000 D812D961F017D320 +-100791159819010B 0000000000000000 055605816E58608F +-1004801598190101 0000000000000000 ABD88E8B1B7716F1 +-1004801598190102 0000000000000000 537AC95BE69DA1E1 +-1004801598190108 0000000000000000 AED0F6AE3C25CDD8 +-1002911598100104 0000000000000000 B3E35A5EE53E7B8D +-1002911598190104 0000000000000000 61C79C71921A2EF8 +-1002911598100201 0000000000000000 E2F5728F0995013C +-1002911698100101 0000000000000000 1AEAC39A61F0A464 +-7CA110454A1A6E57 01A1D6D039776742 690F5B0D9A26939B +-0131D9619DC1376E 5CD54CA83DEF57DA 7A389D10354BD271 +-07A1133E4A0B2686 0248D43806F67172 868EBB51CAB4599A +-3849674C2602319E 51454B582DDF440A 7178876E01F19B2A +-04B915BA43FEB5B6 42FD443059577FA2 AF37FB421F8C4095 +-0113B970FD34F2CE 059B5E0851CF143A 86A560F10EC6D85B +-0170F175468FB5E6 0756D8E0774761D2 0CD3DA020021DC09 +-43297FAD38E373FE 762514B829BF486A EA676B2CB7DB2B7A +-07A7137045DA2A16 3BDD119049372802 DFD64A815CAF1A0F +-04689104C2FD3B2F 26955F6835AF609A 5C513C9C4886C088 +-37D06BB516CB7546 164D5E404F275232 0A2AEEAE3FF4AB77 +-1F08260D1AC2465E 6B056E18759F5CCA EF1BF03E5DFA575A +-584023641ABA6176 004BD6EF09176062 88BF0DB6D70DEE56 +-025816164629B007 480D39006EE762F2 A1F9915541020B56 +-49793EBC79B3258F 437540C8698F3CFA 6FBF1CAFCFFD0556 +-4FB05E1515AB73A7 072D43A077075292 2F22E49BAB7CA1AC +-49E95D6D4CA229BF 02FE55778117F12A 5A6B612CC26CCE4A +-018310DC409B26D6 1D9D5C5018F728C2 5F4C038ED12B2E41 +-1C587F1C13924FEF 305532286D6F295A 63FAC0D034D9F793 +diff --git a/src/lib/crypto/builtin/des/t_verify.c b/src/lib/crypto/builtin/des/t_verify.c +deleted file mode 100644 +index 4a19933ca..000000000 +--- a/src/lib/crypto/builtin/des/t_verify.c ++++ /dev/null +@@ -1,395 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* lib/crypto/builtin/des/t_verify.c */ +-/* +- * Copyright 1988, 1990 by the Massachusetts Institute of Technology. +- * All Rights Reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of M.I.T. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. Furthermore if you modify this software you must label +- * your software as modified software and not distribute it in such a +- * fashion that it might be confused with the original M.I.T. software. +- * M.I.T. makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- */ +-/* +- * Copyright (C) 1998 by the FundsXpress, INC. +- * +- * All rights reserved. +- * +- * Export of this software from the United States of America may require +- * a specific license from the United States Government. It is the +- * responsibility of any person or organization contemplating export to +- * obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of FundsXpress. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. FundsXpress makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- * +- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR +- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED +- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. +- */ +- +-/* +- * +- * Program to test the correctness of the DES library +- * implementation. +- * +- * exit returns 0 ==> success +- * -1 ==> error +- */ +- +-#include "k5-int.h" +-#include "des_int.h" +-#include +-#include "com_err.h" +- +-static void do_encrypt(unsigned char *, unsigned char *); +-static void do_decrypt(unsigned char *, unsigned char *); +- +-char *progname; +-int nflag = 2; +-int vflag; +-int mflag; +-int zflag; +-int pid; +-int mit_des_debug; +- +-unsigned char cipher_text[64]; +-unsigned char clear_text[64] = "Now is the time for all " ; +-unsigned char clear_text2[64] = "7654321 Now is the time for "; +-unsigned char clear_text3[64] = {2,0,0,0, 1,0,0,0}; +-unsigned char output[64]; +-unsigned char zero_text[8] = {0x0,0,0,0,0,0,0,0}; +-unsigned char msb_text[8] = {0x0,0,0,0, 0,0,0,0x40}; /* to ANSI MSB */ +-unsigned char *input; +- +-/* 0x0123456789abcdef */ +-unsigned char default_key[8] = { +- 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef +-}; +-unsigned char key2[8] = { 0x08,0x19,0x2a,0x3b,0x4c,0x5d,0x6e,0x7f }; +-unsigned char key3[8] = { 0x80,1,1,1,1,1,1,1 }; +-mit_des_cblock s_key; +-unsigned char default_ivec[8] = { +- 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef +-}; +-unsigned char *ivec; +-unsigned char zero_key[8] = {1,1,1,1,1,1,1,1}; /* just parity bits */ +- +-unsigned char cipher1[8] = { +- 0x25,0xdd,0xac,0x3e,0x96,0x17,0x64,0x67 +-}; +-unsigned char cipher2[8] = { +- 0x3f,0xa4,0x0e,0x8a,0x98,0x4d,0x48,0x15 +-}; +-unsigned char cipher3[64] = { +- 0xe5,0xc7,0xcd,0xde,0x87,0x2b,0xf2,0x7c, +- 0x43,0xe9,0x34,0x00,0x8c,0x38,0x9c,0x0f, +- 0x68,0x37,0x88,0x49,0x9a,0x7c,0x05,0xf6 +-}; +-unsigned char checksum[8] = { +- 0x58,0xd2,0xe7,0x7e,0x86,0x06,0x27,0x33 +-}; +- +-unsigned char zresult[8] = { +- 0x8c, 0xa6, 0x4d, 0xe9, 0xc1, 0xb1, 0x23, 0xa7 +-}; +- +-unsigned char mresult[8] = { +- 0xa3, 0x80, 0xe0, 0x2a, 0x6b, 0xe5, 0x46, 0x96 +-}; +- +- +-/* +- * Can also add : +- * plaintext = 0, key = 0, cipher = 0x8ca64de9c1b123a7 (or is it a 1?) +- */ +- +-mit_des_key_schedule sched; +- +-int +-main(argc,argv) +- int argc; +- char *argv[]; +-{ +- /* Local Declarations */ +- size_t in_length; +- int retval; +- int i, j; +- +-#ifdef WINDOWS +- /* Set screen window buffer to infinite size -- MS default is tiny. */ +- _wsetscreenbuf (fileno (stdout), _WINBUFINF); +-#endif +- progname=argv[0]; /* salt away invoking program */ +- +- while (--argc > 0 && (*++argv)[0] == '-') +- for (i=1; argv[0][i] != '\0'; i++) { +- switch (argv[0][i]) { +- +- /* debug flag */ +- case 'd': +- mit_des_debug=3; +- continue; +- +- case 'z': +- zflag = 1; +- continue; +- +- case 'm': +- mflag = 1; +- continue; +- +- default: +- printf("%s: illegal flag \"%c\" ", +- progname,argv[0][i]); +- exit(1); +- } +- }; +- +- if (argc) { +- fprintf(stderr, "Usage: %s [-dmz]\n", progname); +- exit(1); +- } +- +- /* do some initialisation */ +- +- /* use known input and key */ +- +- /* ECB zero text zero key */ +- if (zflag) { +- input = zero_text; +- mit_des_key_sched(zero_key, sched); +- printf("plaintext = key = 0, cipher = 0x8ca64de9c1b123a7\n"); +- do_encrypt(input,cipher_text); +- printf("\tcipher = (low to high bytes)\n\t\t"); +- for (j = 0; j<=7; j++) +- printf("%02x ",cipher_text[j]); +- printf("\n"); +- do_decrypt(output,cipher_text); +- if ( memcmp((char *)cipher_text, (char *)zresult, 8) ) { +- printf("verify: error in zero key test\n"); +- exit(-1); +- } +- +- exit(0); +- } +- +- if (mflag) { +- input = msb_text; +- mit_des_key_sched(key3, sched); +- printf("plaintext = 0x00 00 00 00 00 00 00 40, "); +- printf("key = 0x80 01 01 01 01 01 01 01\n"); +- printf(" cipher = 0xa380e02a6be54696\n"); +- do_encrypt(input,cipher_text); +- printf("\tcipher = (low to high bytes)\n\t\t"); +- for (j = 0; j<=7; j++) { +- printf("%02x ",cipher_text[j]); +- } +- printf("\n"); +- do_decrypt(output,cipher_text); +- if ( memcmp((char *)cipher_text, (char *)mresult, 8) ) { +- printf("verify: error in msb test\n"); +- exit(-1); +- } +- exit(0); +- } +- +- /* ECB mode Davies and Price */ +- { +- input = zero_text; +- mit_des_key_sched(key2, sched); +- printf("Examples per FIPS publication 81, keys ivs and cipher\n"); +- printf("in hex. These are the correct answers, see below for\n"); +- printf("the actual answers.\n\n"); +- printf("Examples per Davies and Price.\n\n"); +- printf("EXAMPLE ECB\tkey = 08192a3b4c5d6e7f\n"); +- printf("\tclear = 0\n"); +- printf("\tcipher = 25 dd ac 3e 96 17 64 67\n"); +- printf("ACTUAL ECB\n"); +- printf("\tclear \"%s\"\n", input); +- do_encrypt(input,cipher_text); +- printf("\tcipher = (low to high bytes)\n\t\t"); +- for (j = 0; j<=7; j++) +- printf("%02x ",cipher_text[j]); +- printf("\n\n"); +- do_decrypt(output,cipher_text); +- if ( memcmp((char *)cipher_text, (char *)cipher1, 8) ) { +- printf("verify: error in ECB encryption\n"); +- exit(-1); +- } +- else +- printf("verify: ECB encryption is correct\n\n"); +- } +- +- /* ECB mode */ +- { +- mit_des_key_sched(default_key, sched); +- input = clear_text; +- ivec = default_ivec; +- printf("EXAMPLE ECB\tkey = 0123456789abcdef\n"); +- printf("\tclear = \"Now is the time for all \"\n"); +- printf("\tcipher = 3f a4 0e 8a 98 4d 48 15 ...\n"); +- printf("ACTUAL ECB\n\tclear \"%s\"",input); +- do_encrypt(input,cipher_text); +- printf("\n\tcipher = (low to high bytes)\n\t\t"); +- for (j = 0; j<=7; j++) { +- printf("%02x ",cipher_text[j]); +- } +- printf("\n\n"); +- do_decrypt(output,cipher_text); +- if ( memcmp((char *)cipher_text, (char *)cipher2, 8) ) { +- printf("verify: error in ECB encryption\n"); +- exit(-1); +- } +- else +- printf("verify: ECB encryption is correct\n\n"); +- } +- +- /* CBC mode */ +- printf("EXAMPLE CBC\tkey = 0123456789abcdef"); +- printf("\tiv = 1234567890abcdef\n"); +- printf("\tclear = \"Now is the time for all \"\n"); +- printf("\tcipher =\te5 c7 cd de 87 2b f2 7c\n"); +- printf("\t\t\t43 e9 34 00 8c 38 9c 0f\n"); +- printf("\t\t\t68 37 88 49 9a 7c 05 f6\n"); +- +- printf("ACTUAL CBC\n\tclear \"%s\"\n",input); +- in_length = strlen((char *)input); +- if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) input, +- (mit_des_cblock *) cipher_text, +- (size_t) in_length, +- sched, +- ivec, +- MIT_DES_ENCRYPT))) { +- com_err("des verify", retval, "can't encrypt"); +- exit(-1); +- } +- printf("\tciphertext = (low to high bytes)\n"); +- for (i = 0; i <= 2; i++) { +- printf("\t\t"); +- for (j = 0; j <= 7; j++) { +- printf("%02x ",cipher_text[i*8+j]); +- } +- printf("\n"); +- } +- if ((retval = mit_des_cbc_encrypt((const mit_des_cblock *) cipher_text, +- (mit_des_cblock *) clear_text, +- (size_t) in_length, +- sched, +- ivec, +- MIT_DES_DECRYPT))) { +- com_err("des verify", retval, "can't decrypt"); +- exit(-1); +- } +- printf("\tdecrypted clear_text = \"%s\"\n",clear_text); +- +- if ( memcmp((char *)cipher_text, (char *)cipher3, in_length) ) { +- printf("verify: error in CBC encryption\n"); +- exit(-1); +- } +- else +- printf("verify: CBC encryption is correct\n\n"); +- +- printf("EXAMPLE CBC checksum"); +- printf("\tkey = 0123456789abcdef\tiv = 1234567890abcdef\n"); +- printf("\tclear =\t\t\"7654321 Now is the time for \"\n"); +- printf("\tchecksum\t58 d2 e7 7e 86 06 27 33, "); +- printf("or some part thereof\n"); +- input = clear_text2; +- mit_des_cbc_cksum(input,cipher_text, strlen((char *)input), +- sched,ivec); +- printf("ACTUAL CBC checksum\n"); +- printf("\t\tencrypted cksum = (low to high bytes)\n\t\t"); +- for (j = 0; j<=7; j++) +- printf("%02x ",cipher_text[j]); +- printf("\n\n"); +- if ( memcmp((char *)cipher_text, (char *)checksum, 8) ) { +- printf("verify: error in CBC checksum\n"); +- exit(-1); +- } +- else +- printf("verify: CBC checksum is correct\n\n"); +- +- exit(0); +-} +- +-static void +-do_encrypt(in,out) +- unsigned char *in; +- unsigned char *out; +-{ +- int i, j; +- for (i =1; i<=nflag; i++) { +- mit_des_cbc_encrypt((const mit_des_cblock *)in, +- (mit_des_cblock *)out, +- 8, +- sched, +- zero_text, +- MIT_DES_ENCRYPT); +- if (mit_des_debug) { +- printf("\nclear %s\n",in); +- for (j = 0; j<=7; j++) +- printf("%02X ",in[j] & 0xff); +- printf("\tcipher "); +- for (j = 0; j<=7; j++) +- printf("%02X ",out[j] & 0xff); +- } +- } +-} +- +-static void +-do_decrypt(in,out) +- unsigned char *out; +- unsigned char *in; +- /* try to invert it */ +-{ +- int i, j; +- for (i =1; i<=nflag; i++) { +- mit_des_cbc_encrypt((const mit_des_cblock *)out, +- (mit_des_cblock *)in, +- 8, +- sched, +- zero_text, +- MIT_DES_DECRYPT); +- if (mit_des_debug) { +- printf("clear %s\n",in); +- for (j = 0; j<=7; j++) +- printf("%02X ",in[j] & 0xff); +- printf("\tcipher "); +- for (j = 0; j<=7; j++) +- printf("%02X ",out[j] & 0xff); +- } +- } +-} +- +-/* +- * Fake out the DES library, for the purposes of testing. +- */ +- +-int +-mit_des_is_weak_key(key) +- mit_des_cblock key; +-{ +- return 0; /* fake it out for testing */ +-} +diff --git a/src/lib/crypto/builtin/des/weak_key.c b/src/lib/crypto/builtin/des/weak_key.c +deleted file mode 100644 +index eb41b267d..000000000 +--- a/src/lib/crypto/builtin/des/weak_key.c ++++ /dev/null +@@ -1,86 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* lib/crypto/builtin/des/weak_key.c */ +-/* +- * Copyright 1989,1990 by the Massachusetts Institute of Technology. +- * All Rights Reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of M.I.T. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. Furthermore if you modify this software you must label +- * your software as modified software and not distribute it in such a +- * fashion that it might be confused with the original M.I.T. software. +- * M.I.T. makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- */ +- +-/* +- * Under U.S. law, this software may not be exported outside the US +- * without license from the U.S. Commerce department. +- * +- * These routines form the library interface to the DES facilities. +- * +- * Originally written 8/85 by Steve Miller, MIT Project Athena. +- */ +- +-#include "k5-int.h" +-#include "des_int.h" +- +-/* +- * The following are the weak DES keys: +- */ +-static const mit_des_cblock weak[16] = { +- /* weak keys */ +- {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01}, +- {0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe,0xfe}, +- {0x1f,0x1f,0x1f,0x1f,0x0e,0x0e,0x0e,0x0e}, +- {0xe0,0xe0,0xe0,0xe0,0xf1,0xf1,0xf1,0xf1}, +- +- /* semi-weak */ +- {0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe}, +- {0xfe,0x01,0xfe,0x01,0xfe,0x01,0xfe,0x01}, +- +- {0x1f,0xe0,0x1f,0xe0,0x0e,0xf1,0x0e,0xf1}, +- {0xe0,0x1f,0xe0,0x1f,0xf1,0x0e,0xf1,0x0e}, +- +- {0x01,0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1}, +- {0xe0,0x01,0xe0,0x01,0xf1,0x01,0xf1,0x01}, +- +- {0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e,0xfe}, +- {0xfe,0x1f,0xfe,0x1f,0xfe,0x0e,0xfe,0x0e}, +- +- {0x01,0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e}, +- {0x1f,0x01,0x1f,0x01,0x0e,0x01,0x0e,0x01}, +- +- {0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1,0xfe}, +- {0xfe,0xe0,0xfe,0xe0,0xfe,0xf1,0xfe,0xf1} +-}; +- +-/* +- * mit_des_is_weak_key: returns true iff key is a [semi-]weak des key. +- * +- * Requires: key has correct odd parity. +- */ +-int +-mit_des_is_weak_key(mit_des_cblock key) +-{ +- unsigned int i; +- const mit_des_cblock *weak_p = weak; +- +- for (i = 0; i < (sizeof(weak)/sizeof(mit_des_cblock)); i++) { +- if (!memcmp(weak_p++,key,sizeof(mit_des_cblock))) +- return 1; +- } +- +- return 0; +-} +diff --git a/src/lib/crypto/builtin/enc_provider/Makefile.in b/src/lib/crypto/builtin/enc_provider/Makefile.in +index 3459e1d0e..af6276b96 100644 +--- a/src/lib/crypto/builtin/enc_provider/Makefile.in ++++ b/src/lib/crypto/builtin/enc_provider/Makefile.in +@@ -1,7 +1,6 @@ + mydir=lib$(S)crypto$(S)builtin$(S)enc_provider + BUILDTOP=$(REL)..$(S)..$(S)..$(S).. +-LOCALINCLUDES = -I$(srcdir)/../des \ +- -I$(srcdir)/../aes \ ++LOCALINCLUDES = -I$(srcdir)/../aes \ + -I$(srcdir)/../camellia \ + -I$(srcdir)/../../krb \ + -I$(srcdir)/.. +@@ -11,19 +10,16 @@ LOCALINCLUDES = -I$(srcdir)/../des \ + ##DOS##OBJFILE = ..\..\$(OUTPRE)enc_provider.lst + + STLIBOBJS= \ +- des3.o \ + rc4.o \ + aes.o \ + camellia.o + + OBJS= \ +- $(OUTPRE)des3.$(OBJEXT) \ + $(OUTPRE)aes.$(OBJEXT) \ + $(OUTPRE)camellia.$(OBJEXT) \ + $(OUTPRE)rc4.$(OBJEXT) + + SRCS= \ +- $(srcdir)/des3.c \ + $(srcdir)/aes.c \ + $(srcdir)/camellia.c \ + $(srcdir)/rc4.c +diff --git a/src/lib/crypto/builtin/enc_provider/deps b/src/lib/crypto/builtin/enc_provider/deps +index ea4ffecd8..061289a91 100644 +--- a/src/lib/crypto/builtin/enc_provider/deps ++++ b/src/lib/crypto/builtin/enc_provider/deps +@@ -1,19 +1,6 @@ + # + # Generated makefile dependencies follow. + # +-des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ +- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ +- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ +- $(srcdir)/../aes/aes.h $(srcdir)/../aes/brg_types.h \ +- $(srcdir)/../crypto_mod.h $(srcdir)/../des/des_int.h \ +- $(srcdir)/../sha2/sha2.h $(top_srcdir)/include/k5-buf.h \ +- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ +- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ +- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ +- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ +- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ +- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ +- $(top_srcdir)/include/socket-utils.h des3.c + aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ +diff --git a/src/lib/crypto/builtin/enc_provider/des3.c b/src/lib/crypto/builtin/enc_provider/des3.c +deleted file mode 100644 +index 9b8244223..000000000 +--- a/src/lib/crypto/builtin/enc_provider/des3.c ++++ /dev/null +@@ -1,105 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* +- * Copyright (C) 1998 by the FundsXpress, INC. +- * +- * All rights reserved. +- * +- * Export of this software from the United States of America may require +- * a specific license from the United States Government. It is the +- * responsibility of any person or organization contemplating export to +- * obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of FundsXpress. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. FundsXpress makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- * +- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR +- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED +- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. +- */ +- +-#include "crypto_int.h" +-#include "des_int.h" +- +-static krb5_error_code +-validate_and_schedule(krb5_key key, const krb5_data *ivec, +- const krb5_crypto_iov *data, size_t num_data, +- mit_des3_key_schedule *schedule) +-{ +- if (key->keyblock.length != 24) +- return(KRB5_BAD_KEYSIZE); +- if (iov_total_length(data, num_data, FALSE) % 8 != 0) +- return(KRB5_BAD_MSIZE); +- if (ivec && (ivec->length != 8)) +- return(KRB5_BAD_MSIZE); +- +- switch (mit_des3_key_sched(*(mit_des3_cblock *)key->keyblock.contents, +- *schedule)) { +- case -1: +- return(KRB5DES_BAD_KEYPAR); +- case -2: +- return(KRB5DES_WEAK_KEY); +- } +- return 0; +-} +- +-static krb5_error_code +-k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, +- size_t num_data) +-{ +- mit_des3_key_schedule schedule; +- krb5_error_code err; +- +- err = validate_and_schedule(key, ivec, data, num_data, &schedule); +- if (err) +- return err; +- +- /* this has a return value, but the code always returns zero */ +- krb5int_des3_cbc_encrypt(data, num_data, +- schedule[0], schedule[1], schedule[2], +- ivec != NULL ? (unsigned char *) ivec->data : +- NULL); +- +- zap(schedule, sizeof(schedule)); +- +- return(0); +-} +- +-static krb5_error_code +-k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, +- size_t num_data) +-{ +- mit_des3_key_schedule schedule; +- krb5_error_code err; +- +- err = validate_and_schedule(key, ivec, data, num_data, &schedule); +- if (err) +- return err; +- +- /* this has a return value, but the code always returns zero */ +- krb5int_des3_cbc_decrypt(data, num_data, +- schedule[0], schedule[1], schedule[2], +- ivec != NULL ? (unsigned char *) ivec->data : +- NULL); +- +- zap(schedule, sizeof(schedule)); +- +- return 0; +-} +- +-const struct krb5_enc_provider krb5int_enc_des3 = { +- 8, +- 21, 24, +- k5_des3_encrypt, +- k5_des3_decrypt, +- NULL, +- krb5int_des_init_state, +- krb5int_default_free_state +-}; +diff --git a/src/lib/crypto/crypto_tests/t_cf2.expected b/src/lib/crypto/crypto_tests/t_cf2.expected +index f8251a16c..bc6aa50c8 100644 +--- a/src/lib/crypto/crypto_tests/t_cf2.expected ++++ b/src/lib/crypto/crypto_tests/t_cf2.expected +@@ -1,6 +1,5 @@ + 97df97e4b798b29eb31ed7280287a92a + 4d6ca4e629785c1f01baf55e2e548566b9617ae3a96868c337cb93b5e72b1c7b +-e58f9eb643862c13ad38e529313462a7f73e62834fe54a01 + 24d7f6b6bae4e5c00d2082c5ebab3672 + edd02a39d2dbde31611c16e610be062c + 67f6ea530aea85a37dcbb23349ea52dcc61ca8493ff557252327fd8304341584 +diff --git a/src/lib/crypto/crypto_tests/t_cf2.in b/src/lib/crypto/crypto_tests/t_cf2.in +index 73e2f8fbc..c4d23b506 100644 +--- a/src/lib/crypto/crypto_tests/t_cf2.in ++++ b/src/lib/crypto/crypto_tests/t_cf2.in +@@ -8,11 +8,6 @@ key1 + key2 + a + b +-16 +-key1 +-key2 +-a +-b + 23 + key1 + key2 +diff --git a/src/lib/crypto/crypto_tests/t_cksums.c b/src/lib/crypto/crypto_tests/t_cksums.c +index 8297fcbf5..3063d12ec 100644 +--- a/src/lib/crypto/crypto_tests/t_cksums.c ++++ b/src/lib/crypto/crypto_tests/t_cksums.c +@@ -59,16 +59,6 @@ struct test { + "\xDA\x39\xA3\xEE\x5E\x6B\x4B\x0D\x32\x55\xBF\xEF\x95\x60\x18\x90" + "\xAF\xD8\x07\x09" } + }, +- { +- { KV5M_DATA, 9, "six seven" }, +- CKSUMTYPE_HMAC_SHA1_DES3, ENCTYPE_DES3_CBC_SHA1, 2, +- { KV5M_DATA, 24, +- "\x7A\x25\xDF\x89\x92\x29\x6D\xCE\xDA\x0E\x13\x5B\xC4\x04\x6E\x23" +- "\x75\xB3\xC1\x4C\x98\xFB\xC1\x62" }, +- { KV5M_DATA, 20, +- "\x0E\xEF\xC9\xC3\xE0\x49\xAA\xBC\x1B\xA5\xC4\x01\x67\x7D\x9A\xB6" +- "\x99\x08\x2B\xB4" } +- }, + { + { KV5M_DATA, 37, "eight nine ten eleven twelve thirteen" }, + CKSUMTYPE_HMAC_SHA1_96_AES128, ENCTYPE_AES128_CTS_HMAC_SHA1_96, 3, +diff --git a/src/lib/crypto/crypto_tests/t_decrypt.c b/src/lib/crypto/crypto_tests/t_decrypt.c +index a40a85500..716f2c337 100644 +--- a/src/lib/crypto/crypto_tests/t_decrypt.c ++++ b/src/lib/crypto/crypto_tests/t_decrypt.c +@@ -39,62 +39,6 @@ struct test { + krb5_data keybits; + krb5_data ciphertext; + } test_cases[] = { +- { +- ENCTYPE_DES3_CBC_SHA1, +- { KV5M_DATA, 0, "", }, 0, +- { KV5M_DATA, 24, +- "\x7A\x25\xDF\x89\x92\x29\x6D\xCE\xDA\x0E\x13\x5B\xC4\x04\x6E\x23" +- "\x75\xB3\xC1\x4C\x98\xFB\xC1\x62" }, +- { KV5M_DATA, 28, +- "\x54\x8A\xF4\xD5\x04\xF7\xD7\x23\x30\x3F\x12\x17\x5F\xE8\x38\x6B" +- "\x7B\x53\x35\xA9\x67\xBA\xD6\x1F\x3B\xF0\xB1\x43" } +- }, +- { +- ENCTYPE_DES3_CBC_SHA1, +- { KV5M_DATA, 1, "1", }, 1, +- { KV5M_DATA, 24, +- "\xBC\x07\x83\x89\x15\x13\xD5\xCE\x57\xBC\x13\x8F\xD3\xC1\x1A\xE6" +- "\x40\x45\x23\x85\x32\x29\x62\xB6" }, +- { KV5M_DATA, 36, +- "\x9C\x3C\x1D\xBA\x47\x47\xD8\x5A\xF2\x91\x6E\x47\x45\xF2\xDC\xE3" +- "\x80\x46\x79\x6E\x51\x04\xBC\xCD\xFB\x66\x9A\x91\xD4\x4B\xC3\x56" +- "\x66\x09\x45\xC7" } +- }, +- { +- ENCTYPE_DES3_CBC_SHA1, +- { KV5M_DATA, 9, "9 bytesss", }, 2, +- { KV5M_DATA, 24, +- "\x2F\xD0\xF7\x25\xCE\x04\x10\x0D\x2F\xC8\xA1\x80\x98\x83\x1F\x85" +- "\x0B\x45\xD9\xEF\x85\x0B\xD9\x20" }, +- { KV5M_DATA, 44, +- "\xCF\x91\x44\xEB\xC8\x69\x79\x81\x07\x5A\x8B\xAD\x8D\x74\xE5\xD7" +- "\xD5\x91\xEB\x7D\x97\x70\xC7\xAD\xA2\x5E\xE8\xC5\xB3\xD6\x94\x44" +- "\xDF\xEC\x79\xA5\xB7\xA0\x14\x82\xD9\xAF\x74\xE6" } +- }, +- { +- ENCTYPE_DES3_CBC_SHA1, +- { KV5M_DATA, 13, "13 bytes byte", }, 3, +- { KV5M_DATA, 24, +- "\x0D\xD5\x20\x94\xE0\xF4\x1C\xEC\xCB\x5B\xE5\x10\xA7\x64\xB3\x51" +- "\x76\xE3\x98\x13\x32\xF1\xE5\x98" }, +- { KV5M_DATA, 44, +- "\x83\x9A\x17\x08\x1E\xCB\xAF\xBC\xDC\x91\xB8\x8C\x69\x55\xDD\x3C" +- "\x45\x14\x02\x3C\xF1\x77\xB7\x7B\xF0\xD0\x17\x7A\x16\xF7\x05\xE8" +- "\x49\xCB\x77\x81\xD7\x6A\x31\x6B\x19\x3F\x8D\x30" } +- }, +- { +- ENCTYPE_DES3_CBC_SHA1, +- { KV5M_DATA, 30, "30 bytes bytes bytes bytes byt", }, 4, +- { KV5M_DATA, 24, +- "\xF1\x16\x86\xCB\xBC\x9E\x23\xEA\x54\xFE\xCD\x2A\x3D\xCD\xFB\x20" +- "\xB6\xFE\x98\xBF\x26\x45\xC4\xC4" }, +- { KV5M_DATA, 60, +- "\x89\x43\x3E\x83\xFD\x0E\xA3\x66\x6C\xFF\xCD\x18\xD8\xDE\xEB\xC5" +- "\x3B\x9A\x34\xED\xBE\xB1\x59\xD9\xF6\x67\xC6\xC2\xB9\xA9\x64\x40" +- "\x1D\x55\xE7\xE9\xC6\x8D\x64\x8D\x65\xC3\xAA\x84\xFF\xA3\x79\x0C" +- "\x14\xA8\x64\xDA\x80\x73\xA9\xA9\x5C\x4B\xA2\xBC" } +- }, +- + { + ENCTYPE_ARCFOUR_HMAC, + { KV5M_DATA, 0, "", }, 0, +@@ -524,7 +468,6 @@ printhex(const char *head, void *data, size_t len) + + static krb5_enctype + enctypes[] = { +- ENCTYPE_DES3_CBC_SHA1, + ENCTYPE_ARCFOUR_HMAC, + ENCTYPE_ARCFOUR_HMAC_EXP, + ENCTYPE_AES128_CTS_HMAC_SHA1_96, +diff --git a/src/lib/crypto/crypto_tests/t_derive.c b/src/lib/crypto/crypto_tests/t_derive.c +index afbf7477f..93ce30da2 100644 +--- a/src/lib/crypto/crypto_tests/t_derive.c ++++ b/src/lib/crypto/crypto_tests/t_derive.c +@@ -38,41 +38,6 @@ struct test { + enum deriv_alg alg; + krb5_data expected_key; + } test_cases[] = { +- /* Kc, Ke, Kei for a DES3 key */ +- { +- ENCTYPE_DES3_CBC_SHA1, +- { KV5M_DATA, 24, +- "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE" +- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" }, +- { KV5M_DATA, 5, "\0\0\0\2\x99" }, +- DERIVE_RFC3961, +- { KV5M_DATA, 24, +- "\xF7\x8C\x49\x6D\x16\xE6\xC2\xDA\xE0\xE0\xB6\xC2\x40\x57\xA8\x4C" +- "\x04\x26\xAE\xEF\x26\xFD\x6D\xCE" } +- }, +- { +- ENCTYPE_DES3_CBC_SHA1, +- { KV5M_DATA, 24, +- "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE" +- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" }, +- { KV5M_DATA, 5, "\0\0\0\2\xAA" }, +- DERIVE_RFC3961, +- { KV5M_DATA, 24, +- "\x5B\x57\x23\xD0\xB6\x34\xCB\x68\x4C\x3E\xBA\x52\x64\xE9\xA7\x0D" +- "\x52\xE6\x83\x23\x1A\xD3\xC4\xCE" } +- }, +- { +- ENCTYPE_DES3_CBC_SHA1, +- { KV5M_DATA, 24, +- "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C\x31\x3E\x3B\xFE" +- "\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" }, +- { KV5M_DATA, 5, "\0\0\0\2\x55" }, +- DERIVE_RFC3961, +- { KV5M_DATA, 24, +- "\xA7\x7C\x94\x98\x0E\x9B\x73\x45\xA8\x15\x25\xC4\x23\xA7\x37\xCE" +- "\x67\xF4\xCD\x91\xB6\xB3\xDA\x45" } +- }, +- + /* Kc, Ke, Ki for an AES-128 key */ + { + ENCTYPE_AES128_CTS_HMAC_SHA1_96, +@@ -286,7 +251,6 @@ static const struct krb5_enc_provider * + get_enc_provider(krb5_enctype enctype) + { + switch (enctype) { +- case ENCTYPE_DES3_CBC_SHA1: return &krb5int_enc_des3; + case ENCTYPE_AES128_CTS_HMAC_SHA1_96: return &krb5int_enc_aes128; + case ENCTYPE_AES256_CTS_HMAC_SHA1_96: return &krb5int_enc_aes256; + case ENCTYPE_CAMELLIA128_CTS_CMAC: return &krb5int_enc_camellia128; +diff --git a/src/lib/crypto/crypto_tests/t_encrypt.c b/src/lib/crypto/crypto_tests/t_encrypt.c +index bd9b94691..290a72e1e 100644 +--- a/src/lib/crypto/crypto_tests/t_encrypt.c ++++ b/src/lib/crypto/crypto_tests/t_encrypt.c +@@ -37,7 +37,6 @@ + + /* What enctypes should we test?*/ + krb5_enctype interesting_enctypes[] = { +- ENCTYPE_DES3_CBC_SHA1, + ENCTYPE_ARCFOUR_HMAC, + ENCTYPE_ARCFOUR_HMAC_EXP, + ENCTYPE_AES256_CTS_HMAC_SHA1_96, +diff --git a/src/lib/crypto/crypto_tests/t_short.c b/src/lib/crypto/crypto_tests/t_short.c +index d4c2b97df..4466b7115 100644 +--- a/src/lib/crypto/crypto_tests/t_short.c ++++ b/src/lib/crypto/crypto_tests/t_short.c +@@ -34,7 +34,6 @@ + #include "k5-int.h" + + krb5_enctype interesting_enctypes[] = { +- ENCTYPE_DES3_CBC_SHA1, + ENCTYPE_ARCFOUR_HMAC, + ENCTYPE_ARCFOUR_HMAC_EXP, + ENCTYPE_AES256_CTS_HMAC_SHA1_96, +diff --git a/src/lib/crypto/crypto_tests/t_str2key.c b/src/lib/crypto/crypto_tests/t_str2key.c +index cdb1acc6d..ef4c4a7d3 100644 +--- a/src/lib/crypto/crypto_tests/t_str2key.c ++++ b/src/lib/crypto/crypto_tests/t_str2key.c +@@ -35,58 +35,6 @@ struct test { + krb5_error_code expected_err; + krb5_boolean allow_weak; + } test_cases[] = { +- /* Test vectors from RFC 3961 appendix A.4. */ +- { +- ENCTYPE_DES3_CBC_SHA1, +- "password", +- { KV5M_DATA, 21, "ATHENA.MIT.EDUraeburn" }, +- { KV5M_DATA, 0, NULL }, +- { KV5M_DATA, 24, "\x85\x0B\xB5\x13\x58\x54\x8C\xD0\x5E\x86\x76\x8C" +- "\x31\x3E\x3B\xFE\xF7\x51\x19\x37\xDC\xF7\x2C\x3E" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES3_CBC_SHA1, +- "potatoe", +- { KV5M_DATA, 19, "WHITEHOUSE.GOVdanny" }, +- { KV5M_DATA, 0, NULL }, +- { KV5M_DATA, 24, "\xDF\xCD\x23\x3D\xD0\xA4\x32\x04\xEA\x6D\xC4\x37" +- "\xFB\x15\xE0\x61\xB0\x29\x79\xC1\xF7\x4F\x37\x7A" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES3_CBC_SHA1, +- "penny", +- { KV5M_DATA, 19, "EXAMPLE.COMbuckaroo" }, +- { KV5M_DATA, 0, NULL }, +- { KV5M_DATA, 24, "\x6D\x2F\xCD\xF2\xD6\xFB\xBC\x3D\xDC\xAD\xB5\xDA" +- "\x57\x10\xA2\x34\x89\xB0\xD3\xB6\x9D\x5D\x9D\x4A" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES3_CBC_SHA1, +- "\xC3\x9F", +- { KV5M_DATA, 23, "ATHENA.MIT.EDUJuri\xC5\xA1\x69\xC4\x87" }, +- { KV5M_DATA, 0, NULL }, +- { KV5M_DATA, 24, "\x16\xD5\xA4\x0E\x1C\xE3\xBA\xCB\x61\xB9\xDC\xE0" +- "\x04\x70\x32\x4C\x83\x19\x73\xA7\xB9\x52\xFE\xB0" }, +- 0, +- FALSE +- }, +- { +- ENCTYPE_DES3_CBC_SHA1, +- "\xF0\x9D\x84\x9E", +- { KV5M_DATA, 18, "EXAMPLE.COMpianist" }, +- { KV5M_DATA, 0, NULL }, +- { KV5M_DATA, 24, "\x85\x76\x37\x26\x58\x5D\xBC\x1C\xCE\x6E\xC4\x3E" +- "\x1F\x75\x1F\x07\xF1\xC4\xCB\xB0\x98\xF4\x0B\x19" }, +- 0, +- FALSE +- }, +- + /* Test vectors from RFC 3962 appendix B. */ + { + ENCTYPE_AES128_CTS_HMAC_SHA1_96, +diff --git a/src/lib/crypto/krb/Makefile.in b/src/lib/crypto/krb/Makefile.in +index b74e6f7cc..2b0c4163d 100644 +--- a/src/lib/crypto/krb/Makefile.in ++++ b/src/lib/crypto/krb/Makefile.in +@@ -50,7 +50,6 @@ STLIBOBJS=\ + prf.o \ + prf_aes2.o \ + prf_cmac.o \ +- prf_des.o \ + prf_dk.o \ + prf_rc4.o \ + prng.o \ +@@ -109,7 +108,6 @@ OBJS=\ + $(OUTPRE)prf.$(OBJEXT) \ + $(OUTPRE)prf_aes2.$(OBJEXT) \ + $(OUTPRE)prf_cmac.$(OBJEXT) \ +- $(OUTPRE)prf_des.$(OBJEXT) \ + $(OUTPRE)prf_dk.$(OBJEXT) \ + $(OUTPRE)prf_rc4.$(OBJEXT) \ + $(OUTPRE)prng.$(OBJEXT) \ +@@ -168,7 +166,6 @@ SRCS=\ + $(srcdir)/prf.c \ + $(srcdir)/prf_aes2.c \ + $(srcdir)/prf_cmac.c \ +- $(srcdir)/prf_des.c \ + $(srcdir)/prf_dk.c \ + $(srcdir)/prf_rc4.c \ + $(srcdir)/prng.c \ +diff --git a/src/lib/crypto/krb/cksumtypes.c b/src/lib/crypto/krb/cksumtypes.c +index ecc2e08c9..f5fbe8a2a 100644 +--- a/src/lib/crypto/krb/cksumtypes.c ++++ b/src/lib/crypto/krb/cksumtypes.c +@@ -46,12 +46,6 @@ const struct krb5_cksumtypes krb5int_cksumtypes_list[] = { + krb5int_unkeyed_checksum, NULL, + 20, 20, CKSUM_UNKEYED }, + +- { CKSUMTYPE_HMAC_SHA1_DES3, +- "hmac-sha1-des3", { "hmac-sha1-des3-kd" }, "HMAC-SHA1 DES3 key", +- &krb5int_enc_des3, &krb5int_hash_sha1, +- krb5int_dk_checksum, NULL, +- 20, 20, 0 }, +- + { CKSUMTYPE_HMAC_MD5_ARCFOUR, + "hmac-md5-rc4", { "hmac-md5-enc", "hmac-md5-earcfour" }, + "Microsoft HMAC MD5", +diff --git a/src/lib/crypto/krb/crypto_int.h b/src/lib/crypto/krb/crypto_int.h +index 19f808749..4bc430c7a 100644 +--- a/src/lib/crypto/krb/crypto_int.h ++++ b/src/lib/crypto/krb/crypto_int.h +@@ -276,10 +276,6 @@ krb5_error_code krb5int_aes2_string_to_key(const struct krb5_keytypes *enc, + /* Random to key */ + krb5_error_code k5_rand2key_direct(const krb5_data *randombits, + krb5_keyblock *keyblock); +-krb5_error_code k5_rand2key_des(const krb5_data *randombits, +- krb5_keyblock *keyblock); +-krb5_error_code k5_rand2key_des3(const krb5_data *randombits, +- krb5_keyblock *keyblock); + + /* Pseudo-random function */ + krb5_error_code krb5int_des_prf(const struct krb5_keytypes *ktp, +@@ -368,11 +364,6 @@ krb5_keyusage krb5int_arcfour_translate_usage(krb5_keyusage usage); + /* Ensure library initialization has occurred. */ + int krb5int_crypto_init(void); + +-/* DES default state initialization handler (used by module enc providers). */ +-krb5_error_code krb5int_des_init_state(const krb5_keyblock *key, +- krb5_keyusage keyusage, +- krb5_data *state_out); +- + /* Default state cleanup handler (used by module enc providers). */ + void krb5int_default_free_state(krb5_data *state); + +@@ -425,7 +416,6 @@ void k5_iov_cursor_put(struct iov_cursor *cursor, unsigned char *block); + /* Modules must implement the k5_sha256() function prototyped in k5-int.h. */ + + /* Modules must implement the following enc_providers and hash_providers: */ +-extern const struct krb5_enc_provider krb5int_enc_des3; + extern const struct krb5_enc_provider krb5int_enc_arcfour; + extern const struct krb5_enc_provider krb5int_enc_aes128; + extern const struct krb5_enc_provider krb5int_enc_aes256; +@@ -442,12 +432,6 @@ extern const struct krb5_hash_provider krb5int_hash_sha384; + + /* Modules must implement the following functions. */ + +-/* Set the parity bits to the correct values in keybits. */ +-void k5_des_fixup_key_parity(unsigned char *keybits); +- +-/* Return true if keybits is a weak or semi-weak DES key. */ +-krb5_boolean k5_des_is_weak_key(unsigned char *keybits); +- + /* Compute an HMAC using the provided hash function, key, and data, storing the + * result into output (caller-allocated). */ + krb5_error_code krb5int_hmac(const struct krb5_hash_provider *hash, +diff --git a/src/lib/crypto/krb/default_state.c b/src/lib/crypto/krb/default_state.c +index 0757c8b02..f89dc7902 100644 +--- a/src/lib/crypto/krb/default_state.c ++++ b/src/lib/crypto/krb/default_state.c +@@ -32,16 +32,6 @@ + + #include "crypto_int.h" + +-krb5_error_code +-krb5int_des_init_state(const krb5_keyblock *key, krb5_keyusage usage, +- krb5_data *state_out) +-{ +- if (alloc_data(state_out, 8)) +- return ENOMEM; +- +- return 0; +-} +- + void + krb5int_default_free_state(krb5_data *state) + { +diff --git a/src/lib/crypto/krb/enctype_util.c b/src/lib/crypto/krb/enctype_util.c +index 1542d4062..a0037912a 100644 +--- a/src/lib/crypto/krb/enctype_util.c ++++ b/src/lib/crypto/krb/enctype_util.c +@@ -45,6 +45,9 @@ struct { + { ENCTYPE_DES_CBC_MD5, "des-cbc-md5" }, + { ENCTYPE_DES_CBC_RAW, "des-cbc-raw" }, + { ENCTYPE_DES_HMAC_SHA1, "des-hmac-sha1" }, ++ { ENCTYPE_DES3_CBC_SHA, "des3-cbc-sha1" }, ++ { ENCTYPE_DES3_CBC_RAW, "des3-cbc-raw" }, ++ { ENCTYPE_DES3_CBC_SHA1, "des3-hmac-sha1" }, + { ENCTYPE_NULL, NULL } + }; + +diff --git a/src/lib/crypto/krb/etypes.c b/src/lib/crypto/krb/etypes.c +index fc278783b..7635393a4 100644 +--- a/src/lib/crypto/krb/etypes.c ++++ b/src/lib/crypto/krb/etypes.c +@@ -35,27 +35,6 @@ + + /* Deprecations come from RFC 6649 and RFC 8249. */ + const struct krb5_keytypes krb5int_enctypes_list[] = { +- { ENCTYPE_DES3_CBC_RAW, +- "des3-cbc-raw", { 0 }, "Triple DES cbc mode raw", +- &krb5int_enc_des3, NULL, +- 16, +- krb5int_raw_crypto_length, krb5int_raw_encrypt, krb5int_raw_decrypt, +- krb5int_dk_string_to_key, k5_rand2key_des3, +- NULL, /*PRF*/ +- 0, +- ETYPE_WEAK | ETYPE_DEPRECATED, 112 }, +- +- { ENCTYPE_DES3_CBC_SHA1, +- "des3-cbc-sha1", { "des3-hmac-sha1", "des3-cbc-sha1-kd" }, +- "Triple DES cbc mode with HMAC/sha1", +- &krb5int_enc_des3, &krb5int_hash_sha1, +- 16, +- krb5int_dk_crypto_length, krb5int_dk_encrypt, krb5int_dk_decrypt, +- krb5int_dk_string_to_key, k5_rand2key_des3, +- krb5int_dk_prf, +- CKSUMTYPE_HMAC_SHA1_DES3, +- ETYPE_DEPRECATED, 112 }, +- + /* rc4-hmac uses a 128-bit key, but due to weaknesses in the RC4 cipher, we + * consider its strength degraded and assign it an SSF value of 64. */ + { ENCTYPE_ARCFOUR_HMAC, +diff --git a/src/lib/crypto/krb/prf_des.c b/src/lib/crypto/krb/prf_des.c +deleted file mode 100644 +index 7a2d719c5..000000000 +--- a/src/lib/crypto/krb/prf_des.c ++++ /dev/null +@@ -1,47 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* lib/crypto/krb/prf_des.c - RFC 3961 DES-based PRF */ +-/* +- * Copyright (C) 2004, 2009 by the Massachusetts Institute of Technology. +- * All rights reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of M.I.T. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. Furthermore if you modify this software you must label +- * your software as modified software and not distribute it in such a +- * fashion that it might be confused with the original M.I.T. software. +- * M.I.T. makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- */ +- +-#include "crypto_int.h" +- +-krb5_error_code +-krb5int_des_prf(const struct krb5_keytypes *ktp, krb5_key key, +- const krb5_data *in, krb5_data *out) +-{ +- const struct krb5_hash_provider *hash = &krb5int_hash_md5; +- krb5_crypto_iov iov; +- krb5_error_code ret; +- +- /* Compute a hash of the input, storing into the output buffer. */ +- iov.flags = KRB5_CRYPTO_TYPE_DATA; +- iov.data = *in; +- ret = hash->hash(&iov, 1, out); +- if (ret != 0) +- return ret; +- +- /* Encrypt the hash in place. */ +- iov.data = *out; +- return ktp->enc->encrypt(key, NULL, &iov, 1); +-} +diff --git a/src/lib/crypto/krb/random_to_key.c b/src/lib/crypto/krb/random_to_key.c +index 157462526..863090beb 100644 +--- a/src/lib/crypto/krb/random_to_key.c ++++ b/src/lib/crypto/krb/random_to_key.c +@@ -71,48 +71,3 @@ k5_rand2key_direct(const krb5_data *randombits, krb5_keyblock *keyblock) + memcpy(keyblock->contents, randombits->data, randombits->length); + return 0; + } +- +-static inline void +-eighth_byte(unsigned char *b) +-{ +- b[7] = (((b[0] & 1) << 1) | ((b[1] & 1) << 2) | ((b[2] & 1) << 3) | +- ((b[3] & 1) << 4) | ((b[4] & 1) << 5) | ((b[5] & 1) << 6) | +- ((b[6] & 1) << 7)); +-} +- +-krb5_error_code +-k5_rand2key_des(const krb5_data *randombits, krb5_keyblock *keyblock) +-{ +- if (randombits->length != 7) +- return(KRB5_CRYPTO_INTERNAL); +- +- keyblock->magic = KV5M_KEYBLOCK; +- +- /* Take the seven bytes, move them around into the top 7 bits of the +- * 8 key bytes, then compute the parity bits. */ +- memcpy(keyblock->contents, randombits->data, randombits->length); +- eighth_byte(keyblock->contents); +- k5_des_fixup_key_parity(keyblock->contents); +- +- return 0; +-} +- +-krb5_error_code +-k5_rand2key_des3(const krb5_data *randombits, krb5_keyblock *keyblock) +-{ +- int i; +- +- if (randombits->length != 21) +- return KRB5_CRYPTO_INTERNAL; +- +- keyblock->magic = KV5M_KEYBLOCK; +- +- /* Take the seven bytes, move them around into the top 7 bits of the +- * 8 key bytes, then compute the parity bits. Do this three times. */ +- for (i = 0; i < 3; i++) { +- memcpy(&keyblock->contents[i * 8], &randombits->data[i * 7], 7); +- eighth_byte(&keyblock->contents[i * 8]); +- k5_des_fixup_key_parity(&keyblock->contents[i * 8]); +- } +- return 0; +-} +diff --git a/src/lib/crypto/libk5crypto.exports b/src/lib/crypto/libk5crypto.exports +index d6cc1b423..f44cb9170 100644 +--- a/src/lib/crypto/libk5crypto.exports ++++ b/src/lib/crypto/libk5crypto.exports +@@ -86,7 +86,6 @@ krb5_k_verify_checksum + krb5_k_verify_checksum_iov + krb5int_aes_encrypt + krb5int_aes_decrypt +-krb5int_enc_des3 + krb5int_arcfour_gsscrypt + krb5int_camellia_cbc_mac + krb5int_cmac_checksum +diff --git a/src/lib/crypto/openssl/Makefile.in b/src/lib/crypto/openssl/Makefile.in +index aa434b168..234fc0e76 100644 +--- a/src/lib/crypto/openssl/Makefile.in ++++ b/src/lib/crypto/openssl/Makefile.in +@@ -1,6 +1,6 @@ + mydir=lib$(S)crypto$(S)openssl + BUILDTOP=$(REL)..$(S)..$(S).. +-SUBDIRS=camellia des aes md4 md5 sha1 sha2 enc_provider hash_provider ++SUBDIRS=camellia aes md4 md5 sha1 sha2 enc_provider hash_provider + LOCALINCLUDES = -I$(srcdir)/../krb -I$(srcdir) + + STLIBOBJS=\ +@@ -24,14 +24,14 @@ SRCS=\ + $(srcdir)/sha256.c \ + $(srcdir)/stubs.c + +-STOBJLISTS= des/OBJS.ST md4/OBJS.ST \ ++STOBJLISTS= md4/OBJS.ST \ + md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \ + enc_provider/OBJS.ST \ + hash_provider/OBJS.ST \ + aes/OBJS.ST \ + OBJS.ST + +-SUBDIROBJLISTS= des/OBJS.ST md4/OBJS.ST \ ++SUBDIROBJLISTS= md4/OBJS.ST \ + md5/OBJS.ST sha1/OBJS.ST sha2/OBJS.ST \ + enc_provider/OBJS.ST \ + hash_provider/OBJS.ST \ +@@ -42,7 +42,7 @@ includes: depend + + depend: $(SRCS) + +-clean-unix:: clean-libobjs ++clean-unix:: clean-libobjsn + + @lib_frag@ + @libobj_frag@ +diff --git a/src/lib/crypto/openssl/des/Makefile.in b/src/lib/crypto/openssl/des/Makefile.in +deleted file mode 100644 +index 4392fb8ea..000000000 +--- a/src/lib/crypto/openssl/des/Makefile.in ++++ /dev/null +@@ -1,20 +0,0 @@ +-mydir=lib$(S)crypto$(S)openssl$(S)des +-BUILDTOP=$(REL)..$(S)..$(S)..$(S).. +-LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. +- +-STLIBOBJS= des_keys.o +- +-OBJS= $(OUTPRE)des_keys.$(OBJEXT) +- +-SRCS= $(srcdir)/des_keys.c +- +-all-unix: all-libobjs +- +-includes: depend +- +-depend: $(SRCS) +- +-clean-unix:: clean-libobjs +- +-@libobj_frag@ +- +diff --git a/src/lib/crypto/openssl/des/deps b/src/lib/crypto/openssl/des/deps +deleted file mode 100644 +index 21b904f89..000000000 +--- a/src/lib/crypto/openssl/des/deps ++++ /dev/null +@@ -1,15 +0,0 @@ +-# +-# Generated makefile dependencies follow. +-# +-des_keys.so des_keys.po $(OUTPRE)des_keys.$(OBJEXT): \ +- $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ +- $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ +- $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h $(srcdir)/../crypto_mod.h \ +- $(top_srcdir)/include/k5-buf.h $(top_srcdir)/include/k5-err.h \ +- $(top_srcdir)/include/k5-gmt_mktime.h $(top_srcdir)/include/k5-int-pkinit.h \ +- $(top_srcdir)/include/k5-int.h $(top_srcdir)/include/k5-platform.h \ +- $(top_srcdir)/include/k5-plugin.h $(top_srcdir)/include/k5-thread.h \ +- $(top_srcdir)/include/k5-trace.h $(top_srcdir)/include/krb5.h \ +- $(top_srcdir)/include/krb5/authdata_plugin.h $(top_srcdir)/include/krb5/plugin.h \ +- $(top_srcdir)/include/port-sockets.h $(top_srcdir)/include/socket-utils.h \ +- des_keys.c +diff --git a/src/lib/crypto/openssl/des/des_keys.c b/src/lib/crypto/openssl/des/des_keys.c +deleted file mode 100644 +index 51d9db216..000000000 +--- a/src/lib/crypto/openssl/des/des_keys.c ++++ /dev/null +@@ -1,40 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* lib/crypto/openssl/des/des_keys.c - Key functions used by Kerberos code */ +-/* +- * Copyright (C) 2011 by the Massachusetts Institute of Technology. +- * All rights reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of M.I.T. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. Furthermore if you modify this software you must label +- * your software as modified software and not distribute it in such a +- * fashion that it might be confused with the original M.I.T. software. +- * M.I.T. makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- */ +- +-#include "crypto_int.h" +-#include +- +-void +-k5_des_fixup_key_parity(unsigned char *keybits) +-{ +- DES_set_odd_parity((DES_cblock *)keybits); +-} +- +-krb5_boolean +-k5_des_is_weak_key(unsigned char *keybits) +-{ +- return DES_is_weak_key((DES_cblock *)keybits); +-} +diff --git a/src/lib/crypto/openssl/enc_provider/Makefile.in b/src/lib/crypto/openssl/enc_provider/Makefile.in +index a9069d22d..2b32c3ac4 100644 +--- a/src/lib/crypto/openssl/enc_provider/Makefile.in ++++ b/src/lib/crypto/openssl/enc_provider/Makefile.in +@@ -3,19 +3,16 @@ BUILDTOP=$(REL)..$(S)..$(S)..$(S).. + LOCALINCLUDES = -I$(srcdir)/../../krb -I$(srcdir)/.. + + STLIBOBJS= \ +- des3.o \ + rc4.o \ + aes.o \ + camellia.o + + OBJS= \ +- $(OUTPRE)des3.$(OBJEXT) \ + $(OUTPRE)aes.$(OBJEXT) \ + $(OUTPRE)camellia.$(OBJEXT) \ + $(OUTPRE)rc4.$(OBJEXT) + + SRCS= \ +- $(srcdir)/des3.c \ + $(srcdir)/aes.c \ + $(srcdir)/camellia.c \ + $(srcdir)/rc4.c +diff --git a/src/lib/crypto/openssl/enc_provider/deps b/src/lib/crypto/openssl/enc_provider/deps +index 1c28cc842..91ba48234 100644 +--- a/src/lib/crypto/openssl/enc_provider/deps ++++ b/src/lib/crypto/openssl/enc_provider/deps +@@ -1,17 +1,6 @@ + # + # Generated makefile dependencies follow. + # +-des3.so des3.po $(OUTPRE)des3.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ +- $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ +- $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ +- $(srcdir)/../crypto_mod.h $(top_srcdir)/include/k5-buf.h \ +- $(top_srcdir)/include/k5-err.h $(top_srcdir)/include/k5-gmt_mktime.h \ +- $(top_srcdir)/include/k5-int-pkinit.h $(top_srcdir)/include/k5-int.h \ +- $(top_srcdir)/include/k5-platform.h $(top_srcdir)/include/k5-plugin.h \ +- $(top_srcdir)/include/k5-thread.h $(top_srcdir)/include/k5-trace.h \ +- $(top_srcdir)/include/krb5.h $(top_srcdir)/include/krb5/authdata_plugin.h \ +- $(top_srcdir)/include/krb5/plugin.h $(top_srcdir)/include/port-sockets.h \ +- $(top_srcdir)/include/socket-utils.h des3.c + aes.so aes.po $(OUTPRE)aes.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ + $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ + $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(srcdir)/../../krb/crypto_int.h \ +diff --git a/src/lib/crypto/openssl/enc_provider/des3.c b/src/lib/crypto/openssl/enc_provider/des3.c +deleted file mode 100644 +index 1c439c2cd..000000000 +--- a/src/lib/crypto/openssl/enc_provider/des3.c ++++ /dev/null +@@ -1,184 +0,0 @@ +-/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */ +-/* lib/crypto/openssl/enc_provider/des3.c */ +-/* +- * Copyright (C) 2009 by the Massachusetts Institute of Technology. +- * All rights reserved. +- * +- * Export of this software from the United States of America may +- * require a specific license from the United States Government. +- * It is the responsibility of any person or organization contemplating +- * export to obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of M.I.T. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. Furthermore if you modify this software you must label +- * your software as modified software and not distribute it in such a +- * fashion that it might be confused with the original M.I.T. software. +- * M.I.T. makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- */ +-/* +- * Copyright (C) 1998 by the FundsXpress, INC. +- * +- * All rights reserved. +- * +- * Export of this software from the United States of America may require +- * a specific license from the United States Government. It is the +- * responsibility of any person or organization contemplating export to +- * obtain such a license before exporting. +- * +- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +- * distribute this software and its documentation for any purpose and +- * without fee is hereby granted, provided that the above copyright +- * notice appear in all copies and that both that copyright notice and +- * this permission notice appear in supporting documentation, and that +- * the name of FundsXpress. not be used in advertising or publicity pertaining +- * to distribution of the software without specific, written prior +- * permission. FundsXpress makes no representations about the suitability of +- * this software for any purpose. It is provided "as is" without express +- * or implied warranty. +- * +- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR +- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED +- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. +- */ +- +-#include "crypto_int.h" +-#include +- +- +-#define DES3_BLOCK_SIZE 8 +-#define DES3_KEY_SIZE 24 +-#define DES3_KEY_BYTES 21 +- +-static krb5_error_code +-validate(krb5_key key, const krb5_data *ivec, const krb5_crypto_iov *data, +- size_t num_data, krb5_boolean *empty) +-{ +- size_t input_length = iov_total_length(data, num_data, FALSE); +- +- if (key->keyblock.length != DES3_KEY_SIZE) +- return(KRB5_BAD_KEYSIZE); +- if ((input_length%DES3_BLOCK_SIZE) != 0) +- return(KRB5_BAD_MSIZE); +- if (ivec && (ivec->length != 8)) +- return(KRB5_BAD_MSIZE); +- +- *empty = (input_length == 0); +- return 0; +-} +- +-static krb5_error_code +-k5_des3_encrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, +- size_t num_data) +-{ +- int ret, olen = DES3_BLOCK_SIZE; +- unsigned char iblock[DES3_BLOCK_SIZE], oblock[DES3_BLOCK_SIZE]; +- struct iov_cursor cursor; +- EVP_CIPHER_CTX *ctx; +- krb5_boolean empty; +- +- ret = validate(key, ivec, data, num_data, &empty); +- if (ret != 0 || empty) +- return ret; +- +- ctx = EVP_CIPHER_CTX_new(); +- if (ctx == NULL) +- return ENOMEM; +- +- ret = EVP_EncryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, +- key->keyblock.contents, +- (ivec) ? (unsigned char*)ivec->data : NULL); +- if (!ret) { +- EVP_CIPHER_CTX_free(ctx); +- return KRB5_CRYPTO_INTERNAL; +- } +- +- EVP_CIPHER_CTX_set_padding(ctx,0); +- +- k5_iov_cursor_init(&cursor, data, num_data, DES3_BLOCK_SIZE, FALSE); +- while (k5_iov_cursor_get(&cursor, iblock)) { +- ret = EVP_EncryptUpdate(ctx, oblock, &olen, iblock, DES3_BLOCK_SIZE); +- if (!ret) +- break; +- k5_iov_cursor_put(&cursor, oblock); +- } +- +- if (ivec != NULL) +- memcpy(ivec->data, oblock, DES3_BLOCK_SIZE); +- +- EVP_CIPHER_CTX_free(ctx); +- +- zap(iblock, sizeof(iblock)); +- zap(oblock, sizeof(oblock)); +- +- if (ret != 1) +- return KRB5_CRYPTO_INTERNAL; +- return 0; +-} +- +-static krb5_error_code +-k5_des3_decrypt(krb5_key key, const krb5_data *ivec, krb5_crypto_iov *data, +- size_t num_data) +-{ +- int ret, olen = DES3_BLOCK_SIZE; +- unsigned char iblock[DES3_BLOCK_SIZE], oblock[DES3_BLOCK_SIZE]; +- struct iov_cursor cursor; +- EVP_CIPHER_CTX *ctx; +- krb5_boolean empty; +- +- ret = validate(key, ivec, data, num_data, &empty); +- if (ret != 0 || empty) +- return ret; +- +- ctx = EVP_CIPHER_CTX_new(); +- if (ctx == NULL) +- return ENOMEM; +- +- ret = EVP_DecryptInit_ex(ctx, EVP_des_ede3_cbc(), NULL, +- key->keyblock.contents, +- (ivec) ? (unsigned char*)ivec->data : NULL); +- if (!ret) { +- EVP_CIPHER_CTX_free(ctx); +- return KRB5_CRYPTO_INTERNAL; +- } +- +- EVP_CIPHER_CTX_set_padding(ctx,0); +- +- k5_iov_cursor_init(&cursor, data, num_data, DES3_BLOCK_SIZE, FALSE); +- while (k5_iov_cursor_get(&cursor, iblock)) { +- ret = EVP_DecryptUpdate(ctx, oblock, &olen, +- (unsigned char *)iblock, DES3_BLOCK_SIZE); +- if (!ret) +- break; +- k5_iov_cursor_put(&cursor, oblock); +- } +- +- if (ivec != NULL) +- memcpy(ivec->data, iblock, DES3_BLOCK_SIZE); +- +- EVP_CIPHER_CTX_free(ctx); +- +- zap(iblock, sizeof(iblock)); +- zap(oblock, sizeof(oblock)); +- +- if (ret != 1) +- return KRB5_CRYPTO_INTERNAL; +- return 0; +-} +- +-const struct krb5_enc_provider krb5int_enc_des3 = { +- DES3_BLOCK_SIZE, +- DES3_KEY_BYTES, DES3_KEY_SIZE, +- k5_des3_encrypt, +- k5_des3_decrypt, +- NULL, +- krb5int_des_init_state, +- krb5int_default_free_state +-}; +diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c +index 75f071c3e..fcf2c2152 100644 +--- a/src/lib/gssapi/krb5/accept_sec_context.c ++++ b/src/lib/gssapi/krb5/accept_sec_context.c +@@ -1039,7 +1039,6 @@ kg_accept_krb5(minor_status, context_handle, + } + + switch (negotiated_etype) { +- case ENCTYPE_DES3_CBC_SHA1: + case ENCTYPE_ARCFOUR_HMAC: + case ENCTYPE_ARCFOUR_HMAC_EXP: + /* RFC 4121 accidentally omits RC4-HMAC-EXP as a "not-newer" +diff --git a/src/lib/gssapi/krb5/gssapiP_krb5.h b/src/lib/gssapi/krb5/gssapiP_krb5.h +index a7e0e63ec..3bacdcd35 100644 +--- a/src/lib/gssapi/krb5/gssapiP_krb5.h ++++ b/src/lib/gssapi/krb5/gssapiP_krb5.h +@@ -125,14 +125,14 @@ enum sgn_alg { + /* SGN_ALG_DES_MAC = 0x0002, */ + /* SGN_ALG_3 = 0x0003, /\* not published *\/ */ + SGN_ALG_HMAC_MD5 = 0x0011, /* microsoft w2k; */ +- SGN_ALG_HMAC_SHA1_DES3_KD = 0x0004 ++ /* SGN_ALG_HMAC_SHA1_DES3_KD = 0x0004 */ + }; + enum seal_alg { + SEAL_ALG_NONE = 0xffff, + /* SEAL_ALG_DES = 0x0000, */ + /* SEAL_ALG_1 = 0x0001, /\* not published *\/ */ + SEAL_ALG_MICROSOFT_RC4 = 0x0010, /* microsoft w2k; */ +- SEAL_ALG_DES3KD = 0x0002 ++ /* SEAL_ALG_DES3KD = 0x0002 */ + }; + + /* for 3DES */ +@@ -153,7 +153,7 @@ enum qop { + GSS_KRB5_INTEG_C_QOP_HMAC_SHA1 = 0x0004, + GSS_KRB5_INTEG_C_QOP_MASK = 0x00ff, + /* GSS_KRB5_CONF_C_QOP_DES = 0x0100, */ +- GSS_KRB5_CONF_C_QOP_DES3_KD = 0x0200, ++ /* GSS_KRB5_CONF_C_QOP_DES3_KD = 0x0200, */ + GSS_KRB5_CONF_C_QOP_MASK = 0xff00 + }; + +diff --git a/src/lib/gssapi/krb5/k5seal.c b/src/lib/gssapi/krb5/k5seal.c +index d1cdce486..7f7146a0a 100644 +--- a/src/lib/gssapi/krb5/k5seal.c ++++ b/src/lib/gssapi/krb5/k5seal.c +@@ -136,19 +136,12 @@ make_seal_token_v1 (krb5_context context, + + /* pad the plaintext, encrypt if needed, and stick it in the token */ + +- /* initialize the the checksum */ +- switch (signalg) { +- case SGN_ALG_HMAC_SHA1_DES3_KD: +- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3; +- break; +- case SGN_ALG_HMAC_MD5: +- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; +- if (toktype != KG_TOK_SEAL_MSG) +- sign_usage = 15; +- break; +- default: +- abort (); +- } ++ if (signalg != SGN_ALG_HMAC_MD5) ++ abort(); ++ ++ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; ++ if (toktype != KG_TOK_SEAL_MSG) ++ sign_usage = 15; + + code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen); + if (code) { +@@ -196,20 +189,8 @@ make_seal_token_v1 (krb5_context context, + gssalloc_free(t); + return(code); + } +- switch(signalg) { +- case SGN_ALG_HMAC_SHA1_DES3_KD: +- /* +- * Using key derivation, the call to krb5_c_make_checksum +- * already dealt with encrypting. +- */ +- if (md5cksum.length != cksum_size) +- abort (); +- memcpy (ptr+14, md5cksum.contents, md5cksum.length); +- break; +- case SGN_ALG_HMAC_MD5: +- memcpy (ptr+14, md5cksum.contents, cksum_size); +- break; +- } ++ ++ memcpy (ptr+14, md5cksum.contents, cksum_size); + + krb5_free_checksum_contents(context, &md5cksum); + +diff --git a/src/lib/gssapi/krb5/k5sealiov.c b/src/lib/gssapi/krb5/k5sealiov.c +index 9bb2ee109..9147bb2c7 100644 +--- a/src/lib/gssapi/krb5/k5sealiov.c ++++ b/src/lib/gssapi/krb5/k5sealiov.c +@@ -144,18 +144,11 @@ make_seal_token_v1_iov(krb5_context context, + /* pad the plaintext, encrypt if needed, and stick it in the token */ + + /* initialize the checksum */ +- switch (ctx->signalg) { +- case SGN_ALG_HMAC_SHA1_DES3_KD: +- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3; +- break; +- case SGN_ALG_HMAC_MD5: +- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; +- if (toktype != KG_TOK_WRAP_MSG) +- sign_usage = 15; +- break; +- default: +- abort (); +- } ++ if (ctx->signalg != SGN_ALG_HMAC_MD5) ++ abort(); ++ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; ++ if (toktype != KG_TOK_WRAP_MSG) ++ sign_usage = 15; + + code = krb5_c_checksum_length(context, md5cksum.checksum_type, &k5_trailerlen); + if (code != 0) +@@ -177,15 +170,7 @@ make_seal_token_v1_iov(krb5_context context, + if (code != 0) + goto cleanup; + +- switch (ctx->signalg) { +- case SGN_ALG_HMAC_SHA1_DES3_KD: +- assert(md5cksum.length == ctx->cksum_size); +- memcpy(ptr + 14, md5cksum.contents, md5cksum.length); +- break; +- case SGN_ALG_HMAC_MD5: +- memcpy(ptr + 14, md5cksum.contents, ctx->cksum_size); +- break; +- } ++ memcpy(ptr + 14, md5cksum.contents, ctx->cksum_size); + + /* create the seq_num */ + code = kg_make_seq_num(context, ctx->seq, ctx->initiate ? 0 : 0xFF, +diff --git a/src/lib/gssapi/krb5/k5unseal.c b/src/lib/gssapi/krb5/k5unseal.c +index 9b183bc33..f0cc4a680 100644 +--- a/src/lib/gssapi/krb5/k5unseal.c ++++ b/src/lib/gssapi/krb5/k5unseal.c +@@ -131,28 +131,21 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer, + but few enough that we can try them all. */ + + if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) || +- (ctx->sealalg == SEAL_ALG_DES3KD && +- signalg != SGN_ALG_HMAC_SHA1_DES3_KD)|| + (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 && + signalg != SGN_ALG_HMAC_MD5)) { + *minor_status = 0; + return GSS_S_DEFECTIVE_TOKEN; + } + +- switch (signalg) { +- case SGN_ALG_HMAC_MD5: +- cksum_len = 8; +- if (toktype != KG_TOK_SEAL_MSG) +- sign_usage = 15; +- break; +- case SGN_ALG_HMAC_SHA1_DES3_KD: +- cksum_len = 20; +- break; +- default: ++ if (signalg != SGN_ALG_HMAC_MD5) { + *minor_status = 0; + return GSS_S_DEFECTIVE_TOKEN; + } + ++ cksum_len = 8; ++ if (toktype != KG_TOK_SEAL_MSG) ++ sign_usage = 15; ++ + if ((size_t)bodysize < 14 + cksum_len) { + *minor_status = 0; + return GSS_S_DEFECTIVE_TOKEN; +@@ -252,64 +245,53 @@ kg_unseal_v1(context, minor_status, ctx, ptr, bodysize, message_buffer, + /* compute the checksum of the message */ + + /* initialize the the cksum */ +- switch (signalg) { +- case SGN_ALG_HMAC_MD5: +- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; +- break; +- case SGN_ALG_HMAC_SHA1_DES3_KD: +- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3; +- break; +- default: +- abort (); +- } ++ if (signalg != SGN_ALG_HMAC_MD5) ++ abort(); ++ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; + + code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen); + if (code) + return(code); + md5cksum.length = sumlen; + +- switch (signalg) { +- default: ++ if (signalg != SGN_ALG_HMAC_MD5) { + *minor_status = 0; + return(GSS_S_DEFECTIVE_TOKEN); +- +- case SGN_ALG_HMAC_SHA1_DES3_KD: +- case SGN_ALG_HMAC_MD5: +- /* compute the checksum of the message */ +- +- /* 8 = bytes of token body to be checksummed according to spec */ +- +- if (! (data_ptr = xmalloc(8 + plainlen))) { +- if (sealalg != 0xffff) +- xfree(plain); +- if (toktype == KG_TOK_SEAL_MSG) +- gssalloc_free(token.value); +- *minor_status = ENOMEM; +- return(GSS_S_FAILURE); +- } +- +- (void) memcpy(data_ptr, ptr-2, 8); +- +- (void) memcpy(data_ptr+8, plain, plainlen); +- +- plaind.length = 8 + plainlen; +- plaind.data = data_ptr; +- code = krb5_k_make_checksum(context, md5cksum.checksum_type, +- ctx->seq, sign_usage, +- &plaind, &md5cksum); +- xfree(data_ptr); +- +- if (code) { +- if (toktype == KG_TOK_SEAL_MSG) +- gssalloc_free(token.value); +- *minor_status = code; +- return(GSS_S_FAILURE); +- } +- +- code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len); +- break; + } + ++ /* compute the checksum of the message */ ++ ++ /* 8 = bytes of token body to be checksummed according to spec */ ++ ++ if (! (data_ptr = xmalloc(8 + plainlen))) { ++ if (sealalg != 0xffff) ++ xfree(plain); ++ if (toktype == KG_TOK_SEAL_MSG) ++ gssalloc_free(token.value); ++ *minor_status = ENOMEM; ++ return(GSS_S_FAILURE); ++ } ++ ++ (void) memcpy(data_ptr, ptr-2, 8); ++ ++ (void) memcpy(data_ptr+8, plain, plainlen); ++ ++ plaind.length = 8 + plainlen; ++ plaind.data = data_ptr; ++ code = krb5_k_make_checksum(context, md5cksum.checksum_type, ++ ctx->seq, sign_usage, ++ &plaind, &md5cksum); ++ xfree(data_ptr); ++ ++ if (code) { ++ if (toktype == KG_TOK_SEAL_MSG) ++ gssalloc_free(token.value); ++ *minor_status = code; ++ return(GSS_S_FAILURE); ++ } ++ ++ code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len); ++ + krb5_free_checksum_contents(context, &md5cksum); + if (sealalg != 0xffff) + xfree(plain); +diff --git a/src/lib/gssapi/krb5/k5unsealiov.c b/src/lib/gssapi/krb5/k5unsealiov.c +index 85a9574f3..3ce2a90ce 100644 +--- a/src/lib/gssapi/krb5/k5unsealiov.c ++++ b/src/lib/gssapi/krb5/k5unsealiov.c +@@ -102,28 +102,21 @@ kg_unseal_v1_iov(krb5_context context, + } + + if ((ctx->sealalg == SEAL_ALG_NONE && signalg > 1) || +- (ctx->sealalg == SEAL_ALG_DES3KD && +- signalg != SGN_ALG_HMAC_SHA1_DES3_KD)|| + (ctx->sealalg == SEAL_ALG_MICROSOFT_RC4 && + signalg != SGN_ALG_HMAC_MD5)) { + *minor_status = 0; + return GSS_S_DEFECTIVE_TOKEN; + } + +- switch (signalg) { +- case SGN_ALG_HMAC_MD5: +- cksum_len = 8; +- if (toktype != KG_TOK_WRAP_MSG) +- sign_usage = 15; +- break; +- case SGN_ALG_HMAC_SHA1_DES3_KD: +- cksum_len = 20; +- break; +- default: ++ if (signalg != SGN_ALG_HMAC_MD5) { + *minor_status = 0; + return GSS_S_DEFECTIVE_TOKEN; + } + ++ cksum_len = 8; ++ if (toktype != KG_TOK_WRAP_MSG) ++ sign_usage = 15; ++ + /* get the token parameters */ + code = kg_get_seq_num(context, ctx->seq, ptr + 14, ptr + 6, &direction, + &seqnum); +@@ -181,16 +174,10 @@ kg_unseal_v1_iov(krb5_context context, + + /* initialize the checksum */ + +- switch (signalg) { +- case SGN_ALG_HMAC_MD5: +- md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; +- break; +- case SGN_ALG_HMAC_SHA1_DES3_KD: +- md5cksum.checksum_type = CKSUMTYPE_HMAC_SHA1_DES3; +- break; +- default: ++ if (signalg != SGN_ALG_HMAC_MD5) + abort(); +- } ++ ++ md5cksum.checksum_type = CKSUMTYPE_HMAC_MD5_ARCFOUR; + + code = krb5_c_checksum_length(context, md5cksum.checksum_type, &sumlen); + if (code != 0) { +@@ -209,18 +196,13 @@ kg_unseal_v1_iov(krb5_context context, + goto cleanup; + } + +- switch (signalg) { +- case SGN_ALG_HMAC_SHA1_DES3_KD: +- case SGN_ALG_HMAC_MD5: +- code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len); +- break; +- default: ++ if (signalg != SGN_ALG_HMAC_MD5) { + code = 0; + retval = GSS_S_DEFECTIVE_TOKEN; + goto cleanup; +- break; + } + ++ code = k5_bcmp(md5cksum.contents, ptr + 14, cksum_len); + if (code != 0) { + code = 0; + retval = GSS_S_BAD_SIG; +diff --git a/src/lib/gssapi/krb5/util_crypt.c b/src/lib/gssapi/krb5/util_crypt.c +index 84f194988..32150f5e3 100644 +--- a/src/lib/gssapi/krb5/util_crypt.c ++++ b/src/lib/gssapi/krb5/util_crypt.c +@@ -97,17 +97,6 @@ kg_setup_keys(krb5_context context, krb5_gss_ctx_id_rec *ctx, krb5_key subkey, + return code; + + switch (subkey->keyblock.enctype) { +- case ENCTYPE_DES3_CBC_SHA1: +- code = kg_copy_keys(context, ctx, subkey); +- if (code != 0) +- return code; +- +- ctx->enc->keyblock.enctype = ENCTYPE_DES3_CBC_RAW; +- ctx->seq->keyblock.enctype = ENCTYPE_DES3_CBC_RAW; +- ctx->signalg = SGN_ALG_HMAC_SHA1_DES3_KD; +- ctx->cksum_size = 20; +- ctx->sealalg = SEAL_ALG_DES3KD; +- break; + case ENCTYPE_ARCFOUR_HMAC: + case ENCTYPE_ARCFOUR_HMAC_EXP: + /* RFC 4121 accidentally omits RC4-HMAC-EXP as a "not-newer" enctype, +diff --git a/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp +index 740425c69..6b45f5f72 100644 +--- a/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp ++++ b/src/lib/kadm5/unit-test/api.current/chpass-principal-v2.exp +@@ -53,10 +53,10 @@ proc test200 {} { + } + + # XXX Perhaps I should actually check the key type returned. +- if {$num_keys == 5} { ++ if {$num_keys == 4} { + pass "$test" + } else { +- fail "$test: $num_keys keys, should be 5" ++ fail "$test: $num_keys keys, should be 4" + } + if { ! [cmd {kadm5_destroy $server_handle}]} { + perror "$test: unexpected failure in destroy" +diff --git a/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp +index 3ea1ba29b..d2c6d1afa 100644 +--- a/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp ++++ b/src/lib/kadm5/unit-test/api.current/get-principal-v2.exp +@@ -143,8 +143,8 @@ proc test101_102 {rpc} { + } + + set failed 0 +- if {$num_keys != 5} { +- fail "$test: num_keys $num_keys should be 5" ++ if {$num_keys != 4} { ++ fail "$test: num_keys $num_keys should be 4" + set failed 1 + } + for {set i 0} {$i < $num_keys} {incr i} { +diff --git a/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp b/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp +index 2925c1c43..2f76c8b43 100644 +--- a/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp ++++ b/src/lib/kadm5/unit-test/api.current/randkey-principal-v2.exp +@@ -46,10 +46,10 @@ proc test100 {} { + } + + # XXX Perhaps I should actually check the key type returned. +- if {$num_keys == 5} { ++ if {$num_keys == 4} { + pass "$test" + } else { +- fail "$test: $num_keys keys, should be 5" ++ fail "$test: $num_keys keys, should be 4" + } + if { ! [cmd {kadm5_destroy $server_handle}]} { + perror "$test: unexpected failure in destroy" +diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c +index aa35baa3c..bfa99d9eb 100644 +--- a/src/lib/krb5/krb/init_ctx.c ++++ b/src/lib/krb5/krb/init_ctx.c +@@ -59,7 +59,6 @@ + static krb5_enctype default_enctype_list[] = { + ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, + ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128, +- ENCTYPE_DES3_CBC_SHA1, + ENCTYPE_ARCFOUR_HMAC, + ENCTYPE_CAMELLIA128_CTS_CMAC, ENCTYPE_CAMELLIA256_CTS_CMAC, + 0 +@@ -467,8 +466,6 @@ krb5int_parse_enctype_list(krb5_context context, const char *profkey, + /* Set all enctypes in the default list. */ + for (i = 0; default_list[i]; i++) + mod_list(default_list[i], sel, weak, &list); +- } else if (strcasecmp(token, "des3") == 0) { +- mod_list(ENCTYPE_DES3_CBC_SHA1, sel, weak, &list); + } else if (strcasecmp(token, "aes") == 0) { + mod_list(ENCTYPE_AES256_CTS_HMAC_SHA1_96, sel, weak, &list); + mod_list(ENCTYPE_AES128_CTS_HMAC_SHA1_96, sel, weak, &list); +diff --git a/src/lib/krb5/krb/s4u_creds.c b/src/lib/krb5/krb/s4u_creds.c +index 44d113e7c..966278578 100644 +--- a/src/lib/krb5/krb/s4u_creds.c ++++ b/src/lib/krb5/krb/s4u_creds.c +@@ -288,8 +288,6 @@ verify_s4u2self_reply(krb5_context context, + assert(req_s4u_user != NULL); + + switch (subkey->enctype) { +- case ENCTYPE_DES3_CBC_SHA1: +- case ENCTYPE_DES3_CBC_RAW: + case ENCTYPE_ARCFOUR_HMAC: + case ENCTYPE_ARCFOUR_HMAC_EXP : + not_newer = TRUE; +diff --git a/src/lib/krb5/krb/t_etypes.c b/src/lib/krb5/krb/t_etypes.c +index 90c9f626c..935aca12f 100644 +--- a/src/lib/krb5/krb/t_etypes.c ++++ b/src/lib/krb5/krb/t_etypes.c +@@ -50,17 +50,6 @@ static struct { + { ENCTYPE_AES256_CTS_HMAC_SHA1_96, 0 }, + 0, 0 + }, +- /* Family followed by enctype */ +- { "aes des3-cbc-sha1-kd", +- { 0 }, +- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, +- ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128, +- ENCTYPE_DES3_CBC_SHA1, 0 }, +- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, +- ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128, +- ENCTYPE_DES3_CBC_SHA1, 0 }, +- 0, 0 +- }, + /* Family with enctype removed */ + { "camellia -camellia256-cts-cmac", + { 0 }, +@@ -69,46 +58,15 @@ static struct { + }, + /* Default set with family added and enctype removed */ + { "DEFAULT +aes -arcfour-hmac-md5", +- { ENCTYPE_ARCFOUR_HMAC, ENCTYPE_DES3_CBC_SHA1, 0 }, +- { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96, ++ { ENCTYPE_ARCFOUR_HMAC, 0 }, ++ { ENCTYPE_AES256_CTS_HMAC_SHA1_96, + ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192, + ENCTYPE_AES128_CTS_HMAC_SHA256_128, 0 }, +- { ENCTYPE_DES3_CBC_SHA1, +- ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, ++ { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, + ENCTYPE_AES256_CTS_HMAC_SHA384_192, ENCTYPE_AES128_CTS_HMAC_SHA256_128, + 0 }, + 0, 0 + }, +- /* Default set with families removed and enctypes added (one redundant) */ +- { "DEFAULT -des3 rc4-hmac rc4-hmac-exp", +- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, +- ENCTYPE_DES3_CBC_SHA1, ENCTYPE_ARCFOUR_HMAC, 0 }, +- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, +- ENCTYPE_ARCFOUR_HMAC, 0 }, +- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, +- ENCTYPE_ARCFOUR_HMAC, ENCTYPE_ARCFOUR_HMAC_EXP, 0 }, +- 0, 0 +- }, +- /* Default set with family moved to front */ +- { "des3 +DEFAULT", +- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES128_CTS_HMAC_SHA1_96, +- ENCTYPE_DES3_CBC_SHA1, 0 }, +- { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96, +- ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0 }, +- { ENCTYPE_DES3_CBC_SHA1, ENCTYPE_AES256_CTS_HMAC_SHA1_96, +- ENCTYPE_AES128_CTS_HMAC_SHA1_96, 0 }, +- 0, 0 +- }, +- /* Two families with default set removed (exotic case), enctype added */ +- { "aes +rc4 -DEFaulT des3-hmac-sha1", +- { ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_DES3_CBC_SHA1, +- ENCTYPE_ARCFOUR_HMAC, 0 }, +- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192, +- ENCTYPE_AES128_CTS_HMAC_SHA256_128, ENCTYPE_DES3_CBC_SHA1, 0 }, +- { ENCTYPE_AES256_CTS_HMAC_SHA1_96, ENCTYPE_AES256_CTS_HMAC_SHA384_192, +- ENCTYPE_AES128_CTS_HMAC_SHA256_128, ENCTYPE_DES3_CBC_SHA1, 0 }, +- 0, 0 +- }, + /* Test krb5_set_default_in_tkt_ktypes */ + { NULL, + { ENCTYPE_AES256_CTS_HMAC_SHA1_96, 0 }, +diff --git a/src/lib/krb5/os/t_trace.c b/src/lib/krb5/os/t_trace.c +index 10ba8d0ac..24064ffcf 100644 +--- a/src/lib/krb5/os/t_trace.c ++++ b/src/lib/krb5/os/t_trace.c +@@ -65,8 +65,8 @@ main (int argc, char *argv[]) + krb5_principal princ = &principal_data; + krb5_pa_data padata, padata2, **padatap; + krb5_enctype enctypes[4] = { +- ENCTYPE_DES3_CBC_SHA, ENCTYPE_ARCFOUR_HMAC_EXP, ENCTYPE_UNKNOWN, +- ENCTYPE_NULL}; ++ ENCTYPE_AES128_CTS_HMAC_SHA1_96, ENCTYPE_ARCFOUR_HMAC_EXP, ++ ENCTYPE_UNKNOWN, ENCTYPE_NULL}; + krb5_ccache ccache; + krb5_keytab keytab; + krb5_creds creds; +diff --git a/src/lib/krb5/os/t_trace.ref b/src/lib/krb5/os/t_trace.ref +index 044a66999..98fb14f3f 100644 +--- a/src/lib/krb5/os/t_trace.ref ++++ b/src/lib/krb5/os/t_trace.ref +@@ -41,7 +41,7 @@ int, krb5_principal type: ? + krb5_pa_data **, display list of padata type numbers: PA-PW-SALT (3), 0 + krb5_pa_data **, display list of padata type numbers: (empty) + krb5_enctype, display shortest name of enctype: aes128-cts +-krb5_enctype *, display list of enctypes: 5, rc4-hmac-exp, 511 ++krb5_enctype *, display list of enctypes: aes128-cts, rc4-hmac-exp, 511 + krb5_enctype *, display list of enctypes: (empty) + krb5_ccache, display type:name: FILE:/path/to/ccache + krb5_keytab, display name: FILE:/etc/krb5.keytab +diff --git a/src/plugins/preauth/pkinit/pkcs11.h b/src/plugins/preauth/pkinit/pkcs11.h +index e3d284631..586661bb7 100644 +--- a/src/plugins/preauth/pkinit/pkcs11.h ++++ b/src/plugins/preauth/pkinit/pkcs11.h +@@ -339,9 +339,9 @@ typedef unsigned long ck_key_type_t; + #define CKK_GENERIC_SECRET (0x10) + #define CKK_RC2 (0x11) + #define CKK_RC4 (0x12) +-#define CKK_DES (0x13) +-#define CKK_DES2 (0x14) +-#define CKK_DES3 (0x15) ++/* #define CKK_DES (0x13) */ ++/* #define CKK_DES2 (0x14) */ ++/* #define CKK_DES3 (0x15) */ + #define CKK_CAST (0x16) + #define CKK_CAST3 (0x17) + #define CKK_CAST128 (0x18) +diff --git a/src/plugins/preauth/pkinit/pkinit_clnt.c b/src/plugins/preauth/pkinit/pkinit_clnt.c +index 2817cc213..a385da7c3 100644 +--- a/src/plugins/preauth/pkinit/pkinit_clnt.c ++++ b/src/plugins/preauth/pkinit/pkinit_clnt.c +@@ -212,14 +212,6 @@ pkinit_as_req_create(krb5_context context, + auth_pack.clientPublicValue = &info; + auth_pack.supportedKDFs = (krb5_data **)supported_kdf_alg_ids; + +- /* add List of CMS algorithms */ +- retval = create_krb5_supportedCMSTypes(context, plgctx->cryptoctx, +- reqctx->cryptoctx, +- reqctx->idctx, &cmstypes); +- auth_pack.supportedCMSTypes = cmstypes; +- if (retval) +- goto cleanup; +- + switch(protocol) { + case DH_PROTOCOL: + TRACE_PKINIT_CLIENT_REQ_DH(context); +diff --git a/src/plugins/preauth/pkinit/pkinit_crypto.h b/src/plugins/preauth/pkinit/pkinit_crypto.h +index 77d5c61fe..1f9868351 100644 +--- a/src/plugins/preauth/pkinit/pkinit_crypto.h ++++ b/src/plugins/preauth/pkinit/pkinit_crypto.h +@@ -380,18 +380,6 @@ krb5_error_code server_process_dh + unsigned int *server_key_len_out); /* OUT + receives length of DH secret key */ + +-/* +- * this functions takes in crypto specific representation of +- * supportedCMSTypes and creates a list of +- * krb5_algorithm_identifier +- */ +-krb5_error_code create_krb5_supportedCMSTypes +- (krb5_context context, /* IN */ +- pkinit_plg_crypto_context plg_cryptoctx, /* IN */ +- pkinit_req_crypto_context req_cryptoctx, /* IN */ +- pkinit_identity_crypto_context id_cryptoctx, /* IN */ +- krb5_algorithm_identifier ***supportedCMSTypes); /* OUT */ +- + /* + * this functions takes in crypto specific representation of + * trustedCertifiers and creates a list of +diff --git a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c +index e5940a513..e1153344e 100644 +--- a/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c ++++ b/src/plugins/preauth/pkinit/pkinit_crypto_openssl.c +@@ -5486,44 +5486,6 @@ cleanup: + return retval; + } + +-krb5_error_code +-create_krb5_supportedCMSTypes(krb5_context context, +- pkinit_plg_crypto_context plg_cryptoctx, +- pkinit_req_crypto_context req_cryptoctx, +- pkinit_identity_crypto_context id_cryptoctx, +- krb5_algorithm_identifier ***oids) +-{ +- +- krb5_error_code retval = ENOMEM; +- krb5_algorithm_identifier **loids = NULL; +- krb5_data des3oid = {0, 8, "\x2A\x86\x48\x86\xF7\x0D\x03\x07" }; +- +- *oids = NULL; +- loids = malloc(2 * sizeof(krb5_algorithm_identifier *)); +- if (loids == NULL) +- goto cleanup; +- loids[1] = NULL; +- loids[0] = malloc(sizeof(krb5_algorithm_identifier)); +- if (loids[0] == NULL) { +- free(loids); +- goto cleanup; +- } +- retval = pkinit_copy_krb5_data(&loids[0]->algorithm, &des3oid); +- if (retval) { +- free(loids[0]); +- free(loids); +- goto cleanup; +- } +- loids[0]->parameters.length = 0; +- loids[0]->parameters.data = NULL; +- +- *oids = loids; +- retval = 0; +-cleanup: +- +- return retval; +-} +- + krb5_error_code + create_krb5_trustedCertifiers(krb5_context context, + pkinit_plg_crypto_context plg_cryptoctx, +diff --git a/src/plugins/preauth/pkinit/pkinit_kdf_test.c b/src/plugins/preauth/pkinit/pkinit_kdf_test.c +index 7acbd0d28..cd998a29a 100644 +--- a/src/plugins/preauth/pkinit/pkinit_kdf_test.c ++++ b/src/plugins/preauth/pkinit/pkinit_kdf_test.c +@@ -49,7 +49,6 @@ char eighteen_bs[9]; + char party_u_name[] = "lha@SU.SE"; + char party_v_name[] = "krbtgt/SU.SE@SU.SE"; + int enctype_aes = ENCTYPE_AES256_CTS_HMAC_SHA1_96; +-int enctype_des3 = ENCTYPE_DES3_CBC_SHA1; + const krb5_data lha_data = DATA_FROM_STRING("lha"); + + krb5_octet key1_hex[] = +@@ -185,36 +184,6 @@ main(int argc, char **argv) + goto cleanup; + } + +- /* TEST 3: SHA-512/DES3 */ +- /* set up algorithm id */ +- alg_id.algorithm.data = (char *)krb5_pkinit_sha512_oid; +- alg_id.algorithm.length = krb5_pkinit_sha512_oid_len; +- +- enctype = enctype_des3; +- +- /* call pkinit_alg_agility_kdf() with test vector values*/ +- if (0 != (retval = pkinit_alg_agility_kdf(context, &secret, +- &alg_id.algorithm, +- u_principal, v_principal, +- enctype, &as_req, &pk_as_rep, +- &key_block))) { +- printf("ERROR in pkinit_kdf_test: kdf call failed, retval = %d", +- retval); +- goto cleanup; +- } +- +- /* compare key to expected key value */ +- +- if ((key_block.length == sizeof(key3_hex)) && +- (0 == memcmp(key_block.contents, key3_hex, key_block.length))) { +- printf("SUCCESS: TEST 3 (SHA-512/DES3), Correct key value generated.\n"); +- retval = 0; +- } else { +- printf("FAILURE: TEST 2 (SHA-512/DES3), Incorrect key value generated!\n"); +- retval = 1; +- goto cleanup; +- } +- + cleanup: + /* release all allocated resources, whether good or bad return */ + free(secret.data); +diff --git a/src/plugins/preauth/spake/t_vectors.c b/src/plugins/preauth/spake/t_vectors.c +index 2279202d3..96b0307d7 100644 +--- a/src/plugins/preauth/spake/t_vectors.c ++++ b/src/plugins/preauth/spake/t_vectors.c +@@ -56,31 +56,6 @@ struct test { + const char *K2; + const char *K3; + } tests[] = { +- { ENCTYPE_DES3_CBC_SHA1, SPAKE_GROUP_EDWARDS25519, +- /* initial key, w, x, y, T, S, K */ +- "850BB51358548CD05E86768C313E3BFEF7511937DCF72C3E", +- "686D84730CB8679AE95416C6567C6A63F2C9CEF124F7A3371AE81E11CAD42A37", +- "201012D07BFD48DDFA33C4AAC4FB1E229FB0D043CFE65EBFB14399091C71A723", +- "500B294797B8B042ACA1BEDC0F5931A4F52C537B3608B2D05CC8A2372F439F25", +- "18F511E750C97B592ACD30DB7D9E5FCA660389102E6BF610C1BFBED4616C8362", +- "5D10705E0D1E43D5DBF30240CCFBDE4A0230C70D4C79147AB0B317EDAD2F8AE7", +- "25BDE0D875F0FEB5755F45BA5E857889D916ECF7476F116AA31DC3E037EC4292", +- /* support, challenge, thash, body */ +- "A0093007A0053003020101", +- "A1363034A003020101A122042018F511E750C97B592ACD30DB7D9E5FCA660389" +- "102E6BF610C1BFBED4616C8362A20930073005A003020101", +- "EAAA08807D0616026FF51C849EFBF35BA0CE3C5300E7D486DA46351B13D4605B", +- "3075A00703050000000000A1143012A003020101A10B30091B07726165627572" +- "6EA2101B0E415448454E412E4D49542E454455A3233021A003020102A11A3018" +- "1B066B72627467741B0E415448454E412E4D49542E454455A511180F31393730" +- "303130313030303030305AA703020100A8053003020110", +- /* K'[0], K'[1], K'[2], K'[3] */ +- "BAF12FAE7CD958CBF1A29BFBC71F89CE49E03E295D89DAFD", +- "64F73DD9C41908206BCEC1F719026B574F9D13463D7A2520", +- "0454520B086B152C455829E6BAEFF78A61DFE9E3D04A895D", +- "4A92260B25E3EF94C125D5C24C3E5BCED5B37976E67F25C4", +- }, +- + { ENCTYPE_ARCFOUR_HMAC, SPAKE_GROUP_EDWARDS25519, + /* initial key, w, x, y, T, S, K */ + "8846F7EAEE8FB117AD06BDD830B7586C", +diff --git a/src/tests/dejagnu/config/default.exp b/src/tests/dejagnu/config/default.exp +index 85bbf478a..302dee74c 100644 +--- a/src/tests/dejagnu/config/default.exp ++++ b/src/tests/dejagnu/config/default.exp +@@ -15,8 +15,6 @@ set timeout 100 + set stty_init {erase \^h kill \^u} + set env(TERM) dumb + +-set des3_krbtgt 0 +- + if { [string length $VALGRIND] } { + rename spawn valgrind_aux_spawn + proc spawn { args } { +@@ -105,17 +103,9 @@ if { $PRIOCNTL_HACK } { + # particularly with regards to encryption types. + + set passes { +- { +- des3 +- mode=udp +- des3_krbtgt=1 +- {supported_enctypes=des3-cbc-sha1:normal} +- {dummy=[verbose -log "DES3 TGT, DES3 enctype"]} +- } + { + aes-only + mode=udp +- des3_krbtgt=0 + {supported_enctypes=aes256-cts-hmac-sha1-96:normal} + {permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96} + {permitted_enctypes(client)=aes256-cts-hmac-sha1-96} +@@ -130,7 +120,6 @@ set passes { + { + aes-sha2-only + mode=udp +- des3_krbtgt=0 + {supported_enctypes=aes256-sha2:normal} + {permitted_enctypes(kdc)=aes256-sha2} + {permitted_enctypes(replica)=aes256-sha2} +@@ -146,7 +135,6 @@ set passes { + { + camellia-only + mode=udp +- des3_krbtgt=0 + {supported_enctypes=camellia256-cts:normal} + {permitted_enctypes(kdc)=camellia256-cts} + {permitted_enctypes(replica)=camellia256-cts} +@@ -159,32 +147,9 @@ set passes { + {master_key_type=camellia256-cts} + {dummy=[verbose -log "Camellia-256 enctype"]} + } +- { +- aes-des3 +- mode=udp +- des3_krbtgt=0 +- {supported_enctypes=aes256-cts-hmac-sha1-96:normal des3-cbc-sha1:normal} +- {permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96 des3-cbc-sha1} +- {permitted_enctypes(client)=aes256-cts-hmac-sha1-96 des3-cbc-sha1} +- {permitted_enctypes(server)=aes256-cts-hmac-sha1-96 des3-cbc-sha1} +- {master_key_type=aes256-cts-hmac-sha1-96} +- {dummy=[verbose -log "AES + DES3 + DES enctypes"]} +- } +- { +- aes-des3tgt +- mode=udp +- des3_krbtgt=1 +- {supported_enctypes=aes256-cts-hmac-sha1-96:normal des3-cbc-sha1:normal} +- {permitted_enctypes(kdc)=aes256-cts-hmac-sha1-96 des3-cbc-sha1} +- {permitted_enctypes(client)=aes256-cts-hmac-sha1-96 des3-cbc-sha1} +- {permitted_enctypes(server)=aes256-cts-hmac-sha1-96 des3-cbc-sha1} +- {master_key_type=aes256-cts-hmac-sha1-96} +- {dummy=[verbose -log "AES enctypes, DES3 TGT"]} +- } + { + all-enctypes + mode=udp +- des3_krbtgt=0 + {allow_weak_crypto(kdc)=false} + {allow_weak_crypto(replica)=false} + {allow_weak_crypto(client)=false} +@@ -946,7 +911,6 @@ proc setup_kerberos_db { standalone } { + global REALMNAME KDB5_UTIL KADMIN_LOCAL KEY + global tmppwd hostname + global spawn_id +- global des3_krbtgt + global multipass_name last_passname_db + + set failall 0 +@@ -1143,48 +1107,6 @@ proc setup_kerberos_db { standalone } { + } + } + +- if $des3_krbtgt { +- # Set the TGT key to DES3. +- set test "kadmin.local TGT to DES3" +- set body { +- if $failall { +- break +- } +- spawn $KADMIN_LOCAL -r $REALMNAME -e des3-cbc-sha1:normal +- verbose "starting $test" +- expect_after $def_exp_after +- +- expect "kadmin.local: " +- send "cpw -randkey krbtgt/$REALMNAME@$REALMNAME\r" +- # It echos... +- expect "cpw -randkey krbtgt/$REALMNAME@$REALMNAME\r" +- expect { +- "Key for \"krbtgt/$REALMNAME@$REALMNAME\" randomized." { } +- } +- expect "kadmin.local: " +- send "quit\r" +- expect eof +- catch expect_after +- if ![check_exit_status kadmin_local] { +- break +- } +- } +- set ret [catch $body] +- catch "expect eof" +- catch expect_after +- if $ret { +- set failall 1 +- if $standalone { +- fail $test +- } else { +- delete_db +- } +- } else { +- if $standalone { +- pass $test +- } +- } +- } + envstack_pop + + # create the admin database lock file +diff --git a/src/tests/dejagnu/krb-standalone/kprop.exp b/src/tests/dejagnu/krb-standalone/kprop.exp +index 661e3fd9a..2b8f60045 100644 +--- a/src/tests/dejagnu/krb-standalone/kprop.exp ++++ b/src/tests/dejagnu/krb-standalone/kprop.exp +@@ -54,7 +54,7 @@ proc doit { } { + global REALMNAME KEY + global KADMIN_LOCAL KTUTIL KDB5_UTIL KPROPLOG KPROP kpropd_spawn_id + global hostname tmppwd spawn_id timeout +- global KRBIV supported_enctypes portbase mode ulog des3_krbtgt ++ global KRBIV supported_enctypes portbase mode ulog + + # Delete any db, ulog files + delete_db +diff --git a/src/tests/gssapi/t_enctypes.py b/src/tests/gssapi/t_enctypes.py +index 7494d7fcd..2f95d8996 100755 +--- a/src/tests/gssapi/t_enctypes.py ++++ b/src/tests/gssapi/t_enctypes.py +@@ -1,24 +1,17 @@ + from k5test import * + +-# Define some convenience abbreviations for enctypes we will see in +-# test program output. For background, aes256 and aes128 are "CFX +-# enctypes", meaning that they imply support for RFC 4121, while des3 +-# and rc4 are not. DES3 keys will appear as 'des3-cbc-raw' in +-# t_enctypes output because that's how GSSAPI does raw triple-DES +-# encryption without the RFC3961 framing. ++# Define some convenience abbreviations for enctypes we will see in test ++# program output. For background, aes256 and aes128 are "CFX enctypes", ++# meaning that they imply support for RFC 4121, while rc4 does not. + aes256 = 'aes256-cts-hmac-sha1-96' + aes128 = 'aes128-cts-hmac-sha1-96' +-des3 = 'des3-cbc-sha1' +-d_des3 = 'DEPRECATED:des3-cbc-sha1' +-des3raw = 'des3-cbc-raw' +-d_des3raw = 'DEPRECATED:des3-cbc-raw' + rc4 = 'arcfour-hmac' + d_rc4 = 'DEPRECATED:arcfour-hmac' + + # These tests make assumptions about the default enctype lists, so set + # them explicitly rather than relying on the library defaults. +-supp='aes256-cts:normal aes128-cts:normal des3-cbc-sha1:normal rc4-hmac:normal' +-conf = {'libdefaults': {'permitted_enctypes': 'aes des3 rc4'}, ++supp='aes256-cts:normal aes128-cts:normal rc4-hmac:normal' ++conf = {'libdefaults': {'permitted_enctypes': 'aes rc4'}, + 'realms': {'$realm': {'supported_enctypes': supp}}} + realm = K5Realm(krb5_conf=conf) + shutil.copyfile(realm.ccache, os.path.join(realm.testdir, 'save')) +@@ -87,19 +80,12 @@ test('both aes128', 'aes128-cts', 'aes128-cts', + test_err('acc aes128', None, 'aes128-cts', + 'Encryption type aes256-cts-hmac-sha1-96 not permitted') + +-# If the initiator constrains the permitted session enctypes to des3, +-# no acceptor subkey will be generated because we can't upgrade to a +-# CFX enctype. +-test('init des3', 'des3', None, +- tktenc=aes256, tktsession=d_des3, +- proto='rfc1964', isubkey=des3raw, asubkey=None) +- + # Force the ticket session key to be rc4, so we can test some subkey + # upgrade cases. The ticket encryption key remains aes256. + realm.run([kadminl, 'setstr', realm.host_princ, 'session_enctypes', 'rc4']) + + # With no arguments, the initiator should send an upgrade list of +-# [aes256 aes128 des3] and the acceptor should upgrade to an aes256 ++# [aes256 aes128] and the acceptor should upgrade to an aes256 + # subkey. + test('upgrade noargs', None, None, + tktenc=aes256, tktsession=d_rc4, +@@ -115,13 +101,6 @@ test('upgrade init aes128+rc4', 'aes128-cts rc4', None, + tktenc=aes256, tktsession=d_rc4, + proto='cfx', isubkey=rc4, asubkey=aes128) + +-# If the initiator permits rc4 but prefers des3, it will send an +-# upgrade list of [des3], but the acceptor won't generate a subkey +-# because des3 isn't a CFX enctype. +-test('upgrade init des3+rc4', 'des3 rc4', None, +- tktenc=aes256, tktsession=d_rc4, +- proto='rfc1964', isubkey=rc4, asubkey=None) +- + # If the acceptor permits only aes128, subkey negotiation will fail + # because the ticket session key and initiator subkey are + # non-permitted. (This is unfortunate if the acceptor's restriction +diff --git a/src/tests/gssapi/t_invalid.c b/src/tests/gssapi/t_invalid.c +index 9876a11e6..fb8fe5511 100644 +--- a/src/tests/gssapi/t_invalid.c ++++ b/src/tests/gssapi/t_invalid.c +@@ -84,18 +84,6 @@ struct test { + size_t toklen; + const char *token; + } tests[] = { +- { +- ENCTYPE_DES3_CBC_SHA1, ENCTYPE_DES3_CBC_RAW, +- SEAL_ALG_DES3KD, SGN_ALG_HMAC_SHA1_DES3_KD, 20, +- 24, +- "\x4F\xEA\x19\x19\x5E\x0E\x10\xDF\x3D\x29\xB5\x13\x8F\x01\xC7\xA7" +- "\x92\x3D\x38\xF7\x26\x73\x0D\x6D", +- 65, +- "\x60\x3F\x06\x09\x2A\x86\x48\x86\xF7\x12\x01\x02\x02\x02\x01\x04" +- "\x00\x02\x00\xFF\xFF\xEB\xF3\x9A\x89\x24\x57\xB8\x63\x95\x25\xE8" +- "\x6E\x8E\x79\xE6\x2E\xCA\xD3\xFF\x57\x9F\x8C\xAB\xEF\xDD\x28\x10" +- "\x2F\x93\x21\x2E\xF2\x52\xB6\x6F\xA8\xBB\x8A\x6D\xAA\x6F\xB7\xF4\xD4" +- }, + { + ENCTYPE_ARCFOUR_HMAC, ENCTYPE_ARCFOUR_HMAC, + SEAL_ALG_MICROSOFT_RC4, SGN_ALG_HMAC_MD5, 8, +diff --git a/src/tests/gssapi/t_pcontok.c b/src/tests/gssapi/t_pcontok.c +index 7368f752f..bf22bd3da 100644 +--- a/src/tests/gssapi/t_pcontok.c ++++ b/src/tests/gssapi/t_pcontok.c +@@ -43,7 +43,6 @@ + #include "k5-int.h" + #include "common.h" + +-#define SGN_ALG_HMAC_SHA1_DES3_KD 0x04 + #define SGN_ALG_HMAC_MD5 0x11 + + /* +@@ -77,17 +76,12 @@ make_delete_token(gss_krb5_lucid_context_v1_t *lctx, gss_buffer_desc *out) + ret = krb5_k_create_key(context, &seqkb, &seq); + check_k5err(context, "krb5_k_create_key", ret); + +- if (signalg == SGN_ALG_HMAC_SHA1_DES3_KD) { +- cktype = CKSUMTYPE_HMAC_SHA1_DES3; +- cksize = 20; +- ckusage = 23; +- } else if (signalg == SGN_ALG_HMAC_MD5) { +- cktype = CKSUMTYPE_HMAC_MD5_ARCFOUR; +- cksize = 8; +- ckusage = 15; +- } else { ++ if (signalg != SGN_ALG_HMAC_MD5) + abort(); +- } ++ ++ cktype = CKSUMTYPE_HMAC_MD5_ARCFOUR; ++ cksize = 8; ++ ckusage = 15; + + tlen = 20 + mech_krb5.length + cksize; + token = malloc(tlen); +diff --git a/src/tests/gssapi/t_prf.c b/src/tests/gssapi/t_prf.c +index f71774cdc..d1857c433 100644 +--- a/src/tests/gssapi/t_prf.c ++++ b/src/tests/gssapi/t_prf.c +@@ -41,13 +41,6 @@ static struct { + const char *key2; + const char *out2; + } tests[] = { +- { ENCTYPE_DES3_CBC_SHA1, +- "70378A19CD64134580C27C0115D6B34A1CF2FEECEF9886A2", +- "9F8D127C520BB826BFF3E0FE5EF352389C17E0C073D9" +- "AC4A333D644D21BA3EF24F4A886D143F85AC9F6377FB", +- "3452A167DF1094BA1089E0A20E9E51ABEF1525922558B69E", +- "6BF24FABC858F8DD9752E4FCD331BB831F238B5BE190" +- "4EEA42E38F7A60C588F075C5C96A67E7F8B7BD0AECF4" }, + { ENCTYPE_ARCFOUR_HMAC, + "3BB3AE288C12B3B9D06B208A4151B3B6", + "9AEA11A3BCF3C53F1F91F5A0BA2132E2501ADF5F3C28" +diff --git a/src/tests/t_authdata.py b/src/tests/t_authdata.py +index 3fa957ad2..2e01f46bc 100644 +--- a/src/tests/t_authdata.py ++++ b/src/tests/t_authdata.py +@@ -174,7 +174,7 @@ realm.run([kvno, 'restricted']) + # preferred krbtgt enctype changes. + mark('#8139 regression test') + realm.kinit(realm.user_princ, password('user'), ['-f']) +-realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'des3-cbc-sha1', ++realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'aes256-sha2', + realm.krbtgt_princ]) + realm.run(['./forward']) + realm.run([kvno, realm.host_princ]) +diff --git a/src/tests/t_etype_info.py b/src/tests/t_etype_info.py +index c982508d8..96e90a69d 100644 +--- a/src/tests/t_etype_info.py ++++ b/src/tests/t_etype_info.py +@@ -1,6 +1,6 @@ + from k5test import * + +-supported_enctypes = 'aes128-cts des3-cbc-sha1 rc4-hmac' ++supported_enctypes = 'aes128-cts rc4-hmac' + conf = {'libdefaults': {'allow_weak_crypto': 'true'}, + 'realms': {'$realm': {'supported_enctypes': supported_enctypes}}} + realm = K5Realm(create_host=False, get_creds=False, krb5_conf=conf) +@@ -26,9 +26,9 @@ def test_etinfo(princ, enctypes, expected_lines): + # With no newer enctypes in the request, PA-ETYPE-INFO2, + # PA-ETYPE-INFO, and PA-PW-SALT appear in the AS-REP, each listing one + # key for the most preferred matching enctype. +-test_etinfo('user', 'rc4-hmac-exp des3 rc4', +- ['asrep etype_info2 des3-cbc-sha1 KRBTEST.COMuser', +- 'asrep etype_info des3-cbc-sha1 KRBTEST.COMuser', ++test_etinfo('user', 'rc4-hmac-exp rc4', ++ ['asrep etype_info2 rc4-hmac KRBTEST.COMuser', ++ 'asrep etype_info rc4-hmac KRBTEST.COMuser', + 'asrep pw_salt KRBTEST.COMuser']) + + # With a newer enctype in the request (even if it is not the most +@@ -39,9 +39,9 @@ test_etinfo('user', 'rc4 aes256-cts', + + # In preauth-required errors, PA-PW-SALT does not appear, but the same + # etype-info2 values are expected. +-test_etinfo('preauthuser', 'rc4-hmac-exp des3 rc4', +- ['error etype_info2 des3-cbc-sha1 KRBTEST.COMpreauthuser', +- 'error etype_info des3-cbc-sha1 KRBTEST.COMpreauthuser']) ++test_etinfo('preauthuser', 'rc4-hmac-exp rc4', ++ ['error etype_info2 rc4-hmac KRBTEST.COMpreauthuser', ++ 'error etype_info rc4-hmac KRBTEST.COMpreauthuser']) + test_etinfo('preauthuser', 'rc4 aes256-cts', + ['error etype_info2 rc4-hmac KRBTEST.COMpreauthuser']) + +@@ -50,8 +50,8 @@ test_etinfo('preauthuser', 'rc4 aes256-cts', + # (to allow for preauth mechs which don't depend on long-term keys). + # An AS-REP cannot be generated without preauth as there is no reply + # key. +-test_etinfo('rc4user', 'des3', []) +-test_etinfo('nokeyuser', 'des3', []) ++test_etinfo('rc4user', 'aes128-cts', []) ++test_etinfo('nokeyuser', 'aes128-cts', []) + + # Verify that etype-info2 is included in a MORE_PREAUTH_DATA_REQUIRED + # error if the client does optimistic preauth. +diff --git a/src/tests/t_keyrollover.py b/src/tests/t_keyrollover.py +index 2c825a692..f29e0d550 100755 +--- a/src/tests/t_keyrollover.py ++++ b/src/tests/t_keyrollover.py +@@ -37,9 +37,9 @@ realm.run([klist, '-e'], expected_msg=msg) + + # Test that the KDC only accepts the first enctype for a kvno, for a + # local-realm TGS request. To set this up, we abuse an edge-case +-# behavior of modprinc -kvno. First, set up a DES3 krbtgt entry at ++# behavior of modprinc -kvno. First, set up an aes128-sha2 krbtgt entry at + # kvno 1 and cache a krbtgt ticket. +-realm.run([kadminl, 'cpw', '-randkey', '-e', 'des3-cbc-sha1', ++realm.run([kadminl, 'cpw', '-randkey', '-e', 'aes128-cts-hmac-sha256-128', + realm.krbtgt_princ]) + realm.run([kadminl, 'modprinc', '-kvno', '1', realm.krbtgt_princ]) + realm.kinit(realm.user_princ, password('user')) +@@ -50,9 +50,9 @@ realm.run([kadminl, 'cpw', '-randkey', '-keepold', '-e', 'aes256-cts', + realm.run([kadminl, 'modprinc', '-kvno', '1', realm.krbtgt_princ]) + out = realm.run([kadminl, 'getprinc', realm.krbtgt_princ]) + if 'vno 1, aes256-cts' not in out or \ +- 'vno 1, DEPRECATED:des3-cbc-sha1' not in out: ++ 'vno 1, aes128-cts-hmac-sha256-128' not in out: + fail('keyrollover: setup for TGS enctype test failed') +-# Now present the DES3 ticket to the KDC and make sure it's rejected. ++# Now present the aes128-sha2 ticket to the KDC and make sure it's rejected. + realm.run([kvno, realm.host_princ], expected_code=1) + + realm.stop() +diff --git a/src/tests/t_mkey.py b/src/tests/t_mkey.py +index 32f4070bc..da0ed1831 100755 +--- a/src/tests/t_mkey.py ++++ b/src/tests/t_mkey.py +@@ -7,7 +7,6 @@ import struct + # default enctype for master keys. + aes256 = 'aes256-cts-hmac-sha1-96' + aes128 = 'aes128-cts-hmac-sha1-96' +-des3 = 'des3-cbc-sha1' + defetype = aes256 + + realm = K5Realm(create_host=False, start_kadmind=True) +@@ -300,40 +299,6 @@ if 'Decrypt integrity check failed' in out or 'added to keytab' not in out: + + realm.stop() + +-# Load a dump file created with krb5 1.6, before the master key +-# rollover changes were introduced. Write out an old-format stash +-# file consistent with the dump's master password ("footes"). The K/M +-# entry in this database will not have actkvno tl-data because it was +-# created prior to master key rollover support. Verify that: +-# 1. We can access the database using the old-format stash file. +-# 2. list_mkeys displays the same list as for a post-1.7 KDB. +-mark('pre-1.7 stash file') +-dumpfile = os.path.join(srctop, 'tests', 'dumpfiles', 'dump.16') +-os.remove(stash_file) +-f = open(stash_file, 'wb') +-f.write(struct.pack('=HL24s', 16, 24, +- b'\xF8\x3E\xFB\xBA\x6D\x80\xD9\x54\xE5\x5D\xF2\xE0' +- b'\x94\xAD\x6D\x86\xB5\x16\x37\xEC\x7C\x8A\xBC\x86')) +-f.close() +-realm.run([kdb5_util, 'load', dumpfile]) +-nprincs = len(realm.run([kadminl, 'listprincs']).splitlines()) +-check_mkvno('K/M', 1) +-check_mkey_list((1, des3, True, True)) +- +-# Create a new master key and verify that, without actkvkno tl-data: +-# 1. list_mkeys displays the same as for a post-1.7 KDB. +-# 2. update_princ_encryption still targets mkvno 1. +-# 3. libkadm5 still uses mkvno 1 for key changes. +-# 4. use_mkey creates the same list as for a post-1.7 KDB. +-mark('rollover from pre-1.7 KDB') +-add_mkey([]) +-check_mkey_list((2, defetype, False, False), (1, des3, True, True)) +-update_princ_encryption(False, 1, 0, nprincs - 1) +-realm.run([kadminl, 'addprinc', '-randkey', realm.user_princ]) +-check_mkvno(realm.user_princ, 1) +-realm.run([kdb5_util, 'use_mkey', '2', 'now-1day']) +-check_mkey_list((2, defetype, True, True), (1, des3, True, False)) +- + # Regression test for #8395. Purge the master key and verify that a + # master key fetch does not segfault. + mark('#8395 regression test') +diff --git a/src/tests/t_salt.py b/src/tests/t_salt.py +index 65084bbf3..55ca89745 100755 +--- a/src/tests/t_salt.py ++++ b/src/tests/t_salt.py +@@ -16,13 +16,12 @@ def test_salt(realm, e1, salt, e2): + + # Enctype/salt pairs chosen with non-default salt types. + # The enctypes are mostly arbitrary. +-salts = [('des3-cbc-sha1', 'norealm'), ++salts = [('aes128-cts-hmac-sha1-96', 'norealm'), + ('arcfour-hmac', 'onlyrealm'), + ('aes128-cts-hmac-sha1-96', 'special')] + # These enctypes are chosen to cover the different string-to-key routines. + # Omit ":normal" from aes256 to check that salttype defaulting works. +-second_kstypes = ['aes256-cts-hmac-sha1-96', 'arcfour-hmac:normal', +- 'des3-cbc-sha1:normal'] ++second_kstypes = ['aes256-cts-hmac-sha1-96', 'arcfour-hmac:normal'] + + # Test using different salt types in a principal's key list. + # Parameters from one key in the list must not leak over to later ones. +diff --git a/src/util/k5test.py b/src/util/k5test.py +index 6afe4b92c..789b0f4b9 100644 +--- a/src/util/k5test.py ++++ b/src/util/k5test.py +@@ -1278,13 +1278,6 @@ _passes = [ + # No special settings; exercises AES256. + ('default', None, None, None), + +- # Exercise the DES3 enctype. +- ('des3', None, +- {'libdefaults': {'permitted_enctypes': 'des3'}}, +- {'realms': {'$realm': { +- 'supported_enctypes': 'des3-cbc-sha1:normal', +- 'master_key_type': 'des3-cbc-sha1'}}}), +- + # Exercise the arcfour enctype. + ('arcfour', None, + {'libdefaults': {'permitted_enctypes': 'rc4'}}, +diff --git a/src/windows/leash/htmlhelp/html/Encryption_Types.htm b/src/windows/leash/htmlhelp/html/Encryption_Types.htm +index 1aebdd0b4..c38eefd2b 100644 +--- a/src/windows/leash/htmlhelp/html/Encryption_Types.htm ++++ b/src/windows/leash/htmlhelp/html/Encryption_Types.htm +@@ -79,19 +79,6 @@ will have an entry in the Encryption type column.
+ Description + + +- des3- +- The triple DES family improves on +-the original DES (Data Encryption Standard) by using 3 separate 56-bit +-keys. Some modes of 3DES are considered weak while others are strong +-(if slow).
    +-
  • des3-cbc-sha1
  • +-
  • des3-cbc-raw (weak)
  • +-
  • des3-hmac-sha1
  • +-
  • des3-cbc-sha1-kd
  • +-
+- +- +- + aes + The AES Advanced Encryption Standard + family, like 3DES, is a symmetric block cipher and was designed diff --git a/SOURCES/downstream-SELinux-integration.patch b/SOURCES/downstream-SELinux-integration.patch new file mode 100644 index 0000000..0ba8b6c --- /dev/null +++ b/SOURCES/downstream-SELinux-integration.patch @@ -0,0 +1,1034 @@ +From e787771b618a344d45ac515927e914602f48946f Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Tue, 23 Aug 2016 16:30:53 -0400 +Subject: [PATCH] [downstream] SELinux integration + +SELinux bases access to files on the domain of the requesting process, +the operation being performed, and the context applied to the file. + +In many cases, applications needn't be SELinux aware to work properly, +because SELinux can apply a default label to a file based on the label +of the directory in which it's created. + +In the case of files such as /etc/krb5.keytab, however, this isn't +sufficient, as /etc/krb5.keytab will almost always need to be given a +label which differs from that of /etc/issue or /etc/resolv.conf. The +the kdb stash file needs a different label than the database for which +it's holding a master key, even though both typically live in the same +directory. + +To give the file the correct label, we can either force a "restorecon" +call to fix a file's label after it's created, or create the file with +the right label, as we attempt to do here. We lean on THREEPARAMOPEN +and define a similar macro named WRITABLEFOPEN with which we replace +several uses of fopen(). + +The file creation context that we're manipulating here is a process-wide +attribute. While for the most part, applications which need to label +files when they're created have tended to be single-threaded, there's +not much we can do to avoid interfering with an application that +manipulates the creation context directly. Right now we're mediating +access using a library-local mutex, but that can only work for consumers +that are part of this package -- an unsuspecting application will still +stomp all over us. + +The selabel APIs for looking up the context should be thread-safe (per +Red Hat #273081), so switching to using them instead of matchpathcon(), +which we used earlier, is some improvement. + +Last-updated: krb5-1.18-beta1 +--- + src/aclocal.m4 | 48 +++ + src/build-tools/krb5-config.in | 3 +- + src/config/pre.in | 3 +- + src/configure.ac | 2 + + src/include/k5-int.h | 1 + + src/include/k5-label.h | 32 ++ + src/include/krb5/krb5.hin | 6 + + src/kadmin/dbutil/dump.c | 11 +- + src/kdc/main.c | 2 +- + src/kprop/kpropd.c | 9 + + src/lib/kadm5/logger.c | 4 +- + src/lib/kdb/kdb_log.c | 2 +- + src/lib/krb5/ccache/cc_dir.c | 26 +- + src/lib/krb5/keytab/kt_file.c | 4 +- + src/lib/krb5/os/trace.c | 2 +- + src/plugins/kdb/db2/adb_openclose.c | 2 +- + src/plugins/kdb/db2/kdb_db2.c | 4 +- + src/plugins/kdb/db2/libdb2/btree/bt_open.c | 3 +- + src/plugins/kdb/db2/libdb2/hash/hash.c | 3 +- + src/plugins/kdb/db2/libdb2/recno/rec_open.c | 4 +- + .../kdb/ldap/ldap_util/kdb5_ldap_services.c | 11 +- + src/util/profile/prof_file.c | 3 +- + src/util/support/Makefile.in | 3 +- + src/util/support/selinux.c | 406 ++++++++++++++++++ + 24 files changed, 573 insertions(+), 21 deletions(-) + create mode 100644 src/include/k5-label.h + create mode 100644 src/util/support/selinux.c + +diff --git a/src/aclocal.m4 b/src/aclocal.m4 +index ca9fcf664..5afb96e58 100644 +--- a/src/aclocal.m4 ++++ b/src/aclocal.m4 +@@ -85,6 +85,7 @@ AC_SUBST_FILE(libnodeps_frag) + dnl + KRB5_AC_PRAGMA_WEAK_REF + WITH_LDAP ++KRB5_WITH_SELINUX + KRB5_LIB_PARAMS + KRB5_AC_INITFINI + KRB5_AC_ENABLE_THREADS +@@ -1745,4 +1746,51 @@ AC_SUBST(PAM_LIBS) + AC_SUBST(PAM_MAN) + AC_SUBST(NON_PAM_MAN) + ])dnl ++dnl ++dnl Use libselinux to set file contexts on newly-created files. ++dnl ++AC_DEFUN(KRB5_WITH_SELINUX,[ ++AC_ARG_WITH(selinux,[AC_HELP_STRING(--with-selinux,[compile with SELinux labeling support])], ++ withselinux="$withval",withselinux=auto) ++old_LIBS="$LIBS" ++if test "$withselinux" != no ; then ++ AC_MSG_RESULT([checking for libselinux...]) ++ SELINUX_LIBS= ++ AC_CHECK_HEADERS(selinux/selinux.h selinux/label.h) ++ if test "x$ac_cv_header_selinux_selinux_h" != xyes ; then ++ if test "$withselinux" = auto ; then ++ AC_MSG_RESULT([Unable to locate selinux/selinux.h.]) ++ withselinux=no ++ else ++ AC_MSG_ERROR([Unable to locate selinux/selinux.h.]) ++ fi ++ fi + ++ LIBS= ++ unset ac_cv_func_setfscreatecon ++ AC_CHECK_FUNCS(setfscreatecon selabel_open) ++ if test "x$ac_cv_func_setfscreatecon" = xno ; then ++ AC_CHECK_LIB(selinux,setfscreatecon) ++ unset ac_cv_func_setfscreatecon ++ AC_CHECK_FUNCS(setfscreatecon selabel_open) ++ if test "x$ac_cv_func_setfscreatecon" = xyes ; then ++ SELINUX_LIBS="$LIBS" ++ else ++ if test "$withselinux" = auto ; then ++ AC_MSG_RESULT([Unable to locate libselinux.]) ++ withselinux=no ++ else ++ AC_MSG_ERROR([Unable to locate libselinux.]) ++ fi ++ fi ++ fi ++ if test "$withselinux" != no ; then ++ AC_MSG_NOTICE([building with SELinux labeling support]) ++ AC_DEFINE(USE_SELINUX,1,[Define if Kerberos-aware tools should set SELinux file contexts when creating files.]) ++ SELINUX_LIBS="$LIBS" ++ EXTRA_SUPPORT_SYMS="$EXTRA_SUPPORT_SYMS krb5int_labeled_open krb5int_labeled_fopen krb5int_push_fscreatecon_for krb5int_pop_fscreatecon" ++ fi ++fi ++LIBS="$old_LIBS" ++AC_SUBST(SELINUX_LIBS) ++])dnl +diff --git a/src/build-tools/krb5-config.in b/src/build-tools/krb5-config.in +index dead0dddc..fef3e054f 100755 +--- a/src/build-tools/krb5-config.in ++++ b/src/build-tools/krb5-config.in +@@ -41,6 +41,7 @@ DL_LIB='@DL_LIB@' + DEFCCNAME='@DEFCCNAME@' + DEFKTNAME='@DEFKTNAME@' + DEFCKTNAME='@DEFCKTNAME@' ++SELINUX_LIBS='@SELINUX_LIBS@' + + LIBS='@LIBS@' + GEN_LIB=@GEN_LIB@ +@@ -254,7 +255,7 @@ if test -n "$do_libs"; then + fi + + # If we ever support a flag to generate output suitable for static +- # linking, we would output "-lkrb5support $GEN_LIB $LIBS $DL_LIB" ++ # linking, we would output "-lkrb5support $GEN_LIB $LIBS $SELINUX_LIBS $DL_LIB" + # here. + + echo $lib_flags +diff --git a/src/config/pre.in b/src/config/pre.in +index 3752174c7..0d2068575 100644 +--- a/src/config/pre.in ++++ b/src/config/pre.in +@@ -177,6 +177,7 @@ LD = $(PURE) @LD@ + KRB_INCLUDES = -I$(BUILDTOP)/include -I$(top_srcdir)/include + LDFLAGS = @LDFLAGS@ + LIBS = @LIBS@ ++SELINUX_LIBS=@SELINUX_LIBS@ + + INSTALL=@INSTALL@ + INSTALL_STRIP= +@@ -403,7 +404,7 @@ SUPPORT_LIB = -l$(SUPPORT_LIBNAME) + # HESIOD_LIBS is -lhesiod... + HESIOD_LIBS = @HESIOD_LIBS@ + +-KRB5_BASE_LIBS = $(KRB5_LIB) $(K5CRYPTO_LIB) $(COM_ERR_LIB) $(SUPPORT_LIB) $(GEN_LIB) $(LIBS) $(DL_LIB) ++KRB5_BASE_LIBS = $(KRB5_LIB) $(K5CRYPTO_LIB) $(COM_ERR_LIB) $(SUPPORT_LIB) $(GEN_LIB) $(LIBS) $(SELINUX_LIBS) $(DL_LIB) + KDB5_LIBS = $(KDB5_LIB) $(GSSRPC_LIBS) + GSS_LIBS = $(GSS_KRB5_LIB) + # needs fixing if ever used on macOS! +diff --git a/src/configure.ac b/src/configure.ac +index 693f76a81..dd2cad3ee 100644 +--- a/src/configure.ac ++++ b/src/configure.ac +@@ -1391,6 +1391,8 @@ AC_PATH_PROG(GROFF, groff) + + KRB5_WITH_PAM + ++KRB5_WITH_SELINUX ++ + # Make localedir work in autoconf 2.5x. + if test "${localedir+set}" != set; then + localedir='$(datadir)/locale' +diff --git a/src/include/k5-int.h b/src/include/k5-int.h +index cf524252f..efb523689 100644 +--- a/src/include/k5-int.h ++++ b/src/include/k5-int.h +@@ -128,6 +128,7 @@ typedef unsigned char u_char; + + + #include "k5-platform.h" ++#include "k5-label.h" + + #define KRB5_KDB_MAX_LIFE (60*60*24) /* one day */ + #define KRB5_KDB_MAX_RLIFE (60*60*24*7) /* one week */ +diff --git a/src/include/k5-label.h b/src/include/k5-label.h +new file mode 100644 +index 000000000..dfaaa847c +--- /dev/null ++++ b/src/include/k5-label.h +@@ -0,0 +1,32 @@ ++#ifndef _KRB5_LABEL_H ++#define _KRB5_LABEL_H ++ ++#ifdef THREEPARAMOPEN ++#undef THREEPARAMOPEN ++#endif ++#ifdef WRITABLEFOPEN ++#undef WRITABLEFOPEN ++#endif ++ ++/* Wrapper functions which help us create files and directories with the right ++ * context labels. */ ++#ifdef USE_SELINUX ++#include ++#include ++#include ++#include ++#include ++FILE *krb5int_labeled_fopen(const char *path, const char *mode); ++int krb5int_labeled_creat(const char *path, mode_t mode); ++int krb5int_labeled_open(const char *path, int flags, ...); ++int krb5int_labeled_mkdir(const char *path, mode_t mode); ++int krb5int_labeled_mknod(const char *path, mode_t mode, dev_t device); ++#define THREEPARAMOPEN(x,y,z) krb5int_labeled_open(x,y,z) ++#define WRITABLEFOPEN(x,y) krb5int_labeled_fopen(x,y) ++void *krb5int_push_fscreatecon_for(const char *pathname); ++void krb5int_pop_fscreatecon(void *previous); ++#else ++#define WRITABLEFOPEN(x,y) fopen(x,y) ++#define THREEPARAMOPEN(x,y,z) open(x,y,z) ++#endif ++#endif +diff --git a/src/include/krb5/krb5.hin b/src/include/krb5/krb5.hin +index 045334a08..db80063eb 100644 +--- a/src/include/krb5/krb5.hin ++++ b/src/include/krb5/krb5.hin +@@ -87,6 +87,12 @@ + #define THREEPARAMOPEN(x,y,z) open(x,y,z) + #endif + ++#if KRB5_PRIVATE ++#ifndef WRITABLEFOPEN ++#define WRITABLEFOPEN(x,y) fopen(x,y) ++#endif ++#endif ++ + #define KRB5_OLD_CRYPTO + + #include +diff --git a/src/kadmin/dbutil/dump.c b/src/kadmin/dbutil/dump.c +index 634ba4a8b..cea7939f4 100644 +--- a/src/kadmin/dbutil/dump.c ++++ b/src/kadmin/dbutil/dump.c +@@ -148,12 +148,21 @@ create_ofile(char *ofile, char **tmpname) + { + int fd = -1; + FILE *f; ++#ifdef USE_SELINUX ++ void *selabel; ++#endif + + *tmpname = NULL; + if (asprintf(tmpname, "%s-XXXXXX", ofile) < 0) + goto error; + ++#ifdef USE_SELINUX ++ selabel = krb5int_push_fscreatecon_for(ofile); ++#endif + fd = mkstemp(*tmpname); ++#ifdef USE_SELINUX ++ krb5int_pop_fscreatecon(selabel); ++#endif + if (fd == -1) + goto error; + +@@ -197,7 +206,7 @@ prep_ok_file(krb5_context context, char *file_name, int *fd_out) + goto cleanup; + } + +- fd = open(file_ok, O_WRONLY | O_CREAT | O_TRUNC, 0600); ++ fd = THREEPARAMOPEN(file_ok, O_WRONLY | O_CREAT | O_TRUNC, 0600); + if (fd == -1) { + com_err(progname, errno, _("while creating 'ok' file, '%s'"), file_ok); + goto cleanup; +diff --git a/src/kdc/main.c b/src/kdc/main.c +index 3be6dcb07..24d441e16 100644 +--- a/src/kdc/main.c ++++ b/src/kdc/main.c +@@ -872,7 +872,7 @@ write_pid_file(const char *path) + FILE *file; + unsigned long pid; + +- file = fopen(path, "w"); ++ file = WRITABLEFOPEN(path, "w"); + if (file == NULL) + return errno; + pid = (unsigned long) getpid(); +diff --git a/src/kprop/kpropd.c b/src/kprop/kpropd.c +index 498ca599a..c6b8efc28 100644 +--- a/src/kprop/kpropd.c ++++ b/src/kprop/kpropd.c +@@ -487,6 +487,9 @@ doit(int fd) + krb5_enctype etype; + int database_fd; + char host[INET6_ADDRSTRLEN + 1]; ++#ifdef USE_SELINUX ++ void *selabel; ++#endif + + signal_wrapper(SIGALRM, alarm_handler); + alarm(params.iprop_resync_timeout); +@@ -542,9 +545,15 @@ doit(int fd) + free(name); + exit(1); + } ++#ifdef USE_SELINUX ++ selabel = krb5int_push_fscreatecon_for(file); ++#endif + omask = umask(077); + lock_fd = open(temp_file_name, O_RDWR | O_CREAT, 0600); + (void)umask(omask); ++#ifdef USE_SELINUX ++ krb5int_pop_fscreatecon(selabel); ++#endif + retval = krb5_lock_file(kpropd_context, lock_fd, + KRB5_LOCKMODE_EXCLUSIVE | KRB5_LOCKMODE_DONTBLOCK); + if (retval) { +diff --git a/src/lib/kadm5/logger.c b/src/lib/kadm5/logger.c +index c6885edf2..9aec3c05e 100644 +--- a/src/lib/kadm5/logger.c ++++ b/src/lib/kadm5/logger.c +@@ -309,7 +309,7 @@ krb5_klog_init(krb5_context kcontext, char *ename, char *whoami, krb5_boolean do + */ + append = (cp[4] == ':') ? O_APPEND : 0; + if (append || cp[4] == '=') { +- fd = open(&cp[5], O_CREAT | O_WRONLY | append, ++ fd = THREEPARAMOPEN(&cp[5], O_CREAT | O_WRONLY | append, + S_IRUSR | S_IWUSR | S_IRGRP); + if (fd != -1) + f = fdopen(fd, append ? "a" : "w"); +@@ -776,7 +776,7 @@ krb5_klog_reopen(krb5_context kcontext) + * In case the old logfile did not get moved out of the + * way, open for append to prevent squashing the old logs. + */ +- f = fopen(log_control.log_entries[lindex].lfu_fname, "a+"); ++ f = WRITABLEFOPEN(log_control.log_entries[lindex].lfu_fname, "a+"); + if (f) { + set_cloexec_file(f); + log_control.log_entries[lindex].lfu_filep = f; +diff --git a/src/lib/kdb/kdb_log.c b/src/lib/kdb/kdb_log.c +index 2659a2501..e9b95fce5 100644 +--- a/src/lib/kdb/kdb_log.c ++++ b/src/lib/kdb/kdb_log.c +@@ -480,7 +480,7 @@ ulog_map(krb5_context context, const char *logname, uint32_t ulogentries) + return ENOMEM; + + if (stat(logname, &st) == -1) { +- log_ctx->ulogfd = open(logname, O_RDWR | O_CREAT, 0600); ++ log_ctx->ulogfd = THREEPARAMOPEN(logname, O_RDWR | O_CREAT, 0600); + if (log_ctx->ulogfd == -1) { + retval = errno; + goto cleanup; +diff --git a/src/lib/krb5/ccache/cc_dir.c b/src/lib/krb5/ccache/cc_dir.c +index 7b100a0ec..5683a0433 100644 +--- a/src/lib/krb5/ccache/cc_dir.c ++++ b/src/lib/krb5/ccache/cc_dir.c +@@ -183,10 +183,19 @@ write_primary_file(const char *primary_path, const char *contents) + char *newpath = NULL; + FILE *fp = NULL; + int fd = -1, status; ++#ifdef USE_SELINUX ++ void *selabel; ++#endif + + if (asprintf(&newpath, "%s.XXXXXX", primary_path) < 0) + return ENOMEM; ++#ifdef USE_SELINUX ++ selabel = krb5int_push_fscreatecon_for(primary_path); ++#endif + fd = mkstemp(newpath); ++#ifdef USE_SELINUX ++ krb5int_pop_fscreatecon(selabel); ++#endif + if (fd < 0) + goto cleanup; + #ifdef HAVE_CHMOD +@@ -221,10 +230,23 @@ static krb5_error_code + verify_dir(krb5_context context, const char *dirname) + { + struct stat st; ++ int status; ++#ifdef USE_SELINUX ++ void *selabel; ++#endif + + if (stat(dirname, &st) < 0) { +- if (errno == ENOENT && mkdir(dirname, S_IRWXU) == 0) +- return 0; ++ if (errno == ENOENT) { ++#ifdef USE_SELINUX ++ selabel = krb5int_push_fscreatecon_for(dirname); ++#endif ++ status = mkdir(dirname, S_IRWXU); ++#ifdef USE_SELINUX ++ krb5int_pop_fscreatecon(selabel); ++#endif ++ if (status == 0) ++ return 0; ++ } + k5_setmsg(context, KRB5_FCC_NOFILE, + _("Credential cache directory %s does not exist"), + dirname); +diff --git a/src/lib/krb5/keytab/kt_file.c b/src/lib/krb5/keytab/kt_file.c +index e510211fc..f3ea28c8e 100644 +--- a/src/lib/krb5/keytab/kt_file.c ++++ b/src/lib/krb5/keytab/kt_file.c +@@ -735,14 +735,14 @@ krb5_ktfileint_open(krb5_context context, krb5_keytab id, int mode) + + KTCHECKLOCK(id); + errno = 0; +- KTFILEP(id) = fopen(KTFILENAME(id), ++ KTFILEP(id) = WRITABLEFOPEN(KTFILENAME(id), + (mode == KRB5_LOCKMODE_EXCLUSIVE) ? "rb+" : "rb"); + if (!KTFILEP(id)) { + if ((mode == KRB5_LOCKMODE_EXCLUSIVE) && (errno == ENOENT)) { + /* try making it first time around */ + k5_create_secure_file(context, KTFILENAME(id)); + errno = 0; +- KTFILEP(id) = fopen(KTFILENAME(id), "rb+"); ++ KTFILEP(id) = WRITABLEFOPEN(KTFILENAME(id), "rb+"); + if (!KTFILEP(id)) + goto report_errno; + writevno = 1; +diff --git a/src/lib/krb5/os/trace.c b/src/lib/krb5/os/trace.c +index 7073459f0..e9b99f4ca 100644 +--- a/src/lib/krb5/os/trace.c ++++ b/src/lib/krb5/os/trace.c +@@ -458,7 +458,7 @@ krb5_set_trace_filename(krb5_context context, const char *filename) + fd = malloc(sizeof(*fd)); + if (fd == NULL) + return ENOMEM; +- *fd = open(filename, O_WRONLY|O_CREAT|O_APPEND, 0600); ++ *fd = THREEPARAMOPEN(filename, O_WRONLY|O_CREAT|O_APPEND, 0600); + if (*fd == -1) { + free(fd); + return errno; +diff --git a/src/plugins/kdb/db2/adb_openclose.c b/src/plugins/kdb/db2/adb_openclose.c +index 7db30a33b..2b9d01921 100644 +--- a/src/plugins/kdb/db2/adb_openclose.c ++++ b/src/plugins/kdb/db2/adb_openclose.c +@@ -152,7 +152,7 @@ osa_adb_init_db(osa_adb_db_t *dbp, char *filename, char *lockfilename, + * needs be open read/write so that write locking can work with + * POSIX systems + */ +- if ((lockp->lockinfo.lockfile = fopen(lockfilename, "r+")) == NULL) { ++ if ((lockp->lockinfo.lockfile = WRITABLEFOPEN(lockfilename, "r+")) == NULL) { + /* + * maybe someone took away write permission so we could only + * get shared locks? +diff --git a/src/plugins/kdb/db2/kdb_db2.c b/src/plugins/kdb/db2/kdb_db2.c +index 1a476b586..b40bb2240 100644 +--- a/src/plugins/kdb/db2/kdb_db2.c ++++ b/src/plugins/kdb/db2/kdb_db2.c +@@ -694,8 +694,8 @@ ctx_create_db(krb5_context context, krb5_db2_context *dbc) + if (retval) + return retval; + +- dbc->db_lf_file = open(dbc->db_lf_name, O_CREAT | O_RDWR | O_TRUNC, +- 0600); ++ dbc->db_lf_file = THREEPARAMOPEN(dbc->db_lf_name, ++ O_CREAT | O_RDWR | O_TRUNC, 0600); + if (dbc->db_lf_file < 0) { + retval = errno; + goto cleanup; +diff --git a/src/plugins/kdb/db2/libdb2/btree/bt_open.c b/src/plugins/kdb/db2/libdb2/btree/bt_open.c +index 2977b17f3..d5809a5a9 100644 +--- a/src/plugins/kdb/db2/libdb2/btree/bt_open.c ++++ b/src/plugins/kdb/db2/libdb2/btree/bt_open.c +@@ -60,6 +60,7 @@ static char sccsid[] = "@(#)bt_open.c 8.11 (Berkeley) 11/2/95"; + #include + #include + ++#include "k5-int.h" + #include "db-int.h" + #include "btree.h" + +@@ -203,7 +204,7 @@ __bt_open(fname, flags, mode, openinfo, dflags) + goto einval; + } + +- if ((t->bt_fd = open(fname, flags | O_BINARY, mode)) < 0) ++ if ((t->bt_fd = THREEPARAMOPEN(fname, flags | O_BINARY, mode)) < 0) + goto err; + + } else { +diff --git a/src/plugins/kdb/db2/libdb2/hash/hash.c b/src/plugins/kdb/db2/libdb2/hash/hash.c +index 862dbb164..686a960c9 100644 +--- a/src/plugins/kdb/db2/libdb2/hash/hash.c ++++ b/src/plugins/kdb/db2/libdb2/hash/hash.c +@@ -51,6 +51,7 @@ static char sccsid[] = "@(#)hash.c 8.12 (Berkeley) 11/7/95"; + #include + #endif + ++#include "k5-int.h" + #include "db-int.h" + #include "hash.h" + #include "page.h" +@@ -129,7 +130,7 @@ __kdb2_hash_open(file, flags, mode, info, dflags) + new_table = 1; + } + if (file) { +- if ((hashp->fp = open(file, flags|O_BINARY, mode)) == -1) ++ if ((hashp->fp = THREEPARAMOPEN(file, flags|O_BINARY, mode)) == -1) + RETURN_ERROR(errno, error0); + (void)fcntl(hashp->fp, F_SETFD, 1); + } +diff --git a/src/plugins/kdb/db2/libdb2/recno/rec_open.c b/src/plugins/kdb/db2/libdb2/recno/rec_open.c +index d8b26e701..b0daa7c02 100644 +--- a/src/plugins/kdb/db2/libdb2/recno/rec_open.c ++++ b/src/plugins/kdb/db2/libdb2/recno/rec_open.c +@@ -51,6 +51,7 @@ static char sccsid[] = "@(#)rec_open.c 8.12 (Berkeley) 11/18/94"; + #include + #include + ++#include "k5-int.h" + #include "db-int.h" + #include "recno.h" + +@@ -68,7 +69,8 @@ __rec_open(fname, flags, mode, openinfo, dflags) + int rfd = -1, sverrno; + + /* Open the user's file -- if this fails, we're done. */ +- if (fname != NULL && (rfd = open(fname, flags | O_BINARY, mode)) < 0) ++ if (fname != NULL && ++ (rfd = THREEPARAMOPEN(fname, flags | O_BINARY, mode)) < 0) + return (NULL); + + if (fname != NULL && fcntl(rfd, F_SETFD, 1) == -1) { +diff --git a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c +index e87688d66..30f7c00ab 100644 +--- a/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c ++++ b/src/plugins/kdb/ldap/ldap_util/kdb5_ldap_services.c +@@ -190,7 +190,7 @@ kdb5_ldap_stash_service_password(int argc, char **argv) + + /* set password in the file */ + old_mode = umask(0177); +- pfile = fopen(file_name, "a+"); ++ pfile = WRITABLEFOPEN(file_name, "a+"); + if (pfile == NULL) { + com_err(me, errno, _("Failed to open file %s: %s"), file_name, + strerror (errno)); +@@ -231,6 +231,9 @@ kdb5_ldap_stash_service_password(int argc, char **argv) + * Delete the existing entry and add the new entry + */ + FILE *newfile; ++#ifdef USE_SELINUX ++ void *selabel; ++#endif + + mode_t omask; + +@@ -242,7 +245,13 @@ kdb5_ldap_stash_service_password(int argc, char **argv) + } + + omask = umask(077); ++#ifdef USE_SELINUX ++ selabel = krb5int_push_fscreatecon_for(file_name); ++#endif + newfile = fopen(tmp_file, "w"); ++#ifdef USE_SELINUX ++ krb5int_pop_fscreatecon(selabel); ++#endif + umask (omask); + if (newfile == NULL) { + com_err(me, errno, _("Error creating file %s"), tmp_file); +diff --git a/src/util/profile/prof_file.c b/src/util/profile/prof_file.c +index aa951df05..79f9500f6 100644 +--- a/src/util/profile/prof_file.c ++++ b/src/util/profile/prof_file.c +@@ -33,6 +33,7 @@ + #endif + + #include "k5-platform.h" ++#include "k5-label.h" + + struct global_shared_profile_data { + /* This is the head of the global list of shared trees */ +@@ -391,7 +392,7 @@ static errcode_t write_data_to_file(prf_data_t data, const char *outfile, + + errno = 0; + +- f = fopen(new_file, "w"); ++ f = WRITABLEFOPEN(new_file, "w"); + if (!f) { + retval = errno; + if (retval == 0) +diff --git a/src/util/support/Makefile.in b/src/util/support/Makefile.in +index 86d5a950a..1052d53a1 100644 +--- a/src/util/support/Makefile.in ++++ b/src/util/support/Makefile.in +@@ -74,6 +74,7 @@ IPC_SYMS= \ + + STLIBOBJS= \ + threads.o \ ++ selinux.o \ + init-addrinfo.o \ + plugins.o \ + errors.o \ +@@ -168,7 +169,7 @@ SRCS=\ + + SHLIB_EXPDEPS = + # Add -lm if dumping thread stats, for sqrt. +-SHLIB_EXPLIBS= $(LIBS) $(DL_LIB) ++SHLIB_EXPLIBS= $(LIBS) $(SELINUX_LIBS) $(DL_LIB) + + DEPLIBS= + +diff --git a/src/util/support/selinux.c b/src/util/support/selinux.c +new file mode 100644 +index 000000000..6d41f3244 +--- /dev/null ++++ b/src/util/support/selinux.c +@@ -0,0 +1,406 @@ ++/* ++ * Copyright 2007,2008,2009,2011,2012,2013,2016 Red Hat, Inc. All Rights Reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions are met: ++ * ++ * Redistributions of source code must retain the above copyright notice, this ++ * list of conditions and the following disclaimer. ++ * ++ * Redistributions in binary form must reproduce the above copyright notice, ++ * this list of conditions and the following disclaimer in the documentation ++ * and/or other materials provided with the distribution. ++ * ++ * Neither the name of Red Hat, Inc. nor the names of its contributors may be ++ * used to endorse or promote products derived from this software without ++ * specific prior written permission. ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" ++ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ++ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE ++ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR ++ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF ++ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS ++ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN ++ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE ++ * POSSIBILITY OF SUCH DAMAGE. ++ * ++ * File-opening wrappers for creating correctly-labeled files. So far, we can ++ * assume that this is Linux-specific, so we make many simplifying assumptions. ++ */ ++ ++#include "../../include/autoconf.h" ++ ++#ifdef USE_SELINUX ++ ++#include ++#include ++ ++#include ++#include ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++#include ++#include ++ ++/* #define DEBUG 1 */ ++static void ++debug_log(const char *fmt, ...) ++{ ++#ifdef DEBUG ++ va_list ap; ++ va_start(ap, fmt); ++ if (isatty(fileno(stderr))) { ++ vfprintf(stderr, fmt, ap); ++ } ++ va_end(ap); ++#endif ++ ++ return; ++} ++ ++/* Mutex used to serialize use of the process-global file creation context. */ ++k5_mutex_t labeled_mutex = K5_MUTEX_PARTIAL_INITIALIZER; ++ ++/* Make sure we finish initializing that mutex before attempting to use it. */ ++k5_once_t labeled_once = K5_ONCE_INIT; ++static void ++label_mutex_init(void) ++{ ++ k5_mutex_finish_init(&labeled_mutex); ++} ++ ++static struct selabel_handle *selabel_ctx; ++static time_t selabel_last_changed; ++ ++MAKE_FINI_FUNCTION(cleanup_fscreatecon); ++ ++static void ++cleanup_fscreatecon(void) ++{ ++ if (selabel_ctx != NULL) { ++ selabel_close(selabel_ctx); ++ selabel_ctx = NULL; ++ } ++} ++ ++static security_context_t ++push_fscreatecon(const char *pathname, mode_t mode) ++{ ++ security_context_t previous, configuredsc, currentsc, derivedsc; ++ context_t current, derived; ++ const char *fullpath, *currentuser; ++ char *genpath; ++ ++ previous = configuredsc = currentsc = derivedsc = NULL; ++ current = derived = NULL; ++ genpath = NULL; ++ ++ fullpath = pathname; ++ ++ if (!is_selinux_enabled()) { ++ goto fail; ++ } ++ ++ if (getfscreatecon(&previous) != 0) { ++ goto fail; ++ } ++ ++ /* Canonicalize pathname */ ++ if (pathname[0] != '/') { ++ char *wd; ++ size_t len; ++ len = 0; ++ ++ wd = getcwd(NULL, len); ++ if (wd == NULL) { ++ goto fail; ++ } ++ ++ len = strlen(wd) + 1 + strlen(pathname) + 1; ++ genpath = malloc(len); ++ if (genpath == NULL) { ++ free(wd); ++ goto fail; ++ } ++ ++ sprintf(genpath, "%s/%s", wd, pathname); ++ free(wd); ++ fullpath = genpath; ++ } ++ ++ debug_log("Looking up context for \"%s\"(%05o).\n", fullpath, mode); ++ ++ /* Check whether context file has changed under us */ ++ if (selabel_ctx != NULL || selabel_last_changed == 0) { ++ const char *cpath; ++ struct stat st; ++ int i = -1; ++ ++ cpath = selinux_file_context_path(); ++ if (cpath == NULL || (i = stat(cpath, &st)) != 0 || ++ st.st_mtime != selabel_last_changed) { ++ cleanup_fscreatecon(); ++ ++ selabel_last_changed = i ? time(NULL) : st.st_mtime; ++ } ++ } ++ ++ if (selabel_ctx == NULL) { ++ selabel_ctx = selabel_open(SELABEL_CTX_FILE, NULL, 0); ++ } ++ ++ if (selabel_ctx != NULL && ++ selabel_lookup(selabel_ctx, &configuredsc, fullpath, mode) != 0) { ++ goto fail; ++ } ++ ++ if (genpath != NULL) { ++ free(genpath); ++ genpath = NULL; ++ } ++ ++ if (configuredsc == NULL) { ++ goto fail; ++ } ++ ++ getcon(¤tsc); ++ ++ /* AAAAAAAA */ ++ if (currentsc != NULL) { ++ derived = context_new(configuredsc); ++ ++ if (derived != NULL) { ++ current = context_new(currentsc); ++ ++ if (current != NULL) { ++ currentuser = context_user_get(current); ++ ++ if (currentuser != NULL) { ++ if (context_user_set(derived, ++ currentuser) == 0) { ++ derivedsc = context_str(derived); ++ ++ if (derivedsc != NULL) { ++ freecon(configuredsc); ++ configuredsc = strdup(derivedsc); ++ } ++ } ++ } ++ ++ context_free(current); ++ } ++ ++ context_free(derived); ++ } ++ ++ freecon(currentsc); ++ } ++ ++ debug_log("Setting file creation context to \"%s\".\n", configuredsc); ++ if (setfscreatecon(configuredsc) != 0) { ++ debug_log("Unable to determine current context.\n"); ++ goto fail; ++ } ++ ++ freecon(configuredsc); ++ return previous; ++ ++fail: ++ if (previous != NULL) { ++ freecon(previous); ++ } ++ if (genpath != NULL) { ++ free(genpath); ++ } ++ if (configuredsc != NULL) { ++ freecon(configuredsc); ++ } ++ ++ cleanup_fscreatecon(); ++ return NULL; ++} ++ ++static void ++pop_fscreatecon(security_context_t previous) ++{ ++ if (!is_selinux_enabled()) { ++ return; ++ } ++ ++ if (previous != NULL) { ++ debug_log("Resetting file creation context to \"%s\".\n", previous); ++ } else { ++ debug_log("Resetting file creation context to default.\n"); ++ } ++ ++ /* NULL resets to default */ ++ setfscreatecon(previous); ++ ++ if (previous != NULL) { ++ freecon(previous); ++ } ++ ++ /* Need to clean this up here otherwise it leaks */ ++ cleanup_fscreatecon(); ++} ++ ++void * ++krb5int_push_fscreatecon_for(const char *pathname) ++{ ++ struct stat st; ++ void *retval; ++ ++ k5_once(&labeled_once, label_mutex_init); ++ k5_mutex_lock(&labeled_mutex); ++ ++ if (stat(pathname, &st) != 0) { ++ st.st_mode = S_IRUSR | S_IWUSR; ++ } ++ ++ retval = push_fscreatecon(pathname, st.st_mode); ++ return retval ? retval : (void *) -1; ++} ++ ++void ++krb5int_pop_fscreatecon(void *con) ++{ ++ if (con != NULL) { ++ pop_fscreatecon((con == (void *) -1) ? NULL : con); ++ k5_mutex_unlock(&labeled_mutex); ++ } ++} ++ ++FILE * ++krb5int_labeled_fopen(const char *path, const char *mode) ++{ ++ FILE *fp; ++ int errno_save; ++ security_context_t ctx; ++ ++ if ((strcmp(mode, "r") == 0) || ++ (strcmp(mode, "rb") == 0)) { ++ return fopen(path, mode); ++ } ++ ++ k5_once(&labeled_once, label_mutex_init); ++ k5_mutex_lock(&labeled_mutex); ++ ctx = push_fscreatecon(path, 0); ++ ++ fp = fopen(path, mode); ++ errno_save = errno; ++ ++ pop_fscreatecon(ctx); ++ k5_mutex_unlock(&labeled_mutex); ++ ++ errno = errno_save; ++ return fp; ++} ++ ++int ++krb5int_labeled_creat(const char *path, mode_t mode) ++{ ++ int fd; ++ int errno_save; ++ security_context_t ctx; ++ ++ k5_once(&labeled_once, label_mutex_init); ++ k5_mutex_lock(&labeled_mutex); ++ ctx = push_fscreatecon(path, 0); ++ ++ fd = creat(path, mode); ++ errno_save = errno; ++ ++ pop_fscreatecon(ctx); ++ k5_mutex_unlock(&labeled_mutex); ++ ++ errno = errno_save; ++ return fd; ++} ++ ++int ++krb5int_labeled_mknod(const char *path, mode_t mode, dev_t dev) ++{ ++ int ret; ++ int errno_save; ++ security_context_t ctx; ++ ++ k5_once(&labeled_once, label_mutex_init); ++ k5_mutex_lock(&labeled_mutex); ++ ctx = push_fscreatecon(path, mode); ++ ++ ret = mknod(path, mode, dev); ++ errno_save = errno; ++ ++ pop_fscreatecon(ctx); ++ k5_mutex_unlock(&labeled_mutex); ++ ++ errno = errno_save; ++ return ret; ++} ++ ++int ++krb5int_labeled_mkdir(const char *path, mode_t mode) ++{ ++ int ret; ++ int errno_save; ++ security_context_t ctx; ++ ++ k5_once(&labeled_once, label_mutex_init); ++ k5_mutex_lock(&labeled_mutex); ++ ctx = push_fscreatecon(path, S_IFDIR); ++ ++ ret = mkdir(path, mode); ++ errno_save = errno; ++ ++ pop_fscreatecon(ctx); ++ k5_mutex_unlock(&labeled_mutex); ++ ++ errno = errno_save; ++ return ret; ++} ++ ++int ++krb5int_labeled_open(const char *path, int flags, ...) ++{ ++ int fd; ++ int errno_save; ++ security_context_t ctx; ++ mode_t mode; ++ va_list ap; ++ ++ if ((flags & O_CREAT) == 0) { ++ return open(path, flags); ++ } ++ ++ k5_once(&labeled_once, label_mutex_init); ++ k5_mutex_lock(&labeled_mutex); ++ ctx = push_fscreatecon(path, 0); ++ ++ va_start(ap, flags); ++ mode = va_arg(ap, mode_t); ++ fd = open(path, flags, mode); ++ va_end(ap); ++ ++ errno_save = errno; ++ ++ pop_fscreatecon(ctx); ++ k5_mutex_unlock(&labeled_mutex); ++ ++ errno = errno_save; ++ return fd; ++} ++ ++#endif /* USE_SELINUX */ diff --git a/SOURCES/downstream-fix-debuginfo-with-y.tab.c.patch b/SOURCES/downstream-fix-debuginfo-with-y.tab.c.patch new file mode 100644 index 0000000..172a093 --- /dev/null +++ b/SOURCES/downstream-fix-debuginfo-with-y.tab.c.patch @@ -0,0 +1,41 @@ +From d5ea86ef491feb38f12e6aa53b7579ac02675df6 Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Tue, 23 Aug 2016 16:49:25 -0400 +Subject: [PATCH] [downstream] fix debuginfo with y.tab.c + +We want to keep these y.tab.c files around because the debuginfo points to +them. It would be more elegant at the end to use symbolic links, but that +could mess up people working in the tree on other things. + +Last-updated: krb5-1.9 +--- + src/kadmin/cli/Makefile.in | 5 +++++ + src/plugins/kdb/ldap/ldap_util/Makefile.in | 2 +- + 2 files changed, 6 insertions(+), 1 deletion(-) + +diff --git a/src/kadmin/cli/Makefile.in b/src/kadmin/cli/Makefile.in +index adfea6e2b..d1327e400 100644 +--- a/src/kadmin/cli/Makefile.in ++++ b/src/kadmin/cli/Makefile.in +@@ -37,3 +37,8 @@ clean-unix:: + # CC_LINK is not meant for compilation and this use may break in the future. + datetest: getdate.c + $(CC_LINK) $(ALL_CFLAGS) -DTEST -o datetest getdate.c ++ ++%.c: %.y ++ $(RM) y.tab.c $@ ++ $(YACC.y) $< ++ $(CP) y.tab.c $@ +diff --git a/src/plugins/kdb/ldap/ldap_util/Makefile.in b/src/plugins/kdb/ldap/ldap_util/Makefile.in +index 8669c2436..a22f23c02 100644 +--- a/src/plugins/kdb/ldap/ldap_util/Makefile.in ++++ b/src/plugins/kdb/ldap/ldap_util/Makefile.in +@@ -20,7 +20,7 @@ $(PROG): $(OBJS) $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIB) $(GETDATE) + getdate.c: $(GETDATE) + $(RM) getdate.c y.tab.c + $(YACC) $(GETDATE) +- $(MV) y.tab.c getdate.c ++ $(CP) y.tab.c getdate.c + + install: + $(INSTALL_PROGRAM) $(PROG) ${DESTDIR}$(ADMIN_BINDIR)/$(PROG) diff --git a/SOURCES/downstream-ksu-pam-integration.patch b/SOURCES/downstream-ksu-pam-integration.patch new file mode 100644 index 0000000..7490bf2 --- /dev/null +++ b/SOURCES/downstream-ksu-pam-integration.patch @@ -0,0 +1,774 @@ +From 90ba715be48c2e1b6c7ca53cb1d75f3af2c388d6 Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Tue, 23 Aug 2016 16:29:58 -0400 +Subject: [PATCH] [downstream] ksu pam integration + +Modify ksu so that it performs account and session management on behalf of +the target user account, mimicking the action of regular su. The default +service name is "ksu", because on Fedora at least the configuration used +is determined by whether or not a login shell is being opened, and so +this may need to vary, too. At run-time, ksu's behavior can be reset to +the earlier, non-PAM behavior by setting "use_pam" to false in the [ksu] +section of /etc/krb5.conf. + +When enabled, ksu gains a dependency on libpam. + +Originally RT#5939, though it's changed since then to perform the account +and session management before dropping privileges, and to apply on top of +changes we're proposing for how it handles cache collections. + +Last-updated: krb5-1.18-beta1 +--- + src/aclocal.m4 | 69 +++++++ + src/clients/ksu/Makefile.in | 8 +- + src/clients/ksu/main.c | 88 +++++++- + src/clients/ksu/pam.c | 389 ++++++++++++++++++++++++++++++++++++ + src/clients/ksu/pam.h | 57 ++++++ + src/configure.ac | 2 + + 6 files changed, 610 insertions(+), 3 deletions(-) + create mode 100644 src/clients/ksu/pam.c + create mode 100644 src/clients/ksu/pam.h + +diff --git a/src/aclocal.m4 b/src/aclocal.m4 +index 024d6370c..ca9fcf664 100644 +--- a/src/aclocal.m4 ++++ b/src/aclocal.m4 +@@ -1677,3 +1677,72 @@ if test "$with_ldap" = yes; then + OPENLDAP_PLUGIN=yes + fi + ])dnl ++dnl ++dnl ++dnl Use PAM instead of local crypt() compare for checking local passwords, ++dnl and perform PAM account, session management, and password-changing where ++dnl appropriate. ++dnl ++AC_DEFUN(KRB5_WITH_PAM,[ ++AC_ARG_WITH(pam,[AC_HELP_STRING(--with-pam,[compile with PAM support])], ++ withpam="$withval",withpam=auto) ++AC_ARG_WITH(pam-ksu-service,[AC_HELP_STRING(--with-ksu-service,[PAM service name for ksu ["ksu"]])], ++ withksupamservice="$withval",withksupamservice=ksu) ++old_LIBS="$LIBS" ++if test "$withpam" != no ; then ++ AC_MSG_RESULT([checking for PAM...]) ++ PAM_LIBS= ++ ++ AC_CHECK_HEADERS(security/pam_appl.h) ++ if test "x$ac_cv_header_security_pam_appl_h" != xyes ; then ++ if test "$withpam" = auto ; then ++ AC_MSG_RESULT([Unable to locate security/pam_appl.h.]) ++ withpam=no ++ else ++ AC_MSG_ERROR([Unable to locate security/pam_appl.h.]) ++ fi ++ fi ++ ++ LIBS= ++ unset ac_cv_func_pam_start ++ AC_CHECK_FUNCS(putenv pam_start) ++ if test "x$ac_cv_func_pam_start" = xno ; then ++ unset ac_cv_func_pam_start ++ AC_CHECK_LIB(dl,dlopen) ++ AC_CHECK_FUNCS(pam_start) ++ if test "x$ac_cv_func_pam_start" = xno ; then ++ AC_CHECK_LIB(pam,pam_start) ++ unset ac_cv_func_pam_start ++ unset ac_cv_func_pam_getenvlist ++ AC_CHECK_FUNCS(pam_start pam_getenvlist) ++ if test "x$ac_cv_func_pam_start" = xyes ; then ++ PAM_LIBS="$LIBS" ++ else ++ if test "$withpam" = auto ; then ++ AC_MSG_RESULT([Unable to locate libpam.]) ++ withpam=no ++ else ++ AC_MSG_ERROR([Unable to locate libpam.]) ++ fi ++ fi ++ fi ++ fi ++ if test "$withpam" != no ; then ++ AC_MSG_NOTICE([building with PAM support]) ++ AC_DEFINE(USE_PAM,1,[Define if Kerberos-aware tools should support PAM]) ++ AC_DEFINE_UNQUOTED(KSU_PAM_SERVICE,"$withksupamservice", ++ [Define to the name of the PAM service name to be used by ksu.]) ++ PAM_LIBS="$LIBS" ++ NON_PAM_MAN=".\\\" " ++ PAM_MAN= ++ else ++ PAM_MAN=".\\\" " ++ NON_PAM_MAN= ++ fi ++fi ++LIBS="$old_LIBS" ++AC_SUBST(PAM_LIBS) ++AC_SUBST(PAM_MAN) ++AC_SUBST(NON_PAM_MAN) ++])dnl ++ +diff --git a/src/clients/ksu/Makefile.in b/src/clients/ksu/Makefile.in +index 8b4edce4d..9d58f29b5 100644 +--- a/src/clients/ksu/Makefile.in ++++ b/src/clients/ksu/Makefile.in +@@ -3,12 +3,14 @@ BUILDTOP=$(REL)..$(S).. + DEFINES = -DGET_TGT_VIA_PASSWD -DPRINC_LOOK_AHEAD -DCMD_PATH='"/usr/local/sbin /usr/local/bin /sbin /bin /usr/sbin /usr/bin"' + + KSU_LIBS=@KSU_LIBS@ ++PAM_LIBS=@PAM_LIBS@ + + SRCS = \ + $(srcdir)/krb_auth_su.c \ + $(srcdir)/ccache.c \ + $(srcdir)/authorization.c \ + $(srcdir)/main.c \ ++ $(srcdir)/pam.c \ + $(srcdir)/heuristic.c \ + $(srcdir)/xmalloc.c \ + $(srcdir)/setenv.c +@@ -17,13 +19,17 @@ OBJS = \ + ccache.o \ + authorization.o \ + main.o \ ++ pam.o \ + heuristic.o \ + xmalloc.o @SETENVOBJ@ + + all: ksu + + ksu: $(OBJS) $(KRB5_BASE_DEPLIBS) +- $(CC_LINK) -o $@ $(OBJS) $(KRB5_BASE_LIBS) $(KSU_LIBS) ++ $(CC_LINK) -o $@ $(OBJS) $(KRB5_BASE_LIBS) $(KSU_LIBS) $(PAM_LIBS) ++ ++pam.o: pam.c ++ $(CC) $(ALL_CFLAGS) -c $< + + clean: + $(RM) ksu +diff --git a/src/clients/ksu/main.c b/src/clients/ksu/main.c +index af1286172..931f05404 100644 +--- a/src/clients/ksu/main.c ++++ b/src/clients/ksu/main.c +@@ -26,6 +26,7 @@ + * KSU was written by: Ari Medvinsky, ari@isi.edu + */ + ++#include "autoconf.h" + #include "ksu.h" + #include "adm_proto.h" + #include +@@ -33,6 +34,10 @@ + #include + #include + ++#ifdef USE_PAM ++#include "pam.h" ++#endif ++ + /* globals */ + char * prog_name; + int auth_debug =0; +@@ -40,6 +45,7 @@ char k5login_path[MAXPATHLEN]; + char k5users_path[MAXPATHLEN]; + char * gb_err = NULL; + int quiet = 0; ++int force_fork = 0; + /***********/ + + #define KS_TEMPORARY_CACHE "MEMORY:_ksu" +@@ -536,6 +542,23 @@ main (argc, argv) + prog_name,target_user,client_name, + source_user,ontty()); + ++#ifdef USE_PAM ++ if (appl_pam_enabled(ksu_context, "ksu")) { ++ if (appl_pam_acct_mgmt(KSU_PAM_SERVICE, 1, target_user, NULL, ++ NULL, source_user, ++ ttyname(STDERR_FILENO)) != 0) { ++ fprintf(stderr, "Access denied for %s.\n", target_user); ++ exit(1); ++ } ++ if (appl_pam_requires_chauthtok()) { ++ fprintf(stderr, "Password change required for %s.\n", ++ target_user); ++ exit(1); ++ } ++ force_fork++; ++ } ++#endif ++ + /* Run authorization as target.*/ + if (krb5_seteuid(target_uid)) { + com_err(prog_name, errno, _("while switching to target for " +@@ -596,6 +619,24 @@ main (argc, argv) + + exit(1); + } ++#ifdef USE_PAM ++ } else { ++ /* we always do PAM account management, even for root */ ++ if (appl_pam_enabled(ksu_context, "ksu")) { ++ if (appl_pam_acct_mgmt(KSU_PAM_SERVICE, 1, target_user, NULL, ++ NULL, source_user, ++ ttyname(STDERR_FILENO)) != 0) { ++ fprintf(stderr, "Access denied for %s.\n", target_user); ++ exit(1); ++ } ++ if (appl_pam_requires_chauthtok()) { ++ fprintf(stderr, "Password change required for %s.\n", ++ target_user); ++ exit(1); ++ } ++ force_fork++; ++ } ++#endif + } + + if( some_rest_copy){ +@@ -653,6 +694,30 @@ main (argc, argv) + exit(1); + } + ++#ifdef USE_PAM ++ if (appl_pam_enabled(ksu_context, "ksu")) { ++ if (appl_pam_session_open() != 0) { ++ fprintf(stderr, "Error opening session for %s.\n", target_user); ++ exit(1); ++ } ++#ifdef DEBUG ++ if (auth_debug){ ++ printf(" Opened PAM session.\n"); ++ } ++#endif ++ if (appl_pam_cred_init()) { ++ fprintf(stderr, "Error initializing credentials for %s.\n", ++ target_user); ++ exit(1); ++ } ++#ifdef DEBUG ++ if (auth_debug){ ++ printf(" Initialized PAM credentials.\n"); ++ } ++#endif ++ } ++#endif ++ + /* set permissions */ + if (setgid(target_pwd->pw_gid) < 0) { + perror("ksu: setgid"); +@@ -750,7 +815,7 @@ main (argc, argv) + fprintf(stderr, "program to be execed %s\n",params[0]); + } + +- if( keep_target_cache ) { ++ if( keep_target_cache && !force_fork ) { + execv(params[0], params); + com_err(prog_name, errno, _("while trying to execv %s"), params[0]); + sweep_up(ksu_context, cc_target); +@@ -780,16 +845,35 @@ main (argc, argv) + if (ret_pid == -1) { + com_err(prog_name, errno, _("while calling waitpid")); + } +- sweep_up(ksu_context, cc_target); ++ if( !keep_target_cache ) { ++ sweep_up(ksu_context, cc_target); ++ } + exit (statusp); + case -1: + com_err(prog_name, errno, _("while trying to fork.")); + sweep_up(ksu_context, cc_target); + exit (1); + case 0: ++#ifdef USE_PAM ++ if (appl_pam_enabled(ksu_context, "ksu")) { ++ if (appl_pam_setenv() != 0) { ++ fprintf(stderr, "Error setting up environment for %s.\n", ++ target_user); ++ exit (1); ++ } ++#ifdef DEBUG ++ if (auth_debug){ ++ printf(" Set up PAM environment.\n"); ++ } ++#endif ++ } ++#endif + execv(params[0], params); + com_err(prog_name, errno, _("while trying to execv %s"), + params[0]); ++ if( keep_target_cache ) { ++ sweep_up(ksu_context, cc_target); ++ } + exit (1); + } + } +diff --git a/src/clients/ksu/pam.c b/src/clients/ksu/pam.c +new file mode 100644 +index 000000000..cbfe48704 +--- /dev/null ++++ b/src/clients/ksu/pam.c +@@ -0,0 +1,389 @@ ++/* ++ * src/clients/ksu/pam.c ++ * ++ * Copyright 2007,2009,2010 Red Hat, Inc. ++ * ++ * All Rights Reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions are met: ++ * ++ * Redistributions of source code must retain the above copyright notice, this ++ * list of conditions and the following disclaimer. ++ * ++ * Redistributions in binary form must reproduce the above copyright notice, ++ * this list of conditions and the following disclaimer in the documentation ++ * and/or other materials provided with the distribution. ++ * ++ * Neither the name of Red Hat, Inc. nor the names of its contributors may be ++ * used to endorse or promote products derived from this software without ++ * specific prior written permission. ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" ++ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ++ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE ++ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR ++ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF ++ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS ++ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN ++ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE ++ * POSSIBILITY OF SUCH DAMAGE. ++ * ++ * Convenience wrappers for using PAM. ++ */ ++ ++#include "autoconf.h" ++#ifdef USE_PAM ++#include ++#include ++#include ++#include ++#include ++#include "k5-int.h" ++#include "pam.h" ++ ++#ifndef MAXPWSIZE ++#define MAXPWSIZE 128 ++#endif ++ ++static int appl_pam_started; ++static pid_t appl_pam_starter = -1; ++static int appl_pam_session_opened; ++static int appl_pam_creds_initialized; ++static int appl_pam_pwchange_required; ++static pam_handle_t *appl_pamh; ++static struct pam_conv appl_pam_conv; ++static char *appl_pam_user; ++struct appl_pam_non_interactive_args { ++ const char *user; ++ const char *password; ++}; ++ ++int ++appl_pam_enabled(krb5_context context, const char *section) ++{ ++ int enabled = 1; ++ if ((context != NULL) && (context->profile != NULL)) { ++ if (profile_get_boolean(context->profile, ++ section, ++ USE_PAM_CONFIGURATION_KEYWORD, ++ NULL, ++ enabled, &enabled) != 0) { ++ enabled = 1; ++ } ++ } ++ return enabled; ++} ++ ++void ++appl_pam_cleanup(void) ++{ ++ if (getpid() != appl_pam_starter) { ++ return; ++ } ++#ifdef DEBUG ++ printf("Called to clean up PAM.\n"); ++#endif ++ if (appl_pam_creds_initialized) { ++#ifdef DEBUG ++ printf("Deleting PAM credentials.\n"); ++#endif ++ pam_setcred(appl_pamh, PAM_DELETE_CRED); ++ appl_pam_creds_initialized = 0; ++ } ++ if (appl_pam_session_opened) { ++#ifdef DEBUG ++ printf("Closing PAM session.\n"); ++#endif ++ pam_close_session(appl_pamh, 0); ++ appl_pam_session_opened = 0; ++ } ++ appl_pam_pwchange_required = 0; ++ if (appl_pam_started) { ++#ifdef DEBUG ++ printf("Shutting down PAM.\n"); ++#endif ++ pam_end(appl_pamh, 0); ++ appl_pam_started = 0; ++ appl_pam_starter = -1; ++ free(appl_pam_user); ++ appl_pam_user = NULL; ++ } ++} ++static int ++appl_pam_interactive_converse(int num_msg, const struct pam_message **msg, ++ struct pam_response **presp, void *appdata_ptr) ++{ ++ const struct pam_message *message; ++ struct pam_response *resp; ++ int i, code; ++ char *pwstring, pwbuf[MAXPWSIZE]; ++ unsigned int pwsize; ++ resp = malloc(sizeof(struct pam_response) * num_msg); ++ if (resp == NULL) { ++ return PAM_BUF_ERR; ++ } ++ memset(resp, 0, sizeof(struct pam_response) * num_msg); ++ code = PAM_SUCCESS; ++ for (i = 0; i < num_msg; i++) { ++ message = &(msg[0][i]); /* XXX */ ++ message = msg[i]; /* XXX */ ++ pwstring = NULL; ++ switch (message->msg_style) { ++ case PAM_TEXT_INFO: ++ case PAM_ERROR_MSG: ++ printf("[%s]\n", message->msg ? message->msg : ""); ++ fflush(stdout); ++ resp[i].resp = NULL; ++ resp[i].resp_retcode = PAM_SUCCESS; ++ break; ++ case PAM_PROMPT_ECHO_ON: ++ case PAM_PROMPT_ECHO_OFF: ++ if (message->msg_style == PAM_PROMPT_ECHO_ON) { ++ if (fgets(pwbuf, sizeof(pwbuf), ++ stdin) != NULL) { ++ pwbuf[strcspn(pwbuf, "\r\n")] = '\0'; ++ pwstring = pwbuf; ++ } ++ } else { ++ pwstring = getpass(message->msg ? ++ message->msg : ++ ""); ++ } ++ if ((pwstring != NULL) && (pwstring[0] != '\0')) { ++ pwsize = strlen(pwstring); ++ resp[i].resp = malloc(pwsize + 1); ++ if (resp[i].resp == NULL) { ++ resp[i].resp_retcode = PAM_BUF_ERR; ++ } else { ++ memcpy(resp[i].resp, pwstring, pwsize); ++ resp[i].resp[pwsize] = '\0'; ++ resp[i].resp_retcode = PAM_SUCCESS; ++ } ++ } else { ++ resp[i].resp_retcode = PAM_CONV_ERR; ++ code = PAM_CONV_ERR; ++ } ++ break; ++ default: ++ break; ++ } ++ } ++ *presp = resp; ++ return code; ++} ++static int ++appl_pam_non_interactive_converse(int num_msg, ++ const struct pam_message **msg, ++ struct pam_response **presp, ++ void *appdata_ptr) ++{ ++ const struct pam_message *message; ++ struct pam_response *resp; ++ int i, code; ++ unsigned int pwsize; ++ struct appl_pam_non_interactive_args *args; ++ const char *pwstring; ++ resp = malloc(sizeof(struct pam_response) * num_msg); ++ if (resp == NULL) { ++ return PAM_BUF_ERR; ++ } ++ args = appdata_ptr; ++ memset(resp, 0, sizeof(struct pam_response) * num_msg); ++ code = PAM_SUCCESS; ++ for (i = 0; i < num_msg; i++) { ++ message = &((*msg)[i]); ++ message = msg[i]; ++ pwstring = NULL; ++ switch (message->msg_style) { ++ case PAM_TEXT_INFO: ++ case PAM_ERROR_MSG: ++ break; ++ case PAM_PROMPT_ECHO_ON: ++ case PAM_PROMPT_ECHO_OFF: ++ if (message->msg_style == PAM_PROMPT_ECHO_ON) { ++ /* assume "user" */ ++ pwstring = args->user; ++ } else { ++ /* assume "password" */ ++ pwstring = args->password; ++ } ++ if ((pwstring != NULL) && (pwstring[0] != '\0')) { ++ pwsize = strlen(pwstring); ++ resp[i].resp = malloc(pwsize + 1); ++ if (resp[i].resp == NULL) { ++ resp[i].resp_retcode = PAM_BUF_ERR; ++ } else { ++ memcpy(resp[i].resp, pwstring, pwsize); ++ resp[i].resp[pwsize] = '\0'; ++ resp[i].resp_retcode = PAM_SUCCESS; ++ } ++ } else { ++ resp[i].resp_retcode = PAM_CONV_ERR; ++ code = PAM_CONV_ERR; ++ } ++ break; ++ default: ++ break; ++ } ++ } ++ *presp = resp; ++ return code; ++} ++static int ++appl_pam_start(const char *service, int interactive, ++ const char *login_username, ++ const char *non_interactive_password, ++ const char *hostname, ++ const char *ruser, ++ const char *tty) ++{ ++ static int exit_handler_registered; ++ static struct appl_pam_non_interactive_args args; ++ int ret = 0; ++ if (appl_pam_started && ++ (strcmp(login_username, appl_pam_user) != 0)) { ++ appl_pam_cleanup(); ++ appl_pam_user = NULL; ++ } ++ if (!appl_pam_started) { ++#ifdef DEBUG ++ printf("Starting PAM up (service=\"%s\",user=\"%s\").\n", ++ service, login_username); ++#endif ++ memset(&appl_pam_conv, 0, sizeof(appl_pam_conv)); ++ appl_pam_conv.conv = interactive ? ++ &appl_pam_interactive_converse : ++ &appl_pam_non_interactive_converse; ++ memset(&args, 0, sizeof(args)); ++ args.user = strdup(login_username); ++ args.password = non_interactive_password ? ++ strdup(non_interactive_password) : ++ NULL; ++ appl_pam_conv.appdata_ptr = &args; ++ ret = pam_start(service, login_username, ++ &appl_pam_conv, &appl_pamh); ++ if (ret == 0) { ++ if (hostname != NULL) { ++#ifdef DEBUG ++ printf("Setting PAM_RHOST to \"%s\".\n", hostname); ++#endif ++ pam_set_item(appl_pamh, PAM_RHOST, hostname); ++ } ++ if (ruser != NULL) { ++#ifdef DEBUG ++ printf("Setting PAM_RUSER to \"%s\".\n", ruser); ++#endif ++ pam_set_item(appl_pamh, PAM_RUSER, ruser); ++ } ++ if (tty != NULL) { ++#ifdef DEBUG ++ printf("Setting PAM_TTY to \"%s\".\n", tty); ++#endif ++ pam_set_item(appl_pamh, PAM_TTY, tty); ++ } ++ if (!exit_handler_registered && ++ (atexit(appl_pam_cleanup) != 0)) { ++ pam_end(appl_pamh, 0); ++ appl_pamh = NULL; ++ ret = -1; ++ } else { ++ appl_pam_started = 1; ++ appl_pam_starter = getpid(); ++ appl_pam_user = strdup(login_username); ++ exit_handler_registered = 1; ++ } ++ } ++ } ++ return ret; ++} ++int ++appl_pam_acct_mgmt(const char *service, int interactive, ++ const char *login_username, ++ const char *non_interactive_password, ++ const char *hostname, ++ const char *ruser, ++ const char *tty) ++{ ++ int ret; ++ appl_pam_pwchange_required = 0; ++ ret = appl_pam_start(service, interactive, login_username, ++ non_interactive_password, hostname, ruser, tty); ++ if (ret == 0) { ++#ifdef DEBUG ++ printf("Calling pam_acct_mgmt().\n"); ++#endif ++ ret = pam_acct_mgmt(appl_pamh, 0); ++ switch (ret) { ++ case PAM_IGNORE: ++ ret = 0; ++ break; ++ case PAM_NEW_AUTHTOK_REQD: ++ appl_pam_pwchange_required = 1; ++ ret = 0; ++ break; ++ default: ++ break; ++ } ++ } ++ return ret; ++} ++int ++appl_pam_requires_chauthtok(void) ++{ ++ return appl_pam_pwchange_required; ++} ++int ++appl_pam_session_open(void) ++{ ++ int ret = 0; ++ if (appl_pam_started) { ++#ifdef DEBUG ++ printf("Opening PAM session.\n"); ++#endif ++ ret = pam_open_session(appl_pamh, 0); ++ if (ret == 0) { ++ appl_pam_session_opened = 1; ++ } ++ } ++ return ret; ++} ++int ++appl_pam_setenv(void) ++{ ++ int ret = 0; ++#ifdef HAVE_PAM_GETENVLIST ++#ifdef HAVE_PUTENV ++ int i; ++ char **list; ++ if (appl_pam_started) { ++ list = pam_getenvlist(appl_pamh); ++ for (i = 0; ((list != NULL) && (list[i] != NULL)); i++) { ++#ifdef DEBUG ++ printf("Setting \"%s\" in environment.\n", list[i]); ++#endif ++ putenv(list[i]); ++ } ++ } ++#endif ++#endif ++ return ret; ++} ++int ++appl_pam_cred_init(void) ++{ ++ int ret = 0; ++ if (appl_pam_started) { ++#ifdef DEBUG ++ printf("Initializing PAM credentials.\n"); ++#endif ++ ret = pam_setcred(appl_pamh, PAM_ESTABLISH_CRED); ++ if (ret == 0) { ++ appl_pam_creds_initialized = 1; ++ } ++ } ++ return ret; ++} ++#endif +diff --git a/src/clients/ksu/pam.h b/src/clients/ksu/pam.h +new file mode 100644 +index 000000000..0ab76569c +--- /dev/null ++++ b/src/clients/ksu/pam.h +@@ -0,0 +1,57 @@ ++/* ++ * src/clients/ksu/pam.h ++ * ++ * Copyright 2007,2009,2010 Red Hat, Inc. ++ * ++ * All Rights Reserved. ++ * ++ * Redistribution and use in source and binary forms, with or without ++ * modification, are permitted provided that the following conditions are met: ++ * ++ * Redistributions of source code must retain the above copyright notice, this ++ * list of conditions and the following disclaimer. ++ * ++ * Redistributions in binary form must reproduce the above copyright notice, ++ * this list of conditions and the following disclaimer in the documentation ++ * and/or other materials provided with the distribution. ++ * ++ * Neither the name of Red Hat, Inc. nor the names of its contributors may be ++ * used to endorse or promote products derived from this software without ++ * specific prior written permission. ++ * ++ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" ++ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE ++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ++ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE ++ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR ++ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF ++ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS ++ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN ++ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE ++ * POSSIBILITY OF SUCH DAMAGE. ++ * ++ * Convenience wrappers for using PAM. ++ */ ++ ++#include ++#ifdef HAVE_SECURITY_PAM_APPL_H ++#include ++#endif ++ ++#define USE_PAM_CONFIGURATION_KEYWORD "use_pam" ++ ++#ifdef USE_PAM ++int appl_pam_enabled(krb5_context context, const char *section); ++int appl_pam_acct_mgmt(const char *service, int interactive, ++ const char *local_username, ++ const char *non_interactive_password, ++ const char *hostname, ++ const char *ruser, ++ const char *tty); ++int appl_pam_requires_chauthtok(void); ++int appl_pam_session_open(void); ++int appl_pam_setenv(void); ++int appl_pam_cred_init(void); ++void appl_pam_cleanup(void); ++#endif +diff --git a/src/configure.ac b/src/configure.ac +index 4eb080784..693f76a81 100644 +--- a/src/configure.ac ++++ b/src/configure.ac +@@ -1389,6 +1389,8 @@ AC_SUBST([VERTO_VERSION]) + + AC_PATH_PROG(GROFF, groff) + ++KRB5_WITH_PAM ++ + # Make localedir work in autoconf 2.5x. + if test "${localedir+set}" != set; then + localedir='$(datadir)/locale' diff --git a/SOURCES/downstream-netlib-and-dns.patch b/SOURCES/downstream-netlib-and-dns.patch new file mode 100644 index 0000000..de4f9bf --- /dev/null +++ b/SOURCES/downstream-netlib-and-dns.patch @@ -0,0 +1,24 @@ +From ad123366e5fb2694cf6d9f4f292a001a761b78fa Mon Sep 17 00:00:00 2001 +From: Robbie Harwood +Date: Tue, 23 Aug 2016 16:46:21 -0400 +Subject: [PATCH] [downstream] netlib and dns + +We want to be able to use --with-netlib and --enable-dns at the same time. + +Last-updated: krb5-1.3.1 +--- + src/aclocal.m4 | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/aclocal.m4 b/src/aclocal.m4 +index 5afb96e58..4a4d460e3 100644 +--- a/src/aclocal.m4 ++++ b/src/aclocal.m4 +@@ -718,6 +718,7 @@ AC_HELP_STRING([--with-netlib=LIBS], use user defined resolver library), + LIBS="$LIBS $withval" + AC_MSG_RESULT("netlib will use \'$withval\'") + fi ++ KRB5_AC_ENABLE_DNS + ],dnl + [AC_LIBRARY_NET] + )])dnl diff --git a/SOURCES/kadm5.acl b/SOURCES/kadm5.acl new file mode 100644 index 0000000..dc93eb0 --- /dev/null +++ b/SOURCES/kadm5.acl @@ -0,0 +1 @@ +*/admin@EXAMPLE.COM * diff --git a/SOURCES/kadmin.service b/SOURCES/kadmin.service new file mode 100644 index 0000000..daa08b1 --- /dev/null +++ b/SOURCES/kadmin.service @@ -0,0 +1,15 @@ +[Unit] +Description=Kerberos 5 Password-changing and Administration +Wants=network-online.target +After=syslog.target network.target network-online.target +AssertPathExists=!/var/kerberos/krb5kdc/kpropd.acl + +[Service] +Type=forking +PIDFile=/run/kadmind.pid +EnvironmentFile=-/etc/sysconfig/kadmin +ExecStart=/usr/sbin/kadmind -P /run/kadmind.pid $KADMIND_ARGS +ExecReload=/bin/kill -HUP $MAINPID + +[Install] +WantedBy=multi-user.target diff --git a/SOURCES/kadmin.sysconfig b/SOURCES/kadmin.sysconfig new file mode 100644 index 0000000..fa72039 --- /dev/null +++ b/SOURCES/kadmin.sysconfig @@ -0,0 +1 @@ +KADMIND_ARGS= diff --git a/SOURCES/kadmind.logrotate b/SOURCES/kadmind.logrotate new file mode 100644 index 0000000..f00aa4d --- /dev/null +++ b/SOURCES/kadmind.logrotate @@ -0,0 +1,9 @@ +/var/log/kadmind.log { + missingok + notifempty + monthly + rotate 12 + postrotate + systemctl reload kadmin.service || true + endscript +} diff --git a/SOURCES/kdc.conf b/SOURCES/kdc.conf new file mode 100644 index 0000000..5d1571d --- /dev/null +++ b/SOURCES/kdc.conf @@ -0,0 +1,14 @@ +[kdcdefaults] + kdc_ports = 88 + kdc_tcp_ports = 88 + spake_preauth_kdc_challenge = edwards25519 + +[realms] +EXAMPLE.COM = { + #master_key_type = aes256-cts + acl_file = /var/kerberos/krb5kdc/kadm5.acl + dict_file = /usr/share/dict/words + default_principal_flags = +preauth + admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab + supported_enctypes = aes256-cts:normal aes128-cts:normal arcfour-hmac:normal camellia256-cts:normal camellia128-cts:normal +} diff --git a/SOURCES/kprop.service b/SOURCES/kprop.service new file mode 100644 index 0000000..7b5d4b9 --- /dev/null +++ b/SOURCES/kprop.service @@ -0,0 +1,13 @@ +[Unit] +Description=Kerberos 5 Propagation +Wants=network-online.target +After=syslog.target network.target network-online.target +AssertPathExists=/var/kerberos/krb5kdc/kpropd.acl + +[Service] +Type=forking +EnvironmentFile=-/etc/sysconfig/kprop +ExecStart=/usr/sbin/kpropd $KPROPD_ARGS + +[Install] +WantedBy=multi-user.target diff --git a/SOURCES/kprop.sysconfig b/SOURCES/kprop.sysconfig new file mode 100644 index 0000000..f43e8bb --- /dev/null +++ b/SOURCES/kprop.sysconfig @@ -0,0 +1 @@ +KPROPD_ARGS= diff --git a/SOURCES/krb5-1.19.1.tar.gz.asc b/SOURCES/krb5-1.19.1.tar.gz.asc new file mode 100644 index 0000000..dbd55f2 --- /dev/null +++ b/SOURCES/krb5-1.19.1.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEExEk8tzn0qJ+YUsvCDLoIV1+Dct8FAmAuntAACgkQDLoIV1+D +ct8TIhAArFittFBcz4ZfMxqhHVGdK6kOeQXrrV27d3FW6y28BvS7yHJ8CkyK+I3g +4rsaaf7srkH8jaiCjmjHC2rWJIuceOwkD4GRqXtb2CiqKxXI9eZ+g9ipB7DGKixg ++1nki7mOhd3oaeUkCRFXgyiOqSE/ird7/itLYzEoAroLpTazNp6Kk4gXmhJIENlq +dj1God+JxhuwzzWZRdsy2SyvMQPQMOTIilsXRboObZFvPrhZKkJmgNm+RzU/YRSg +/1Po7takBXq8qhgnwPHTnTPb+BYRdrqQc/a2WcmEdgbzeMpijNmkFsgAFeKDijSz +1nmFO4SQd/rAfgUovkDd+GMAYZ6DCLFqoI/WeKOgCrRMxJMMRbLlr48bTvMwjuIl +xE5gy8h2Iju/UP1lxz8KheCm/FyNzNw4pe74zbGgK5fdiEQ8xNlKZOs9LRrtvyfL +j1G+IX6cK+5yTo/NceYjnHVAatbuW6C6xJmsIQ1GYdMPvto7Wctq/4/BmwxqgFAJ +HCPuQgAGi875JpPYvi/c3tioRiIPwOz54CXCrcFyKELvgHi6lGN6MRNSzAP4QdA0 +HlXZQ4/4NFOJxjLGu9ZXKUbYPaGizhI+ayzg5/RJLHPIgW7yLvwFqkBIa1xs26bA +xiP5JKuDC4mqDPwVjwpufkUBH6SoBFnbiIWEYSKVPLJFw+Dbhv0= +=PP6r +-----END PGP SIGNATURE----- diff --git a/SOURCES/krb5-krb5kdc.conf b/SOURCES/krb5-krb5kdc.conf new file mode 100644 index 0000000..5160b28 --- /dev/null +++ b/SOURCES/krb5-krb5kdc.conf @@ -0,0 +1 @@ +d /run/krb5kdc 0755 root root diff --git a/SOURCES/krb5.conf b/SOURCES/krb5.conf new file mode 100644 index 0000000..5e474d1 --- /dev/null +++ b/SOURCES/krb5.conf @@ -0,0 +1,30 @@ +# To opt out of the system crypto-policies configuration of krb5, remove the +# symlink at /etc/krb5.conf.d/crypto-policies which will not be recreated. +includedir /etc/krb5.conf.d/ + +[logging] + default = FILE:/var/log/krb5libs.log + kdc = FILE:/var/log/krb5kdc.log + admin_server = FILE:/var/log/kadmind.log + +[libdefaults] + dns_lookup_realm = false + ticket_lifetime = 24h + renew_lifetime = 7d + forwardable = true + rdns = false + pkinit_anchors = FILE:/etc/pki/tls/certs/ca-bundle.crt + spake_preauth_groups = edwards25519 + dns_canonicalize_hostname = fallback + qualify_shortname = "" +# default_realm = EXAMPLE.COM + +[realms] +# EXAMPLE.COM = { +# kdc = kerberos.example.com +# admin_server = kerberos.example.com +# } + +[domain_realm] +# .example.com = EXAMPLE.COM +# example.com = EXAMPLE.COM diff --git a/SOURCES/krb5kdc.logrotate b/SOURCES/krb5kdc.logrotate new file mode 100644 index 0000000..cfc4539 --- /dev/null +++ b/SOURCES/krb5kdc.logrotate @@ -0,0 +1,9 @@ +/var/log/krb5kdc.log { + missingok + notifempty + monthly + rotate 12 + postrotate + systemctl reload krb5kdc.service || true + endscript +} diff --git a/SOURCES/krb5kdc.service b/SOURCES/krb5kdc.service new file mode 100644 index 0000000..40e23d6 --- /dev/null +++ b/SOURCES/krb5kdc.service @@ -0,0 +1,14 @@ +[Unit] +Description=Kerberos 5 KDC +Wants=network-online.target +After=syslog.target network.target network-online.target + +[Service] +Type=forking +PIDFile=/run/krb5kdc.pid +EnvironmentFile=-/etc/sysconfig/krb5kdc +ExecStart=/usr/sbin/krb5kdc -P /run/krb5kdc.pid $KRB5KDC_ARGS +ExecReload=/bin/kill -HUP $MAINPID + +[Install] +WantedBy=multi-user.target diff --git a/SOURCES/krb5kdc.sysconfig b/SOURCES/krb5kdc.sysconfig new file mode 100644 index 0000000..791216d --- /dev/null +++ b/SOURCES/krb5kdc.sysconfig @@ -0,0 +1 @@ +KRB5KDC_ARGS= diff --git a/SOURCES/ksu.pamd b/SOURCES/ksu.pamd new file mode 100644 index 0000000..66f5b2c --- /dev/null +++ b/SOURCES/ksu.pamd @@ -0,0 +1,4 @@ +#%PAM-1.0 +auth include su +account include su +session include su diff --git a/SPECS/krb5.spec b/SPECS/krb5.spec new file mode 100644 index 0000000..c970b4c --- /dev/null +++ b/SPECS/krb5.spec @@ -0,0 +1,4095 @@ +%bcond_without check +%if %{without check} +%global skipcheck 1 +%endif + +# COPR doesn't work right with the tests. I suspect keyring issues, +# but can't actually debug, so... +%if 0%{?copr_username:1} +%global skipcheck 1 +%endif + +# There are 0 test machines for this architecture, very few builders, and +# they're not very well provisioned / maintained. I can't support it. +# Patches welcome, but there's nothing I can do - it fails more than half the +# for "infrastructure issues" that I can't hope to debug. +%ifarch s390x +%global skipcheck 1 +%endif + +# RHEL runs upstream's test suite in a separate pass after build. +%if 0%{?rhel} +%global skipcheck 1 +%endif + +# Set this so that find-lang.sh will recognize the .po files. +%global gettext_domain mit-krb5 +# Guess where the -libs subpackage's docs are going to go. +%define libsdocdir %{?_pkgdocdir:%(echo %{_pkgdocdir} | sed -e s,krb5,krb5-libs,g)}%{!?_pkgdocdir:%{_docdir}/%{name}-libs-%{version}} +# Figure out where the default ccache lives and how we set it. +%global configure_default_ccache_name 1 +%global configured_default_ccache_name KEYRING:persistent:%%{uid} + +# for prereleases, % global prerelease beta1 +%if %{defined prerelease} +%global dashpre -%{prerelease} +%global zdpd 0.%{prerelease}. +%endif + +# Should be in form 5.0, 6.1, etc. +%global kdbversion 8.0 + +Summary: The Kerberos network authentication system +Name: krb5 +Version: 1.19.1 +Release: %{?zdpd}11%{?dist}.1 + +# rharwood has trust path to signing key and verifies on check-in +Source0: https://web.mit.edu/kerberos/dist/krb5/%{version}/krb5-%{version}%{?dashpre}.tar.gz +Source1: https://web.mit.edu/kerberos/dist/krb5/%{version}/krb5-%{version}%{?dashpre}.tar.gz.asc + +# Numbering is a relic of old init systems etc. It's easiest to just leave. +Source2: kprop.service +Source4: kadmin.service +Source5: krb5kdc.service +Source6: krb5.conf +Source10: kdc.conf +Source11: kadm5.acl +Source19: krb5kdc.sysconfig +Source20: kadmin.sysconfig +Source21: kprop.sysconfig +Source29: ksu.pamd +Source33: krb5kdc.logrotate +Source34: kadmind.logrotate +Source39: krb5-krb5kdc.conf + +Patch0: downstream-ksu-pam-integration.patch +Patch1: downstream-SELinux-integration.patch +Patch3: downstream-netlib-and-dns.patch +Patch4: downstream-fix-debuginfo-with-y.tab.c.patch +Patch5: downstream-Remove-3des-support.patch +Patch7: downstream-FIPS-with-PRNG-and-RADIUS-and-MD4.patch +Patch8: Add-APIs-for-marshalling-credentials.patch +Patch9: Add-hostname-canonicalization-helper-to-k5test.py.patch +Patch10: Support-host-based-GSS-initiator-names.patch +Patch11: Fix-softpkcs11-build-issues-with-openssl-3.0.patch +Patch12: Remove-deprecated-OpenSSL-calls-from-softpkcs11.patch +Patch13: Fix-k5tls-module-for-OpenSSL-3.patch +Patch14: Add-buildsystem-detection-of-the-OpenSSL-3-KDF-inter.patch +Patch15: Use-OpenSSL-s-SSKDF-in-PKINIT-when-available.patch +Patch16: Use-OpenSSL-s-KBKDF-and-KRB5KDF-for-deriving-long-te.patch +Patch17: Handle-OpenSSL-3-s-providers.patch +Patch18: Add-KCM_OP_GET_CRED_LIST-for-faster-iteration.patch +Patch19: Fix-KCM-flag-transmission-for-remove_cred.patch +Patch20: Make-KCM-iteration-fallback-work-with-sssd-kcm.patch +Patch21: Use-KCM_OP_RETRIEVE-in-KCM-client.patch +Patch22: Fix-KCM-retrieval-support-for-sssd.patch +Patch23: Move-some-dejagnu-kadmin-tests-to-Python-tests.patch +Patch24: Fix-some-principal-realm-canonicalization-cases.patch +Patch25: Allow-kinit-with-keytab-to-defer-canonicalization.patch +Patch26: Fix-kadmin-k-with-fallback-or-referral-realm.patch +Patch27: Fix-KDC-null-deref-on-bad-encrypted-challenge.patch + +License: MIT +URL: https://web.mit.edu/kerberos/www/ +BuildRequires: autoconf, bison, make, flex, gawk, gettext, pkgconfig, sed +BuildRequires: gcc, gcc-c++ +BuildRequires: libcom_err-devel, libedit-devel, libss-devel +BuildRequires: gzip, ncurses-devel +BuildRequires: python3, python3-sphinx +BuildRequires: keyutils, keyutils-libs-devel >= 1.5.8 +BuildRequires: libselinux-devel +BuildRequires: pam-devel +BuildRequires: systemd-units +BuildRequires: tcl-devel +BuildRequires: libverto-devel +BuildRequires: openldap-devel +BuildRequires: lmdb-devel +BuildRequires: perl-interpreter + +# For autosetup +BuildRequires: git + +%if 0%{?skipcheck} +%else +BuildRequires: dejagnu +BuildRequires: net-tools, rpcbind +BuildRequires: hostname +BuildRequires: iproute +BuildRequires: python3-pyrad +%endif + +# Need KDFs. This is the "real" version +BuildRequires: openssl-devel >= 1:3.0.0 + +%description +Kerberos V5 is a trusted-third-party network authentication system, +which can improve your network's security by eliminating the insecure +practice of sending passwords over the network in unencrypted form. + +%package devel +Summary: Development files needed to compile Kerberos 5 programs +Requires: %{name}-libs%{?_isa} = %{version}-%{release} +Requires: libkadm5%{?_isa} = %{version}-%{release} +Requires: libcom_err-devel +Requires: keyutils-libs-devel, libselinux-devel +Requires: libverto-devel +Provides: krb5-kdb-devel-version = %{kdbversion} +# IPA wants ^ to be a separate symbol because they don't trust package +# managers to match -server and -devel in version. Just go with it. + +%description devel +Kerberos is a network authentication system. The krb5-devel package +contains the header files and libraries needed for compiling Kerberos +5 programs. If you want to develop Kerberos-aware programs, you need +to install this package. + +%package libs +Summary: The non-admin shared libraries used by Kerberos 5 +Requires: openssl-libs >= 1:3.0.0 +Requires: coreutils, gawk, grep, sed +Requires: keyutils-libs >= 1.5.8 +Requires: /etc/crypto-policies/back-ends/krb5.config + +%description libs +Kerberos is a network authentication system. The krb5-libs package +contains the shared libraries needed by Kerberos 5. If you are using +Kerberos, you need to install this package. + +%package server +Summary: The KDC and related programs for Kerberos 5 +Requires: %{name}-libs%{?_isa} = %{version}-%{release} +Requires: %{name}-pkinit%{?_isa} = %{version}-%{release} +Requires(post): systemd-units +Requires(preun): systemd-units +Requires(postun): systemd-units +# we drop files in its directory, but we don't want to own that directory +Requires: logrotate +# we specify /usr/share/dict/words as the default dict_file in kdc.conf +Requires: /usr/share/dict/words +# for run-time, and for parts of the test suite +BuildRequires: libverto-module-base +Requires: libverto-module-base +Requires: libkadm5%{?_isa} = %{version}-%{release} +Provides: krb5-kdb-version = %{kdbversion} + +%description server +Kerberos is a network authentication system. The krb5-server package +contains the programs that must be installed on a Kerberos 5 key +distribution center (KDC). If you are installing a Kerberos 5 KDC, +you need to install this package (in other words, most people should +NOT install this package). + +%package server-ldap +Summary: The LDAP storage plugin for the Kerberos 5 KDC +Requires: %{name}-server%{?_isa} = %{version}-%{release} +Requires: %{name}-libs%{?_isa} = %{version}-%{release} +Requires: libkadm5%{?_isa} = %{version}-%{release} + +%description server-ldap +Kerberos is a network authentication system. The krb5-server package +contains the programs that must be installed on a Kerberos 5 key +distribution center (KDC). If you are installing a Kerberos 5 KDC, +and you wish to use a directory server to store the data for your +realm, you need to install this package. + +%package workstation +Summary: Kerberos 5 programs for use on workstations +Requires: %{name}-libs%{?_isa} = %{version}-%{release} +Requires: %{name}-pkinit%{?_isa} = %{version}-%{release} +Requires: libkadm5%{?_isa} = %{version}-%{release} + +%description workstation +Kerberos is a network authentication system. The krb5-workstation +package contains the basic Kerberos programs (kinit, klist, kdestroy, +kpasswd). If your network uses Kerberos, this package should be +installed on every workstation. + +%package pkinit +Summary: The PKINIT module for Kerberos 5 +Requires: %{name}-libs%{?_isa} = %{version}-%{release} +Obsoletes: krb5-pkinit-openssl < %{version}-%{release} +Provides: krb5-pkinit-openssl = %{version}-%{release} + +%description pkinit +Kerberos is a network authentication system. The krb5-pkinit +package contains the PKINIT plugin, which allows clients +to obtain initial credentials from a KDC using a private key and a +certificate. + +%package -n libkadm5 +Summary: Kerberos 5 Administrative libraries +Requires: %{name}-libs%{?_isa} = %{version}-%{release} + +%description -n libkadm5 +Kerberos is a network authentication system. The libkadm5 package +contains only the libkadm5clnt and libkadm5serv shared objects. This +interface is not considered stable. + +%prep +%autosetup -S git_am -n %{name}-%{version}%{?dashpre} +ln NOTICE LICENSE + +# Generate an FDS-compatible LDIF file. +inldif=src/plugins/kdb/ldap/libkdb_ldap/kerberos.ldif +cat > '60kerberos.ldif' << EOF +# This is a variation on kerberos.ldif which 389 Directory Server will like. +dn: cn=schema +EOF +grep -Eiv '(^$|^dn:|^changetype:|^add:)' $inldif >> 60kerberos.ldif +touch -r $inldif 60kerberos.ldif + +# Rebuild the configure scripts. +pushd src +autoreconf -fiv +popd + +# Mess with some of the default ports that we use for testing, so that multiple +# builds going on the same host don't step on each other. +cfg="src/kadmin/testing/proto/kdc.conf.proto \ + src/kadmin/testing/proto/krb5.conf.proto \ + src/lib/kadm5/unit-test/api.current/init-v2.exp \ + src/util/k5test.py" +LONG_BIT=`getconf LONG_BIT` +PORT=`expr 61000 + $LONG_BIT - 48` +sed -i -e s,61000,`expr "$PORT" + 0`,g $cfg +PORT=`expr 1750 + $LONG_BIT - 48` +sed -i -e s,1750,`expr "$PORT" + 0`,g $cfg +sed -i -e s,1751,`expr "$PORT" + 1`,g $cfg +sed -i -e s,1752,`expr "$PORT" + 2`,g $cfg +PORT=`expr 8888 + $LONG_BIT - 48` +sed -i -e s,8888,`expr "$PORT" - 0`,g $cfg +sed -i -e s,8887,`expr "$PORT" - 1`,g $cfg +sed -i -e s,8886,`expr "$PORT" - 2`,g $cfg +PORT=`expr 7777 + $LONG_BIT - 48` +sed -i -e s,7777,`expr "$PORT" + 0`,g $cfg +sed -i -e s,7778,`expr "$PORT" + 1`,g $cfg + +%build +# Go ahead and supply tcl info, because configure doesn't know how to find it. +source %{_libdir}/tclConfig.sh +pushd src + +# This should be safe to remove once we have autoconf >= 2.70 +export runstatedir=/run + +# Work out the CFLAGS and CPPFLAGS which we intend to use. +INCLUDES=-I%{_includedir}/et +CFLAGS="`echo $RPM_OPT_FLAGS $DEFINES $INCLUDES -fPIC -fno-strict-aliasing -fstack-protector-all`" +CPPFLAGS="`echo $DEFINES $INCLUDES`" +%configure \ + CC="%{__cc}" \ + CFLAGS="$CFLAGS" \ + CPPFLAGS="$CPPFLAGS" \ + SS_LIB="-lss" \ + --enable-shared \ + --runstatedir=/run \ + --localstatedir=%{_var}/kerberos \ + --disable-rpath \ + --without-krb5-config \ + --with-system-et \ + --with-system-ss \ + --with-netlib=-lresolv \ + --with-tcl \ + --enable-dns-for-realm \ + --with-ldap \ + --with-dirsrv-account-locking \ + --enable-pkinit \ + --with-crypto-impl=openssl \ + --with-tls-impl=openssl \ + --with-system-verto \ + --with-pam \ + --with-selinux \ + --with-prng-alg=os \ + --with-lmdb \ + || (cat config.log; exit 1) + +# Sanity check the KDC_RUN_DIR. +pushd include +make osconf.h +popd +configured_dir=`grep KDC_RUN_DIR include/osconf.h | awk '{print $NF}'` +configured_dir=`eval echo $configured_dir` +if test "$configured_dir" != /run/krb5kdc ; then + echo Failed to configure KDC_RUN_DIR. + exit 1 +fi + +# Build fast, but get better errors if we fail +make %{?_smp_mflags} || make -j1 +popd + +# Build the docs. +make -C src/doc paths.py version.py +cp src/doc/paths.py doc/ +mkdir -p build-man build-html +sphinx-build -a -b man -t pathsubs doc build-man +sphinx-build -a -b html -t pathsubs doc build-html +rm -fr build-html/_sources + +%if 0%{?skipcheck} +%else +%check +pushd src + +# The build system may give us a revoked session keyring, so run affected +# tests with a new one. +keyctl session - make check OFFLINE=yes TMPDIR=%{_tmppath} +popd +%endif + +%install +[ "$RPM_BUILD_ROOT" != '/' ] && rm -rf -- "$RPM_BUILD_ROOT" + +# Sample KDC config files (bundled kdc.conf and kadm5.acl). +mkdir -p $RPM_BUILD_ROOT%{_var}/kerberos/krb5kdc +install -pm 600 %{SOURCE10} $RPM_BUILD_ROOT%{_var}/kerberos/krb5kdc/ +install -pm 600 %{SOURCE11} $RPM_BUILD_ROOT%{_var}/kerberos/krb5kdc/ + +# Where per-user keytabs live by default. +mkdir -p $RPM_BUILD_ROOT%{_var}/kerberos/krb5/user + +# Default configuration file for everything. +mkdir -p $RPM_BUILD_ROOT/etc +install -pm 644 %{SOURCE6} $RPM_BUILD_ROOT/etc/krb5.conf + +# Default include on this directory +mkdir -p $RPM_BUILD_ROOT/etc/krb5.conf.d +ln -sv /etc/crypto-policies/back-ends/krb5.config $RPM_BUILD_ROOT/etc/krb5.conf.d/crypto-policies + +# Parent of configuration file for list of loadable GSS mechs ("mechs"). This +# location is not relative to sysconfdir, but is hard-coded in g_initialize.c. +mkdir -m 755 -p $RPM_BUILD_ROOT/etc/gss +# Parent of groups of configuration files for a list of loadable GSS mechs +# ("mechs"). This location is not relative to sysconfdir, and is also +# hard-coded in g_initialize.c. +mkdir -m 755 -p $RPM_BUILD_ROOT/etc/gss/mech.d + +# If the default configuration needs to start specifying a default cache +# location, add it now, then fixup the timestamp so that it looks the same. +%if 0%{?configure_default_ccache_name} +export DEFCCNAME="%{configured_default_ccache_name}" +awk '{print} + /^# default_realm/{print " default_ccache_name =", ENVIRON["DEFCCNAME"]}' \ + %{SOURCE6} > $RPM_BUILD_ROOT/etc/krb5.conf +touch -r %{SOURCE6} $RPM_BUILD_ROOT/etc/krb5.conf +grep default_ccache_name $RPM_BUILD_ROOT/etc/krb5.conf +%endif + +# Server init scripts (krb5kdc,kadmind,kpropd) and their sysconfig files. +mkdir -p $RPM_BUILD_ROOT%{_unitdir} +for unit in \ + %{SOURCE5}\ + %{SOURCE4} \ + %{SOURCE2} ; do + # In the past, the init script was supposed to be named after the service + # that the started daemon provided. Changing their names is an + # upgrade-time problem I'm in no hurry to deal with. + install -pm 644 ${unit} $RPM_BUILD_ROOT%{_unitdir} +done +mkdir -p $RPM_BUILD_ROOT/%{_tmpfilesdir} +install -pm 644 %{SOURCE39} $RPM_BUILD_ROOT/%{_tmpfilesdir}/ +mkdir -p $RPM_BUILD_ROOT/%{_localstatedir}/run/krb5kdc + +mkdir -p $RPM_BUILD_ROOT/etc/sysconfig +for sysconfig in %{SOURCE19} %{SOURCE20} %{SOURCE21} ; do + install -pm 644 ${sysconfig} \ + $RPM_BUILD_ROOT/etc/sysconfig/`basename ${sysconfig} .sysconfig` +done + +# logrotate configuration files +mkdir -p $RPM_BUILD_ROOT/etc/logrotate.d/ +for logrotate in \ + %{SOURCE33} \ + %{SOURCE34} ; do + install -pm 644 ${logrotate} \ + $RPM_BUILD_ROOT/etc/logrotate.d/`basename ${logrotate} .logrotate` +done + +# PAM configuration files. +mkdir -p $RPM_BUILD_ROOT/etc/pam.d/ +for pam in %{SOURCE29} ; do + install -pm 644 ${pam} \ + $RPM_BUILD_ROOT/etc/pam.d/`basename ${pam} .pamd` +done + +# Plug-in directories. +install -pdm 755 $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/preauth +install -pdm 755 $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/kdb +install -pdm 755 $RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/authdata + +# The rest of the binaries, headers, libraries, and docs. +%make_install -C src EXAMPLEDIR=%{libsdocdir}/examples + +# Munge krb5-config yet again. This is totally wrong for 64-bit, but chunks +# of the buildconf patch already conspire to strip out /usr/ from the +# list of link flags, and it helps prevent file conflicts on multilib systems. +sed -r -i -e 's|^libdir=/usr/lib(64)?$|libdir=/usr/lib|g' $RPM_BUILD_ROOT%{_bindir}/krb5-config + +# Temporay workaround for krb5-config reading too much from LDFLAGS. +# Upstream: http://krbdev.mit.edu/rt/Ticket/Display.html?id=8159 +sed -r -i -e "s/-specs=\/.+?\/redhat-hardened-ld//g" $RPM_BUILD_ROOT%{_bindir}/krb5-config + +if [[ "$(< $RPM_BUILD_ROOT%{_bindir}/krb5-config )" == *redhat-hardened-ld* ]] ; then + printf '# redhat-hardened-ld for krb5-config failed' 1>&2 + exit 1 +fi + +# Install processed man pages. +for section in 1 5 8 ; do + install -m 644 build-man/*.${section} \ + $RPM_BUILD_ROOT/%{_mandir}/man${section}/ +done + +# I'm tired of warnings about these not having man pages +rm -- "$RPM_BUILD_ROOT/%{_sbindir}/krb5-send-pr" +rm -- "$RPM_BUILD_ROOT/%{_sbindir}/sim_server" +rm -- "$RPM_BUILD_ROOT/%{_sbindir}/gss-server" +rm -- "$RPM_BUILD_ROOT/%{_sbindir}/uuserver" +rm -- "$RPM_BUILD_ROOT/%{_bindir}/sim_client" +rm -- "$RPM_BUILD_ROOT/%{_bindir}/gss-client" +rm -- "$RPM_BUILD_ROOT/%{_bindir}/uuclient" + +# These files are already packaged elsewhere +rm -- "$RPM_BUILD_ROOT/%{_docdir}/krb5-libs/examples/kdc.conf" +rm -- "$RPM_BUILD_ROOT/%{_docdir}/krb5-libs/examples/krb5.conf" +rm -- "$RPM_BUILD_ROOT/%{_docdir}/krb5-libs/examples/services.append" + +# This is only needed for tests +rm -- "$RPM_BUILD_ROOT/%{_libdir}/krb5/plugins/preauth/test.so" + +%find_lang %{gettext_domain} + +%ldconfig_scriptlets libs + +%triggerun libs -- krb5-libs < 1.15.1-5 +if ! grep -q 'includedir /etc/krb5.conf.d' /etc/krb5.conf ; then + sed -i '1i # To opt out of the system crypto-policies configuration of krb5, remove the\n# symlink at /etc/krb5.conf.d/crypto-policies which will not be recreated.\nincludedir /etc/krb5.conf.d/\n' /etc/krb5.conf +fi +exit 0 + +%ldconfig_scriptlets server-ldap + +%post server +%systemd_post krb5kdc.service kadmin.service kprop.service +# assert sanity. A cleaner solution probably exists but it is opaque +/bin/systemctl daemon-reload +exit 0 + +%preun server +%systemd_preun krb5kdc.service kadmin.service kprop.service +exit 0 + +%postun server +%systemd_postun_with_restart krb5kdc.service kadmin.service kprop.service +exit 0 + +%ldconfig_scriptlets -n libkadm5 + +%files workstation +%doc src/config-files/services.append +%doc src/config-files/krb5.conf +%doc build-html/* +%attr(0755,root,root) %doc src/config-files/convert-config-files + +# Clients of the KDC, including tools you're likely to need if you're running +# app servers other than those built from this source package. +%{_bindir}/kdestroy +%{_mandir}/man1/kdestroy.1* +%{_bindir}/kinit +%{_mandir}/man1/kinit.1* +%{_bindir}/klist +%{_mandir}/man1/klist.1* +%{_bindir}/kpasswd +%{_mandir}/man1/kpasswd.1* +%{_bindir}/kswitch +%{_mandir}/man1/kswitch.1* + +%{_bindir}/kvno +%{_mandir}/man1/kvno.1* +%{_bindir}/kadmin +%{_mandir}/man1/kadmin.1* +%{_bindir}/k5srvutil +%{_mandir}/man1/k5srvutil.1* +%{_bindir}/ktutil +%{_mandir}/man1/ktutil.1* + +# Doesn't really fit anywhere else. +%attr(4755,root,root) %{_bindir}/ksu +%{_mandir}/man1/ksu.1* +%config(noreplace) /etc/pam.d/ksu + +%files server +%docdir %{_mandir} +%doc src/config-files/kdc.conf +%{_unitdir}/krb5kdc.service +%{_unitdir}/kadmin.service +%{_unitdir}/kprop.service +%{_tmpfilesdir}/krb5-krb5kdc.conf +%dir %{_localstatedir}/run/krb5kdc +%config(noreplace) /etc/sysconfig/krb5kdc +%config(noreplace) /etc/sysconfig/kadmin +%config(noreplace) /etc/sysconfig/kprop +%config(noreplace) /etc/logrotate.d/krb5kdc +%config(noreplace) /etc/logrotate.d/kadmind + +%dir %{_var}/kerberos +%dir %{_var}/kerberos/krb5kdc +%config(noreplace) %{_var}/kerberos/krb5kdc/kdc.conf +%config(noreplace) %{_var}/kerberos/krb5kdc/kadm5.acl + +%dir %{_libdir}/krb5 +%dir %{_libdir}/krb5/plugins +%dir %{_libdir}/krb5/plugins/kdb +%dir %{_libdir}/krb5/plugins/preauth +%dir %{_libdir}/krb5/plugins/authdata +%{_libdir}/krb5/plugins/preauth/otp.so +%{_libdir}/krb5/plugins/kdb/db2.so +%{_libdir}/krb5/plugins/kdb/klmdb.so + +# KDC binaries and configuration. +%{_mandir}/man5/kadm5.acl.5* +%{_mandir}/man5/kdc.conf.5* +%{_sbindir}/kadmin.local +%{_mandir}/man8/kadmin.local.8* +%{_sbindir}/kadmind +%{_mandir}/man8/kadmind.8* +%{_sbindir}/kdb5_util +%{_mandir}/man8/kdb5_util.8* +%{_sbindir}/kprop +%{_mandir}/man8/kprop.8* +%{_sbindir}/kpropd +%{_mandir}/man8/kpropd.8* +%{_sbindir}/kproplog +%{_mandir}/man8/kproplog.8* +%{_sbindir}/krb5kdc +%{_mandir}/man8/krb5kdc.8* + +# This is here for people who want to test their server. It was formerly also +# included in -devel. +%{_bindir}/sclient +%{_mandir}/man1/sclient.1* +%{_sbindir}/sserver +%{_mandir}/man8/sserver.8* + +%files server-ldap +%docdir %{_mandir} +%doc src/plugins/kdb/ldap/libkdb_ldap/kerberos.ldif +%doc src/plugins/kdb/ldap/libkdb_ldap/kerberos.schema +%doc 60kerberos.ldif +%dir %{_libdir}/krb5 +%dir %{_libdir}/krb5/plugins +%dir %{_libdir}/krb5/plugins/kdb +%{_libdir}/krb5/plugins/kdb/kldap.so +%{_libdir}/libkdb_ldap.so +%{_libdir}/libkdb_ldap.so.* +%{_mandir}/man8/kdb5_ldap_util.8.gz +%{_sbindir}/kdb5_ldap_util + +%files libs -f %{gettext_domain}.lang +%doc README NOTICE +%{!?_licensedir:%global license %%doc} +%license LICENSE +%docdir %{_mandir} +# These are hard-coded, not-dependent-on-the-configure-script paths. +%dir /etc/gss +%dir /etc/gss/mech.d +%dir /etc/krb5.conf.d +%config(noreplace) /etc/krb5.conf +%config(noreplace,missingok) /etc/krb5.conf.d/crypto-policies +/%{_mandir}/man5/.k5identity.5* +/%{_mandir}/man5/.k5login.5* +/%{_mandir}/man5/k5identity.5* +/%{_mandir}/man5/k5login.5* +/%{_mandir}/man5/krb5.conf.5* +/%{_mandir}/man7/kerberos.7* +%{_libdir}/libgssapi_krb5.so.* +%{_libdir}/libgssrpc.so.* +%{_libdir}/libk5crypto.so.* +%{_libdir}/libkdb5.so.* +%{_libdir}/libkrad.so.* +%{_libdir}/libkrb5.so.* +%{_libdir}/libkrb5support.so.* +%dir %{_libdir}/krb5 +%dir %{_libdir}/krb5/plugins +%dir %{_libdir}/krb5/plugins/* +%{_libdir}/krb5/plugins/tls/k5tls.so +%{_libdir}/krb5/plugins/preauth/spake.so +%dir %{_var}/kerberos +%dir %{_var}/kerberos/krb5 +%dir %{_var}/kerberos/krb5/user + +%files pkinit +%dir %{_libdir}/krb5 +%dir %{_libdir}/krb5/plugins +%dir %{_libdir}/krb5/plugins/preauth +%{_libdir}/krb5/plugins/preauth/pkinit.so + +%files devel +%docdir %{_mandir} + +%{_includedir}/* +%{_libdir}/libgssapi_krb5.so +%{_libdir}/libgssrpc.so +%{_libdir}/libk5crypto.so +%{_libdir}/libkdb5.so +%{_libdir}/libkrad.so +%{_libdir}/libkrb5.so +%{_libdir}/libkrb5support.so +%{_libdir}/pkgconfig/* + +%{_bindir}/krb5-config +%{_mandir}/man1/krb5-config.1* + +%files -n libkadm5 +%{_libdir}/libkadm5clnt.so +%{_libdir}/libkadm5clnt_mit.so +%{_libdir}/libkadm5srv.so +%{_libdir}/libkadm5srv_mit.so +%{_libdir}/libkadm5clnt_mit.so.* +%{_libdir}/libkadm5srv_mit.so.* + +%changelog +* Mon Aug 09 2021 Mohan Boddu - 1.19.1-11.1 +- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags + Related: rhbz#1991688 + +* Tue Jul 20 2021 Robbie Harwood - 1.19.1-11 +- Fix KDC null deref on bad encrypted challenge (CVE-2021-36222) +- Resolves: #1983733 + +* Wed Jul 14 2021 Robbie Harwood - 1.19.1-10 +- Update OpenSSL 3 provider handling to clean up properly +- Resolves: #1955873 + +* Mon Jun 21 2021 Robbie Harwood - 1.19.1-9 +- Sync openssl3 patches with upstream +- Resolves: #1955873 + +* Thu Jun 17 2021 Robbie Harwood - 1.19.1-8 +- Rebuild for rpminspect and mass rebuild cleanup; no code changes +- Resolves: #1967505 + +* Thu Jun 17 2021 Robbie Harwood - 1.19.1-7 +- Fix several fallback canonicalization problems +- Resolves: #1967505 + +* Tue Jun 15 2021 Mohan Boddu - 1.19.1-6.1 +- Rebuilt for RHEL 9 BETA for openssl 3.0 +- Resolves: rhbz#1971065 + +* Thu Jun 10 2021 Robbie Harwood - 1.19.1-6 +- Backport KCM retrieval fixes +- Resolves: #1956403 + +* Thu May 20 2021 Robbie Harwood - 1.19.1-5 +- Fix DES3 mention in KDFs +- Resolves: #1955873 + +* Wed May 19 2021 Robbie Harwood - 1.19.1-4 +- Port to OpenSSL 3 (alpha 15) +- Resolves: #1955873 + +* Fri Apr 16 2021 Mohan Boddu - 1.19.1-3.1 +- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 + +* Mon Mar 01 2021 Robbie Harwood - 1.19.1-3 +- Further test dependency fixes; no code changes + +* Mon Mar 01 2021 Robbie Harwood - 1.19.1-2 +- Make test dependencies contingent on skipcheck; no code changes + +* Thu Feb 18 2021 Robbie Harwood - 1.19.1-1 +- New upstream version (1.19.1) + +* Wed Feb 17 2021 Robbie Harwood - 1.19-3 +- Restore krb5_set_default_tgs_ktypes() + +* Fri Feb 05 2021 Robbie Harwood - 1.19-2 +- No code change; just coping with reverted autoconf + +* Tue Feb 02 2021 Robbie Harwood - 1.19-1 +- New upstream version (1.19) + +* Thu Jan 28 2021 Robbie Harwood - 1.19-0.beta2.5 +- Support host-based GSS initiator names + +* Thu Jan 28 2021 Robbie Harwood - 1.19-0.beta2.4 +- Require krb5-pkinit from krb5-{server,workstation} + +* Thu Jan 28 2021 Robbie Harwood - 1.19-0.beta2.3 +- Fix up weird mass rebuild versioning + +* Thu Jan 28 2021 Robbie Harwood - 1.19-0.beta2.2.2 +- Add APIs for marshalling credentials + +* Wed Jan 27 2021 Robbie Harwood - 1.19-0.beta2.1.2 +- Cope with new autotools behavior wrt runstatedir + +* Tue Jan 26 2021 Fedora Release Engineering - 1.19-0.beta2.1.1 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Tue Jan 12 2021 Robbie Harwood - 1.19-1 +- New upstream version (1.19-beta2) + +* Wed Dec 16 2020 Robbie Harwood - 1.19-0.beta1.2 +- New upstream version (1.19-beta1) + +* Wed Dec 16 2020 Robbie Harwood - 1.18.3-5 +- Fix runstatedir configuration +- Why couldn't systemd just leave it alone? + +* Tue Nov 24 2020 Robbie Harwood - 1.18.3-4 +- Document -k option in kvno(1) synopsis + +* Fri Nov 20 2020 Robbie Harwood - 1.18.3-3 +- Upstream executable shared libraries patch + +* Wed Nov 18 2020 Robbie Harwood - 1.18.3-2 +- Fix build failure in -1 + +* Wed Nov 18 2020 Robbie Harwood - 1.18.3-1 +- New upstream version (1.18.3) + +* Tue Nov 17 2020 Robbie Harwood - 1.18.2-30 +- Migrate /var/run to /run, an exercise in pointlessness +- Resolves: #1898410 + +* Thu Nov 05 2020 Robbie Harwood - 1.18.2-29 +- Add recursion limit for ASN.1 indefinite lengths (CVE-2020-28196) + +* Fri Oct 23 2020 Robbie Harwood - 1.18.2-28 +- Fix minor static analysis defects + +* Wed Oct 21 2020 Robbie Harwood - 1.18.2-27 +- Fix build of previous + +* Wed Oct 21 2020 Robbie Harwood - 1.18.2-26 +- Cross-realm s4u fixes for samba (#1836630) + +* Thu Oct 15 2020 Robbie Harwood - 1.18.2-25 +- Unify kvno option documentation + +* Fri Oct 02 2020 Robbie Harwood - 1.18.2-24 +- Add md5 override to krad + +* Thu Sep 10 2020 Robbie Harwood - 1.18.2-23 +- Use `systemctl reload` to HUP the KDC during logrotate +- Resolves: #1877692 + +* Wed Sep 09 2020 Robbie Harwood - 1.18.2-22 +- Fix input length checking in SPNEGO DER decoding + +* Fri Aug 28 2020 Robbie Harwood - 1.18.2-21 +- Mark crypto-polices snippet as missingok +- Resolves: #1868379 + +* Thu Aug 13 2020 Robbie Harwood - 1.18.2-20 +- Temporarily dns_canonicalize_hostname=fallback changes +- Hopefully unbreak IPA while we debug further + +* Fri Aug 07 2020 Robbie Harwood - 1.18.2-19 +- Expand dns_canonicalize_hostname=fallback support + +* Tue Aug 04 2020 Robbie Harwood - 1.18.2-18 +- Fix leak in KERB_AP_OPTIONS_CBT server support + +* Mon Aug 03 2020 Robbie Harwood - 1.18.2-17 +- Revert qualify_shortname removal + +* Mon Aug 03 2020 Robbie Harwood - 1.18.2-16 +- Disable tests on s390x +- Resolves: #1863952 + +* Sat Aug 01 2020 Fedora Release Engineering - 1.18.2-15 +- Second attempt - Rebuilt for + https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Fri Jul 31 2020 Robbie Harwood - 1.18.2-14 +- Revert qualify_shortname changes + +* Tue Jul 28 2020 Fedora Release Engineering - 1.18.2-13 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Wed Jul 22 2020 Robbie Harwood - 1.18.2-12 +- Ignore bad enctypes in krb5_string_to_keysalts() +- Allow gss_unwrap_iov() of unpadded RC4 tokens + +* Wed Jul 15 2020 Robbie Harwood - 1.18.2-11 +- Ignore bad enctypes in krb5_string_to_keysalts() + +* Wed Jul 08 2020 Robbie Harwood - 1.18.2-10 +- Set qualify_shortname empty in default configuration +- Resolves: #1852041 + +* Mon Jun 15 2020 Robbie Harwood - 1.18.2-9 +- Use two queues for concurrent t_otp.py daemons + +* Mon Jun 15 2020 Robbie Harwood - 1.18.2-8 +- Match Heimdal behavior for channel bindings + +* Mon Jun 08 2020 Robbie Harwood - 1.18.2-7 +- Fix test suite by removing wrapper workarounds + +* Mon Jun 08 2020 Robbie Harwood - 1.18.2-6 +- Omit PA_FOR_USER if we can't compute its checksum + +* Sat May 30 2020 Robbie Harwood - 1.18.2-5 +- Replace gssrpc tests with a Python script + +* Sat May 30 2020 Robbie Harwood - 1.18.2-4 +- Default dns_canonicalize_hostname to "fallback" + +* Tue May 26 2020 Robbie Harwood - 1.18.2-3 +- dns_canonicalize_hostname = fallback + +* Tue May 26 2020 Robbie Harwood - 1.18.2-2 +- Pass channel bindings through SPNEGO + +* Fri May 22 2020 Robbie Harwood - 1.18.2-1 +- New upstream release (1.18.2) + +* Fri May 22 2020 Robbie Harwood - 1.18.1-6 +- Fix SPNEGO acceptor mech filtering + +* Mon May 18 2020 Robbie Harwood - 1.18.1-5 +- Fix typo ("in in") in the ksu man page + +* Fri May 08 2020 Robbie Harwood - 1.18.1-4 +- Omit KDC indicator check for S4U2Self requests + +* Tue Apr 28 2020 Robbie Harwood - 1.18.1-3 +- Pass gss_localname() through SPNEGO + +* Tue Apr 14 2020 Robbie Harwood - 1.18-1.1 +- Drop yasm requirement since we don't use builtin crypto + +* Tue Apr 14 2020 Robbie Harwood - 1.18.1-1 +- New upstream version (1.18.1) + +* Tue Apr 07 2020 Robbie Harwood - 1.18-12 +- Make ksu honor KRB5CCNAME again + +* Thu Apr 02 2020 Robbie Harwood - 1.18-11 +- Do expiration warnings for all init_creds APIs + +* Wed Apr 01 2020 Robbie Harwood - 1.18-10 +- Correctly import "service@" GSS host-based name + +* Thu Mar 26 2020 Robbie Harwood - 1.18-9 +- Eliminate redundant PKINIT responder invocation + +* Thu Mar 26 2020 Robbie Harwood - 1.18-8 +- Add finalization safety check to com_err + +* Fri Mar 20 2020 Robbie Harwood - 1.18-7 +- Add maximum openssl version in preparation for openssl 3 + +* Tue Mar 17 2020 Robbie Harwood - 1.18-6 +- Document client keytab usage + +* Tue Mar 03 2020 Robbie Harwood - 1.18-5 +- Refresh manually acquired creds from client keytab + +* Fri Feb 28 2020 Robbie Harwood - 1.18-4 +- Allow deletion of require_auth with LDAP KDB + +* Thu Feb 27 2020 Robbie Harwood - 1.18-3 +- Allow certauth modules to set hw-authent flag + +* Fri Feb 21 2020 Robbie Harwood - 1.18-2 +- Fix AS-REQ checking of KDB-modified indicators + +* Wed Feb 12 2020 Robbie Harwood - 1.18-1 +- New upstream version (1.18) + +* Fri Feb 07 2020 Robbie Harwood - 1.18-0.beta2.3 +- Don't assume OpenSSL failures are memory errors + +* Thu Feb 06 2020 Robbie Harwood - 1.18-0.beta2.2 +- Put KDB authdata first + +* Fri Jan 31 2020 Robbie Harwood - 1.18-0.beta2.1 +- New upstream beta release - 1.18-beta2 +- Adjust naming convention for downstream patches + +* Fri Jan 10 2020 Robbie Harwood - 1.18-0.beta1.1 +- New upstream beta release - 1.18-beta1 + +* Wed Jan 08 2020 Robbie Harwood - 1.17.1-5 +- Fix LDAP policy enforcement of pw_expiration +- Fix handling of invalid CAMMAC service verifier + +* Mon Jan 06 2020 Robbie Harwood - 1.17.1-4 +- Fix xdr_bytes() strict-aliasing violations + +* Fri Jan 03 2020 Robbie Harwood - 1.17.1-3 +- Don't warn in kadmin when no policy is specified +- Do not always canonicalize enterprise principals + +* Fri Dec 13 2019 Robbie Harwood - 1.17.1-2 +- Enable the LMDB backend for the KDB + +* Thu Dec 12 2019 Robbie Harwood - 1.17.1-1 +- New upstream version - 1.17.1 +- Stop building and packaging PDFs + +* Fri Dec 06 2019 Robbie Harwood - 1.17-54 +- Qualify short hostnames when not using DNS + +* Wed Nov 27 2019 Robbie Harwood - 1.17-53 +- Various gssalloc fixes + +* Thu Nov 21 2019 Robbie Harwood - 1.17-52 +- Turns out openssl has an epoch + +* Wed Nov 20 2019 Robbie Harwood - 1.17-51 +- Fix runtime openssl version to actually propogate + +* Wed Nov 20 2019 Robbie Harwood - 1.17-50 +- Add runtime openssl version requirement too + +* Wed Nov 20 2019 Robbie Harwood - 1.17-49 +- Fix kadmin addprinc -randkey -kvno + +* Tue Nov 19 2019 Robbie Harwood - 1.17-48 +- Use OpenSSL's backported KDFs +- Restore MD4 in FIPS mode (for samba) + +* Fri Nov 08 2019 Robbie Harwood - 1.17-47 +- Add default_principal_flags to example kdc.conf + +* Wed Oct 02 2019 Robbie Harwood - 1.17-46 +- Log unknown enctypes as unsupported in KDC + +* Wed Sep 25 2019 Robbie Harwood - 1.17-45 +- Fix KDC crash when logging PKINIT enctypes (CVE-2019-14844) + +* Thu Sep 12 2019 Robbie Harwood - 1.17-44 +- Static analyzer appeasement + +* Tue Aug 27 2019 Robbie Harwood - 1.17-43 +- Simplify krb5_dbe_def_search_enctype() + +* Thu Aug 22 2019 Robbie Harwood - 1.17-42 +- Update FIPS patches to remove SPAKE + +* Thu Aug 15 2019 Robbie Harwood - 1.17-41 +- Fix KCM client time offset propagation + +* Fri Aug 09 2019 Robbie Harwood - 1.17-40 +- Initialize life/rlife in kdcpolicy interface + +* Tue Aug 06 2019 Robbie Harwood - 1.17-39 +- Fix memory leaks in soft-pkcs11 code + +* Tue Jul 30 2019 Robbie Harwood - 1.17-38 +- Add soft-pkcs11 and use it for testing + +* Thu Jul 25 2019 Fedora Release Engineering - 1.17-37 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Thu Jul 18 2019 Robbie Harwood - 1.17-36 +- Filter enctypes in gss_set_allowable_enctypes() + +* Mon Jul 15 2019 Robbie Harwood - 1.17-35 +- Don't error on invalid enctypes in keytab +- Resolves: #1724380 + +* Tue Jul 02 2019 Robbie Harwood - 1.17-34 +- Remove now-unused checksum functions + +* Wed Jun 26 2019 Robbie Harwood - 1.17-33 +- Fix typo in 3des commit + +* Wed Jun 26 2019 Robbie Harwood - 1.17-32 +- Remove PKINIT draft9 support (compat with EOL, pre-2008 Windows) + +* Mon Jun 10 2019 Robbie Harwood - 1.17-31 +- Remove strerror() calls from k5_get_error() + +* Fri Jun 07 2019 Robbie Harwood - 1.17-30 +- Remove 3des from kdc.conf example + +* Mon Jun 03 2019 Robbie Harwood - 1.17-29 +- Remove 3DES support + +* Mon Jun 03 2019 Robbie Harwood - 1.17-28 +- Remove 3des support + +* Thu May 30 2019 Robbie Harwood - 1.17-27 +- Remove krb5int_c_combine_keys() and no-flags SAM-2 preauth + +* Tue May 28 2019 Robbie Harwood - 1.17-26 +- Remove support for single-DES and CRC + +* Wed May 22 2019 Robbie Harwood - 1.17-25 +- Add missing newlines to deprecation warnings +- Switch to upstream's ksu path patch + +* Tue May 21 2019 Robbie Harwood - 1.17-24 +- Update default krb5kdc mkey manual-entry enctype +- Also update account lockout patch to upstream version + +* Mon May 20 2019 Robbie Harwood - 1.17-23 +- Test & docs fixes in preparation for DES removal + +* Wed May 15 2019 Robbie Harwood - 1.17-22 +- Drop krb5_realm_compare() etc. NULL check patches + + +* Wed May 15 2019 Robbie Harwood - 1.17-21 +- Re-provide krb5-kdb-version in -devel as well (IPA wants it) + +* Tue May 14 2019 Robbie Harwood - 1.17-20 +- (Patch consolidation; hopefully no changes) + +* Tue May 14 2019 Robbie Harwood - 1.17-19 +- Remove checksum type profile variables + +* Fri May 10 2019 Robbie Harwood - 1.17-18 +- Pull in 2019-05-02 static analysis updates + +* Fri May 03 2019 Robbie Harwood - 1.17-17 +- Move krb5-kdb-version provide into krb5-server for freeipa + +* Wed May 01 2019 Robbie Harwood - 1.17-16 +- Use secure_getenv() where appropriate + +* Wed Apr 24 2019 Robbie Harwood - 1.17-15 +- Fix us up real nice with rpmlint + +* Wed Apr 24 2019 Robbie Harwood - 1.17-14 +- Add dns_canonicalize_hostname=fallback support + +* Wed Apr 24 2019 Robbie Harwood - 1.17-13 +- Check more errors in OpenSSL crypto backend + +* Mon Apr 22 2019 Robbie Harwood - 1.17-12 +- Fix potential close(-1) in cc_file.c + +* Wed Apr 17 2019 Robbie Harwood - 1.17-11 +- Remove ovsec_adm_export and confvalidator + +* Wed Apr 17 2019 Robbie Harwood - 1.17-10 +- Fix config realm change logic in FILE remove_cred + +* Thu Apr 11 2019 Robbie Harwood - 1.17-9 +- Remove Kerberos v4 support vestiges (including ktany support) + +* Thu Apr 11 2019 Robbie Harwood - 1.17-8 +- Implement krb5_cc_remove_cred for remaining types +- Resolves: #1693836 + +* Mon Apr 01 2019 Robbie Harwood - 1.17-7 +- FIPS-aware SPAKE group negotiation + +* Mon Feb 25 2019 Robbie Harwood - 1.17-6 +- Fix memory leak in 'none' replay cache type +- Silence a coverity warning while we're here. + +* Fri Feb 01 2019 Robbie Harwood - 1.17-5 +- Update FIPS blocking for RC4 + +* Fri Feb 01 2019 Fedora Release Engineering - 1.17-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Thu Jan 17 2019 Robbie Harwood - 1.17-3 +- enctype logging and explicit_bzero() + +* Tue Jan 08 2019 Robbie Harwood - 1.17-2 +- New upstream version (1.17) + +* Fri Jan 04 2019 Robbie Harwood - 1.17-1.beta2.6 +- Use openssl's PRNG in FIPS mode + +* Fri Jan 04 2019 Robbie Harwood - 1.17-1.beta2.5 +- Address some optimized-out memset() calls + +* Thu Dec 20 2018 Robbie Harwood - 1.17-1.beta2.4 +- Remove incorrect KDC assertion + +* Thu Dec 20 2018 Robbie Harwood - 1.17-1.beta2.3 +- Fix syntax on pkinit_anchors field in default krb5.conf + +* Mon Dec 17 2018 Robbie Harwood - 1.17-1.beta2.2 +- Restore pdfs source file +- Resolves: #1659716 + +* Thu Dec 06 2018 Robbie Harwood - 1.17-1.beta2.1 +- New upstream release (1.17-beta2) +- Drop pdfs source file + +* Thu Nov 29 2018 Robbie Harwood - 1.17-1.beta1.3 +- Add tests for KCM ccache type + +* Mon Nov 12 2018 Robbie Harwood - 1.17-1.beta1.2 +- Gain FIPS awareness + +* Thu Nov 08 2018 Robbie Harwood - 1.17-1.beta1.1 +- Fix spurious errors from kcmio_unix_socket_write +- Resolves: #1645912 + +* Thu Nov 01 2018 Robbie Harwood - 1.17-0.beta1.1 +- New upstream beta release + +* Wed Oct 24 2018 Robbie Harwood - 1.16.1-25 +- Update man pages to reference kerberos(7) +- Resolves: #1143767 + +* Wed Oct 17 2018 Robbie Harwood - 1.16.1-24 +- Use port-sockets.h macros in cc_kcm, sendto_kdc +- Resolves: #1631998 + +* Wed Oct 17 2018 Robbie Harwood - 1.16.1-23 +- Correct kpasswd_server description in krb5.conf(5) +- Resolves: #1640272 + +* Mon Oct 15 2018 Robbie Harwood - 1.16.1-22 +- Prefer TCP to UDP for password changes +- Resolves: #1637611 + +* Tue Oct 09 2018 Adam Williamson - 1.16.1-21 +- Revert the patch from -20 for now as it seems to make FreeIPA worse + +* Tue Oct 02 2018 Robbie Harwood - 1.16.1-20 +- Fix bugs with concurrent use of MEMORY ccaches + +* Wed Aug 01 2018 Robbie Harwood - 1.16.1-19 +- In FIPS mode, add plaintext fallback for RC4 usages and taint + +* Thu Jul 26 2018 Robbie Harwood - 1.16.1-18 +- Fix k5test prompts for Python 3 + +* Thu Jul 19 2018 Robbie Harwood - 1.16.1-17 +- Remove outdated note in krb5kdc man page + +* Thu Jul 19 2018 Robbie Harwood - 1.16.1-16 +- Make krb5kdc -p affect TCP ports + +* Thu Jul 19 2018 Robbie Harwood - 1.16.1-15 +- Eliminate preprocessor-disabled dead code + +* Wed Jul 18 2018 Robbie Harwood - 1.16.1-14 +- Fix some broken tests for Python 3 + +* Mon Jul 16 2018 Robbie Harwood - 1.16.1-13 +- Zap copy of secret in RC4 string-to-key + +* Thu Jul 12 2018 Robbie Harwood - 1.16.1-12 +- Convert Python tests to Python 3 + +* Wed Jul 11 2018 Robbie Harwood - 1.16.1-11 +- Add build dependency on gcc + +* Tue Jul 10 2018 Robbie Harwood - 1.16.1-10 +- Use SHA-256 instead of MD5 for audit ticket IDs + +* Fri Jul 06 2018 Robbie Harwood - 1.16.1-9 +- Add BuildRequires on python2 so we can run tests at build-time + +* Fri Jul 06 2018 Robbie Harwood - 1.16.1-8 +- Explicitly look for python2 in configure.in + +* Thu Jun 14 2018 Robbie Harwood - 1.16.1-7 +- Add flag to disable encrypted timestamp on client + +* Thu Jun 14 2018 Robbie Harwood - 1.16.1-6 +- Switch to python3-sphinx for docs +- Resolves: #1590928 + +* Thu Jun 14 2018 Robbie Harwood - 1.16.1-5 +- Make docs build python3-compatible +- Resolves: #1590928 + +* Thu Jun 07 2018 Robbie Harwood - 1.16.1-4 +- Update includedir processing to match upstream + +* Fri Jun 01 2018 Robbie Harwood - 1.16.1-3 +- Log when non-root ksu authorization fails +- Resolves: #1575771 + +* Fri May 04 2018 Robbie Harwood - 1.16.1-2 +- Remove "-nodes" option from make-certs scripts + +* Fri May 04 2018 Robbie Harwood - 1.16.1-1 +- New upstream release - 1.16.1 + +* Thu May 03 2018 Robbie Harwood - 1.16-27 +- Fix configuration of default ccache name to match file indentation + +* Mon Apr 30 2018 Robbie Harwood - 1.16-26 +- Set error message on KCM get_princ failure + +* Mon Apr 30 2018 Robbie Harwood - 1.16-25 +- Set error message on KCM get_princ failure + +* Tue Apr 24 2018 Robbie Harwood - 1.16-24 +- Fix KDC null dereference on large TGS replies + +* Mon Apr 23 2018 Robbie Harwood - 1.16-23 +- Explicitly use openssl rather than builtin crypto +- Resolves: #1570910 + +* Tue Apr 17 2018 Robbie Harwood - 1.16-22 +- Merge duplicate subsections in profile library + +* Mon Apr 09 2018 Robbie Harwood - 1.16-21 +- Restrict pre-authentication fallback cases + +* Tue Apr 03 2018 Robbie Harwood - 1.16-20 +- Be more careful asking for AS key in SPAKE client + +* Mon Apr 02 2018 Robbie Harwood - 1.16-19 +- Zap data when freeing krb5_spake_factor + +* Thu Mar 29 2018 Robbie Harwood - 1.16-18 +- Continue after KRB5_CC_END in KCM cache iteration + +* Tue Mar 27 2018 Robbie Harwood - 1.16-17 +- Fix SPAKE memory leak + +* Tue Mar 27 2018 Robbie Harwood - 1.16-16 +- Fix gitignore problem with previous patchset + +* Tue Mar 27 2018 Robbie Harwood - 1.16-15 +- Add SPAKE support +- Improve protections on internal sensitive buffers +- Improve internal hex encoding/decoding + +* Tue Mar 20 2018 Robbie Harwood - 1.16-14 +- Fix problem with ccache_name logic in previous build + +* Tue Mar 20 2018 Robbie Harwood - 1.16-13 +- Add pkinit_anchors default value to krb5.conf +- Reindent krb5.conf to not be terrible + +* Tue Mar 20 2018 Robbie Harwood - 1.16-12 +- Log preauth names in trace output +- Misc bugfixes from upstream + +* Mon Mar 19 2018 Robbie Harwood - 1.16-11 +- Add PKINIT KDC support for freshness token + +* Wed Mar 14 2018 Robbie Harwood - 1.16-10 +- Exit with status 0 from kadmind + +* Tue Mar 13 2018 Robbie Harwood - 1.16-9 +- Fix hex conversion of PKINIT certid strings + +* Wed Mar 07 2018 Robbie Harwood - 1.16-8 +- Fix capaths "." values on client +- Resolves: 1551099 + +* Tue Feb 13 2018 Robbie Harwood - 1.16-7 +- Fix flaws in LDAP DN checking +- CVE-2018-5729, CVE-2018-5730 + +* Mon Feb 12 2018 Robbie Harwood - 1.16-6 +- Fix a leak in the previous commit +- Restore dist macro that was accidentally removed +- Resolves: #1540939 + +* Wed Feb 07 2018 Fedora Release Engineering - 1.16-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Sat Feb 03 2018 Igor Gnatenko - 1.16-4 +- Switch to %%ldconfig_scriptlets + +* Mon Jan 29 2018 Robbie Harwood - 1.16-3 +- Process included directories in alphabetical order + +* Tue Dec 12 2017 Robbie Harwood - 1.16-2 +- Fix network service dependencies +- Resolves: #1525230 + +* Wed Dec 06 2017 Robbie Harwood - 1.16-1 +- New upstream release (1.16) +- No changes from beta2 + +* Mon Nov 27 2017 Robbie Harwood - 1.16-0.beta2.1 +- New upstream prerelease (1.16-beta2) + +* Tue Oct 24 2017 Robbie Harwood - 1.16-0.beta1.4 +- Fix CVE-2017-15088 (Buffer overflow in get_matching_data()) + +* Mon Oct 23 2017 Robbie Harwood - 1.16-0.beta1.3 +- Drop dependency on python2-pyrad (dead upstream, broken with new python) + +* Mon Oct 09 2017 Robbie Harwood - 1.16-0.beta1.2 +- Actually bump kdbversion like I was supposed to + +* Thu Oct 05 2017 Robbie Harwood - 1.16-0.beta1.1 +- New upstream prerelease (1.16-beta1) + +* Thu Sep 28 2017 Robbie Harwood - 1.15.2-2 +- Add German translation + +* Mon Sep 25 2017 Robbie Harwood - 1.15.2-1 +- New upstream release - krb5-1.15.2 +- Adjust patches as appropriate + +* Wed Sep 06 2017 Robbie Harwood - 1.15.1-28 +- Save other programs from worrying about CVE-2017-11462 +- Resolves: #1488873 +- Resolves: #1488874 + +* Tue Sep 05 2017 Robbie Harwood - 1.15.1-27 +- Add hostname-based ccselect module +- Resolves: #1463665 + +* Tue Sep 05 2017 Robbie Harwood - 1.15.1-26 +- Backport upstream certauth EKU fixes + +* Fri Aug 25 2017 Robbie Harwood - 1.15.1-25 +- Backport certauth eku security fix + +* Mon Aug 21 2017 Robbie Harwood - 1.15.1-24 +- Backport kdc policy plugin, but this time with dependencies + +* Mon Aug 21 2017 Robbie Harwood - 1.15.1-23 +- Backport kdcpolicy interface + +* Wed Aug 16 2017 Robbie Harwood - 1.15.1-22 + +* Mon Aug 07 2017 Robbie Harwood - 1.15.1-21 +- Display an error message if ocsp pkinit is requested + +* Wed Aug 02 2017 Robbie Harwood - 1.15.1-20 +- Disable dns_canonicalize_hostname. This may break some setups. + +* Wed Aug 02 2017 Robbie Harwood - 1.15.1-19 +- Re-enable test suite on ppc64le (no other changes) + +* Wed Jul 26 2017 Fedora Release Engineering - 1.15.1-18 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Thu Jul 20 2017 Robbie Harwood - 1.15.1-17 +- Fix CVE-2017-11368 (remote triggerable assertion failure) + +* Wed Jul 19 2017 Robbie Harwood - 1.15.1-16 +- Explicitly require python2 packages + +* Wed Jul 19 2017 Robbie Harwood - 1.15.1-15 +- Add support to query the SSF of a context +- Pick up rename of perl dependency + +* Thu Jul 06 2017 Robbie Harwood - 1.15.1-14 +- Fix leaks in gss_inquire_cred_by_oid() + +* Mon Jun 26 2017 Robbie Harwood - 1.15.1-13 +- Fix arch name (ppc64le, not ppc64el) +- Related-to: #1464381 + +* Mon Jun 26 2017 Robbie Harwood - 1.15.1-12 +- Skip test suite on ppc64el +- Related-to: #1464381 + +* Fri Jun 23 2017 Robbie Harwood - 1.15.1-11 +- Include more test suite changes from upstream +- Resolves: #1464381 + +* Wed Jun 07 2017 Robbie Harwood - 1.15.1-10 +- Fix custom build with -DDEBUG + +* Wed May 24 2017 Robbie Harwood - 1.15.1-9 +- Use standard trigger logic for krb5 snippet + +* Fri Apr 28 2017 Robbie Harwood - 1.15.1-8 +- Add kprop service env config file + +* Wed Apr 19 2017 Robbie Harwood - 1.15.1-7 +- Update backports of certauth and corresponding test + +* Thu Apr 13 2017 Robbie Harwood - 1.15.1-6 +- Include fixes for previous commit +- Resolves: #1433083 + +* Thu Apr 13 2017 Robbie Harwood - 1.15.1-5 +- Automatically add includedir where not present +- Try removing sleep statement to see if it is still needed +- Resolves: #1433083 + +* Fri Apr 07 2017 Robbie Harwood - 1.15.1-4 +- Fix use of enterprise principals with forwarding + +* Wed Mar 22 2017 Robbie Harwood - 1.15.1-3 +- Backport certauth plugin and related pkinit changes + +* Tue Mar 07 2017 Robbie Harwood - 1.15.1-2 +- Remove duplication between subpackages +- Resolves: #1250228 + +* Fri Mar 03 2017 Robbie Harwood - 1.15.1-1 +- New upstream release - 1.15.1 + +* Wed Mar 01 2017 Robbie Harwood - 1.15-9 +- Patch build by disabling failing test; will fix properly soon + +* Fri Feb 17 2017 Robbie Harwood - 1.15-8 +- Hammer refresh around transient rawhide issue + +* Fri Feb 17 2017 Robbie Harwood - 1.15-7 +- Backport fix for GSSAPI fallback realm + +* Tue Feb 07 2017 Robbie Harwood - 1.15-6 +- Move krb5-kdb-version provides from -libs to -devel + +* Fri Jan 20 2017 Robbie Harwood - 1.15-5 +- Add free hook to KDB; increments KDB version +- Add KDB version flag + +* Mon Dec 05 2016 Robbie Harwood - 1.15-4 +- New upstream release + +* Wed Nov 16 2016 Robbie Harwood - 1.15-beta2-3 +- New upstream release + +* Thu Nov 10 2016 Robbie Harwood - 1.15-beta1-2 +- Ensure we can build with the new CFLAGS +- Remove the git versioning in patches + +* Thu Oct 20 2016 Robbie Harwood - 1.15-beta1-1 +- New upstream release +- Update selinux with RHEL hygene +- Resolves: #1314096 + +* Tue Oct 11 2016 Tomáš Mráz - 1.14.4-6 +- rebuild with OpenSSL 1.1.0, added backported upstream patch + +* Fri Sep 30 2016 Robbie Harwood - 1.14.4-5 +- Properly close krad sockets +- Resolves: #1380836 + +* Fri Sep 30 2016 Robbie Harwood - 1.14.4-4 +- Fix backward check in kprop.service + +* Fri Sep 30 2016 Robbie Harwood - 1.14.4-3 +- Switch to using autosetup macro. + - Patches come from git, so it is easiest to just make a git repo + +* Thu Sep 22 2016 Robbie Harwood - 1.14.4-2 +- Backport getrandom() support +- Remove patch numbering + +* Mon Sep 19 2016 Robbie Harwood - 1.14.4-1 +- New upstream release +- Update names and numbers to match external git + +* Mon Sep 19 2016 Robbie Harwood - 1.14.3-9 +- Add krb5_db_register_keytab +- Resolves: #1376812 + +* Mon Aug 29 2016 Robbie Harwood - 1.14.3-8 +- Use responder for non-preauth AS requests +- Resolves: #1370622 + +* Mon Aug 29 2016 Robbie Harwood - 1.14.3-7 +- Guess Samba client mutual flag using ap_option +- Resolves: #1370980 + +* Thu Aug 25 2016 Robbie Harwood - 1.14.3-6 +- Fix KDC return code and set prompt types for OTP client preauth +- Resolves: #1370072 + +* Mon Aug 15 2016 Robbie Harwood - 1.14.3-5 +- Turn OFD locks back on with glibc workaround +- Resolves: #1274922 + +* Wed Aug 10 2016 Robbie Harwood - 1.14.3-4 +- Fix use of KKDCPP with SNI +- Resolves: #1365027 + +* Fri Aug 05 2016 Robbie Harwood - 1.14.3-3 +- Make krb5-devel depend on libkadm5 +- Resolves: #1364487 + +* Wed Aug 03 2016 Robbie Harwood - 1.14.3-2 +- Up-port a bunch of stuff from the el-7.3 cycle +- Resolves: #1255450, #1314989 + +* Mon Aug 01 2016 Robbie Harwood - 1.14.3-1 +- New upstream version 1.14.3 + +* Thu Jul 28 2016 Robbie Harwood - 1.14.1-9 +- Fix CVE-2016-3120 +- Resolves: #1361051 + +* Wed Jun 22 2016 Robbie Harwood - 1.14.1-8 +- Fix incorrect recv() size calculation in libkrad + +* Thu Jun 16 2016 Robbie Harwood - 1.14.1-7 +- Separate out the kadm5 libs + +* Fri May 27 2016 Robbie Harwood - 1.14.1-6 +- Fix setting of AS key in OTP preauth failure + +* Tue Apr 05 2016 Robbie Harwood - 1.14.1-5 +- Use the correct patches this time. +- Resolves: #1321135 + +* Mon Apr 04 2016 Robbie Harwood - 1.14.1-4 +- Add send/receive sendto_kdc hooks and corresponding tests +- Resolves: #1321135 + +* Fri Mar 18 2016 Robbie Harwood - 1.14.1-3 +- Fix CVE-2016-3119 (NULL deref in LDAP module) + +* Thu Mar 17 2016 Robbie Harwood - 1.14.1-2 +- Backport OID mech fix +- Resolves: #1317609 + +* Mon Feb 29 2016 Robbie Harwood - 1.14.1-1 +- New rawhide, new upstream version +- Drop CVE patches +- Rename fix_interposer.patch to acquire_cred_interposer.patch +- Update acquire_cred_interposer.patch to apply to new source + +* Mon Feb 22 2016 Robbie Harwood - 1.14-23 +- Fix log file permissions patch with our selinux +- Resolves: #1309421 + +* Fri Feb 19 2016 Robbie Harwood - 1.14-22 +- Backport my interposer fixes from upstream + - Supersedes krb5-mechglue_inqure_attrs.patch + +* Tue Feb 16 2016 Robbie Harwood - 1.14-21 +- Adjust dependency on crypto-polices to be just the file we want +- Patch courtesy of lslebodn +- Resolves: #1308984 + +* Thu Feb 04 2016 Fedora Release Engineering - 1.14-20 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Thu Jan 28 2016 Robbie Harwood - 1.14-19 +- Replace _kadmin/_kprop with systemd macros +- Remove traces of upstart from fedora package per policy +- Resolves: #1290185 + +* Wed Jan 27 2016 Robbie Harwood - 1.14-18 +- Fix CVE-2015-8629, CVE-2015-8630, CVE-2015-8631 + +* Thu Jan 21 2016 Robbie Harwood - 1.14-17 +- Make krb5kdc.log not world-readable by default +- Resolves: #1276484 + +* Thu Jan 21 2016 Robbie Harwood - 1.14-16 +- Allow verification of attributes on krb5.conf + +* Wed Jan 20 2016 Robbie Harwood - 1.14-15 +- Use "new" systemd macros for service handling. (Thanks vpavlin!) +- Resolves: #850399 + +* Wed Jan 20 2016 Robbie Harwood - 1.14-14 +- Remove WITH_NSS macro (always false) +- Remove WITH_SYSTEMD macro (always true) +- Remove WITH_LDAP macro (always true) +- Remove WITH_OPENSSL macro (always true) + +* Fri Jan 08 2016 Robbie Harwood - 1.14-13 +- Backport fix for chrome crash in spnego_gss_inquire_context +- Resolves: #1295893 + +* Wed Dec 16 2015 Robbie Harwood - 1.14-12 +- Backport patch to fix mechglue for gss_inqure_attrs_for_mech() + +* Thu Dec 03 2015 Robbie Harwood - 1.14-11 +- Backport interposer fix (#1284985) +- Drop workaround pwsize initialization patch (gcc has been fixed) + +* Tue Nov 24 2015 Robbie Harwood - 1.14-10 +- Fix FTBFS by no longer working around bug in nss_wrapper + +* Mon Nov 23 2015 Robbie Harwood - 1.14-9 +- Upstream release. No actual change from beta, just version bump +- Clean up unused parts of spec file + +* Mon Nov 16 2015 Robbie Harwood - 1.14-beta2-8 +- New upstream beta version + +* Wed Nov 04 2015 Robbie Harwood - 1.14-beta1-7 +- Patch CVE-2015-2698 + +* Tue Oct 27 2015 Robbie Harwood - 1.14-beta1-6 +- Patch CVE-2015-2697, CVE-2015-2696, CVE-2015-2695 + +* Thu Oct 22 2015 Robbie Harwood - 1.14-beta1-5 +- Ensure pwsize is initialized in chpass_util.c + +* Thu Oct 22 2015 Robbie Harwood - 1.14-beta1-4 +- Fix typo of crypto-policies file in previous version + +* Mon Oct 19 2015 Robbie Harwood - 1.14-beta1-3 +- Start using crypto-policies + +* Mon Oct 19 2015 Robbie Harwood - 1.14-beta1-2 +- TEMPORARILY disable usage of OFD locks as a workaround for x86 + +* Thu Oct 15 2015 Robbie Harwood - 1.14-beta1-1 +- New upstream beta version + +* Thu Oct 08 2015 Robbie Harwood - 1.13.2-13 +- Work around KDC client prinicipal in referrals issue (#1259844) + +* Thu Oct 01 2015 Robbie Harwood - 1.13.2-12 +- Enable building with bad system /etc/krb5.conf + +* Wed Sep 23 2015 Robbie Harwood - 1.13.2-11 +- Drop dependency on pax, ksh +- Remove support for fedora < 20 + +* Wed Sep 23 2015 Robbie Harwood - 1.13.2-10 +- Nix /usr/share/krb5.conf.d to reduce complexity + +* Wed Sep 23 2015 Robbie Harwood - 1.13.2-9 +- Depend on crypto-policies which provides /etc/krb5.conf.d (#1225792) + +* Thu Sep 10 2015 Robbie Harwood - 1.13.2-8 +- Remove dependency on systemd-sysv which is no longer needed for fedora > 20 + This also fixes a fail-to-build issue. +- Miscalaneous spec cleanup fixes + +* Thu Sep 10 2015 Robbie Harwood - 1.13.2-7 +- Support config snippets in /etc/krb5.conf.d/ and /usr/share/krb5.conf.d/ + (#1225792, #1146370, #1145808) + +* Thu Jun 25 2015 Roland Mainz - 1.13.2-6 +- Use system nss_wrapper and socket_wrapper for testing. + Patch by Andreas Schneider + +* Thu Jun 25 2015 Roland Mainz - 1.13.2-5 +- Remove Zanata test glue and related workarounds + - Bug #1234292 ("IPA server cannot be run in container due to incorrect /usr/sbin/_kadmind") + - Bug #1234326 ("krb5-server introduces new rpm dependency on ksh") + +* Thu Jun 18 2015 Roland Mainz - 1.13.2-4 +- Fix dependicy on binfmt.service + +* Wed Jun 17 2015 Fedora Release Engineering - 1.13.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Tue Jun 2 2015 Roland Mainz - 1.13.2-2 +- Add patch to fix Redhat Bug #1227542 ("[SELinux] AVC denials may appear + when kadmind starts"). The issue was caused by an unneeded |htons()| + which triggered SELinux AVC denials due to the "random" port usage. + +* Thu May 21 2015 Roland Mainz - 1.13.2-1 +- Add fix for RedHat Bug #1164304 ("Upstream unit tests loads + the installed shared libraries instead the ones from the build") + +* Thu May 14 2015 Roland Mainz - 1.13.2-0 +- Update to krb5-1.13.2 + - drop patch for krb5-1.13.2-CVE_2015_2694_requires_preauth_bypass_in_PKINIT_enabled_KDC, fixed in krb5-1.13.2 + - drop patch for krb5-1.12.1-CVE_2014_5355_fix_krb5_read_message_handling, fixed in krb5-1.13.2 +- Add script processing for upcoming Zanata l10n support +- Minor spec cleanup + +* Mon May 4 2015 Roland Mainz - 1.13.1-4 +- fix for CVE-2015-2694 (#1216133) "requires_preauth bypass + in PKINIT-enabled KDC". + In MIT krb5 1.12 and later, when the KDC is configured with + PKINIT support, an unauthenticated remote attacker can + bypass the requires_preauth flag on a client principal and + obtain a ciphertext encrypted in the principal's long-term + key. This ciphertext could be used to conduct an off-line + dictionary attack against the user's password. + +* Wed Mar 25 2015 Roland Mainz - 1.13.1-3 +- Add temporay workaround for RH bug #1204646 ("krb5-config + returns wrong -specs path") which modifies krb5-config post + build so that development of krb5 dependicies gets unstuck. + This MUST be removed before rawhide becomes F23 ... + +* Thu Mar 19 2015 Roland Mainz - 1.13.1-2 +- fix for CVE-2014-5355 (#1193939) "krb5: unauthenticated + denial of service in recvauth_common() and others" + +* Fri Feb 13 2015 Roland Mainz - 1.13.1-1 +- Update to krb5-1.13.1 + - drop patch for CVE_2014_5353_fix_LDAP_misused_policy_name_crash, fixed in krb5-1.13.1 + - drop patch for kinit -C loops (MIT/krb5 bug #243), fixed in krb5-1.13.1 + - drop patch for CVEs { 2014-9421, 2014-9422, 2014-9423, 2014-5352 }, fixed in krb5-1.13.1 +- Minor spec cleanup + +* Wed Feb 4 2015 Roland Mainz - 1.13-8 +- fix for CVE-2014-5352 (#1179856) "gss_process_context_token() + incorrectly frees context (MITKRB5-SA-2015-001)" +- fix for CVE-2014-9421 (#1179857) "kadmind doubly frees partial + deserialization results (MITKRB5-SA-2015-001)" +- fix for CVE-2014-9422 (#1179861) "kadmind incorrectly + validates server principal name (MITKRB5-SA-2015-001)" +- fix for CVE-2014-9423 (#1179863) "libgssrpc server applications + leak uninitialized bytes (MITKRB5-SA-2015-001)" + +* Wed Feb 4 2015 Roland Mainz - 1.13-7 +- Remove "python-sphinx-latex" and "tar" from the build requirements + to fix build failures on F22 machines. +- Minor spec cleanup + +* Mon Feb 02 2015 Nathaniel McCallum - 1.13-6 +- Support KDC_ERR_MORE_PREAUTH_DATA_REQUIRED (RT#8063) + +* Mon Jan 26 2015 Roland Mainz - 1.13-5 +- fix for kinit -C loops (#1184629, MIT/krb5 issue 243, "Do not + loop on principal unknown errors"). +- Added "python-sphinx-latex" to the build requirements + to fix build failures on F22 machines. + +* Thu Dec 18 2014 Roland Mainz - 1.13-4 +- fix for CVE-2014-5354 (#1174546) "krb5: NULL pointer + dereference when using keyless entries" + +* Wed Dec 17 2014 Roland Mainz - 1.13-3 +- fix for CVE-2014-5353 (#1174543) "Fix LDAP misused policy + name crash" + +* Wed Oct 29 2014 Roland Mainz - 1.13-2 +- Bump 1%%{?dist} to 2%%{?dist} to workaround RPM sort issue + which would lead yum updates to treat the last alpha as newer + than the final version. + +* Wed Oct 29 2014 Roland Mainz - 1.13-1 +- Update from krb5-1.13-alpha1 to final krb5-1.13 +- Removed patch for CVE-2014-5351 (#1145425) "krb5: current + keys returned when randomizing the keys for a service principal" - + now part of upstream sources +- Use patch for glibc |eventfd()| prototype mismatch (#1147887) only + for Fedora > 20 + +* Tue Sep 30 2014 Roland Mainz - 1.13-0.alpha1.3 +- fix build failure caused by change of prototype for glibc + |eventfd()| (#1147887) + +* Mon Sep 29 2014 Roland Mainz - 1.13-0.alpha1.3 +- fix for CVE-2014-5351 (#1145425) "krb5: current keys returned when + randomizing the keys for a service principal" + +* Mon Sep 8 2014 Nalin Dahyabhai - 1.13-0.alpha1.3 +- fix the problem where the %%license file has been a dangling symlink + +* Tue Aug 26 2014 Nalin Dahyabhai - 1.13-0.alpha1.2 +- kpropd hasn't bothered with -S since 1.11; stop trying to use that flag + in the systemd unit file + +* Fri Aug 22 2014 Nalin Dahyabhai - 1.13-0.alpha1.1 +- update to 1.13 alpha1 + - drop upstreamed and backported patches + +* Wed Aug 20 2014 Nalin Dahyabhai - 1.12.2-3 +- pull in upstream fix for an incorrect check on the value returned by a + strdup() call (#1132062) + +* Sun Aug 17 2014 Fedora Release Engineering - 1.12.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Fri Aug 15 2014 Nalin Dahyabhai - 1.12.2-1 +- update to 1.12.2 + - drop patch for RT#7820, fixed in 1.12.2 + - drop patch for #231147, fixed as RT#3277 in 1.12.2 + - drop patch for RT#7818, fixed in 1.12.2 + - drop patch for RT#7836, fixed in 1.12.2 + - drop patch for RT#7858, fixed in 1.12.2 + - drop patch for RT#7924, fixed in 1.12.2 + - drop patch for RT#7926, fixed in 1.12.2 + - drop patches for CVE-2014-4341/CVE-2014-4342, included in 1.12.2 + - drop patch for CVE-2014-4343, included in 1.12.2 + - drop patch for CVE-2014-4344, included in 1.12.2 + - drop patch for CVE-2014-4345, included in 1.12.2 +- replace older proposed changes for ksu with backports of the changes + after review and merging upstream (#1015559, #1026099, #1118347) + +* Thu Aug 7 2014 Nalin Dahyabhai - 1.12.1-14 +- incorporate fix for MITKRB5-SA-2014-001 (CVE-2014-4345) + +* Mon Jul 21 2014 Nalin Dahyabhai - 1.12.1-13 +- gssapi: pull in upstream fix for a possible NULL dereference + in spnego (CVE-2014-4344) + +* Wed Jul 16 2014 Nalin Dahyabhai - 1.12.1-12 +- gssapi: pull in proposed fix for a double free in initiators (David + Woodhouse, CVE-2014-4343, #1117963) + +* Sat Jul 12 2014 Tom Callaway - 1.12.1-11 +- fix license handling + +* Mon Jul 7 2014 Nalin Dahyabhai - 1.12.1-10 +- pull in fix for denial of service by injection of malformed GSSAPI tokens + (CVE-2014-4341, CVE-2014-4342, #1116181) + +* Tue Jun 24 2014 Nalin Dahyabhai - 1.12.1-9 +- pull in changes from upstream which add processing of the contents of + /etc/gss/mech.d/*.conf when loading GSS modules (#1102839) + +* Thu Jun 12 2014 Nalin Dahyabhai - 1.12.1-8 +- pull in fix for building against tcl 8.6 (#1107061) + +* Sun Jun 08 2014 Fedora Release Engineering - 1.12.1-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Tue Mar 04 2014 Nathaniel McCallum - 1.12.1-6 +- Backport fix for change password requests when using FAST (RT#7868) + +* Mon Feb 17 2014 Nalin Dahyabhai - 1.12.1-5 +- spnego: pull in patch from master to restore preserving the OID of the + mechanism the initiator requested when we have multiple OIDs for the same + mechanism, so that we reply using the same mechanism OID and the initiator + doesn't get confused (#1066000, RT#7858) + +* Fri Feb 7 2014 Nalin Dahyabhai - 1.12.1-4 +- pull in patch from master to move the default directory which the KDC uses + when computing the socket path for a local OTP daemon from the database + directory (/var/kerberos/krb5kdc) to the newly-added run directory + (/run/krb5kdc), in line with what we're expecting in 1.13 (RT#7859, more + of #1040056 as #1063905) +- add a tmpfiles.d configuration file to have /run/krb5kdc created at + boot-time +- own /var/run/krb5kdc + +* Fri Jan 31 2014 Nalin Dahyabhai - 1.12.1-3 +- refresh nss_wrapper and add socket_wrapper to the %%check environment + +* Fri Jan 31 2014 Nalin Dahyabhai +- add currently-proposed changes to teach ksu about credential cache + collections and the default_ccache_name setting (#1015559,#1026099) + +* Tue Jan 21 2014 Nalin Dahyabhai - 1.12.1-2 +- pull in multiple changes to allow replay caches to be added to a GSS + credential store as "rcache"-type credentials (RT#7818/#7819/#7836, + #1056078/#1056080) + +* Fri Jan 17 2014 Nalin Dahyabhai - 1.12.1-1 +- update to 1.12.1 + - drop patch for RT#7794, included now + - drop patch for RT#7797, included now + - drop patch for RT#7803, included now + - drop patch for RT#7805, included now + - drop patch for RT#7807, included now + - drop patch for RT#7045, included now + - drop patches for RT#7813 and RT#7815, included now + - add patch to always retrieve the KDC time offsets from keyring caches, + so that we don't mistakenly interpret creds as expired before their + time when our clock is ahead of the KDC's (RT#7820, #1030607) + +* Mon Jan 13 2014 Nalin Dahyabhai - 1.12-11 +- update the PIC patch for iaesx86.s to not use ELF relocations to the version + that landed upstream (RT#7815, #1045699) + +* Thu Jan 9 2014 Nalin Dahyabhai +- pass -Wl,--warn-shared-textrel to the compiler when we're creating shared + libraries + +* Thu Jan 9 2014 Nalin Dahyabhai - 1.12-10 +- amend the PIC patch for iaesx86.s to also save/restore ebx in the + functions where we modify it, because the ELF spec says we need to + +* Mon Jan 6 2014 Nalin Dahyabhai - 1.12-9 +- grab a more-commented version of the most recent patch from upstream + master +- make a guess at making the 32-bit AES-NI implementation sufficiently + position-independent to not require execmod permissions for libk5crypto + (more of #1045699) + +* Thu Jan 2 2014 Nalin Dahyabhai - 1.12-8 +- add patch from Dhiru Kholia for the AES-NI implementations to allow + libk5crypto to be properly marked as not needing an executable stack + on arches where they're used (#1045699, and so many others) + +* Thu Jan 2 2014 Nalin Dahyabhai - 1.12-7 +- revert that last change for a bit while sorting out execstack when we + use AES-NI (#1045699) + +* Thu Dec 19 2013 Nalin Dahyabhai - 1.12-6 +- add yasm as a build requirement for AES-NI support, on arches that have + yasm and AES-NI + +* Thu Dec 19 2013 Nalin Dahyabhai - 1.12-5 +- pull in fix from master to make reporting of errors encountered by + the SPNEGO mechanism work better (RT#7045, part of #1043962) + +* Thu Dec 19 2013 Nalin Dahyabhai +- update a test wrapper to properly handle things that the new libkrad does, + and add python-pyrad as a build requirement so that we can run its tests + +* Wed Dec 18 2013 Nalin Dahyabhai - 1.12-4 +- revise previous patch to initialize one more element + +* Wed Dec 18 2013 Nalin Dahyabhai - 1.12-3 +- backport fixes to krb5_copy_context (RT#7807, #1044735/#1044739) + +* Wed Dec 18 2013 Nalin Dahyabhai - 1.12-2 +- pull in fix from master to return a NULL pointer rather than allocating + zero bytes of memory if we read a zero-length input token (RT#7794, part of + #1043962) +- pull in fix from master to ignore an empty token from an acceptor if + we've already finished authenticating (RT#7797, part of #1043962) +- pull in fix from master to avoid a memory leak when a mechanism's + init_sec_context function fails (RT#7803, part of #1043962) +- pull in fix from master to avoid a memory leak in a couple of error + cases which could occur while obtaining acceptor credentials (RT#7805, part + of #1043962) + +* Wed Dec 11 2013 Nalin Dahyabhai - 1.12-1 +- update to 1.12 final + +* Mon Dec 2 2013 Nalin Dahyabhai - 1.12-beta2.0 +- update to beta2 + - drop obsolete backports for storing KDC time offsets and expiration times + in keyring credential caches + +* Tue Nov 19 2013 Nalin Dahyabhai - 1.12-beta1.0 +- rebase to master +- update to beta1 + - drop obsolete backport of fix for RT#7706 + +* Mon Nov 18 2013 Nalin Dahyabhai - 1.11.4-2 +- pull in fix to store KDC time offsets in keyring credential caches (RT#7768, + #1030607) +- pull in fix to set expiration times on credentials stored in keyring + credential caches (RT#7769, #1031724) + +* Tue Nov 12 2013 Nalin Dahyabhai - 1.11.4-1 +- update to 1.11.4 + - drop patch for RT#7650, obsoleted + - drop patch for RT#7706, obsoleted as RT#7723 + - drop patch for CVE-2013-1418/CVE-2013-6800, included in 1.11.4 + +* Tue Nov 12 2013 Nalin Dahyabhai - 1.11.3-31 +- switch to the simplified version of the patch for #1029110 (RT#7764) + +* Mon Nov 11 2013 Nalin Dahyabhai - 1.11.3-30 +- check more thoroughly for errors when resolving KEYRING ccache names of type + "persistent", which should only have a numeric UID as the next part of the + name (#1029110) + +* Tue Nov 5 2013 Nalin Dahyabhai - 1.11.3-29 +- incorporate upstream patch for remote crash of KDCs which serve multiple + realms simultaneously (RT#7756, CVE-2013-1418/CVE-2013-6800, + #1026997/#1031501) + +* Mon Nov 4 2013 Nalin Dahyabhai - 1.11.3-28 +- drop patch to add additional access() checks to ksu - they add to breakage + when non-FILE: caches are in use (#1026099), shouldn't be resulting in any + benefit, and clash with proposed changes to fix its cache handling + +* Tue Oct 22 2013 Nalin Dahyabhai - 1.11.3-27 +- add some minimal description to the top of the wrapper scripts we use + when starting krb5kdc and kadmind to describe why they exist (tooling) + +* Thu Oct 17 2013 Nalin Dahyabhai - 1.12-alpha1.0 +- initial update to alpha1 + - drop backport of persistent keyring support + - drop backport for RT#7689 + - drop obsolete patch for fixing a use-before-init in a test program + - drop obsolete patch teaching config.guess/config.sub about aarch64-linux + - drop backport for RT#7598 + - drop backport for RT#7172 + - drop backport for RT#7642 + - drop backport for RT#7643 + - drop patches from master to not test GSSRPC-over-UDP and to not + depend on the portmapper, which are areas where our build systems + often give us trouble, too; obsolete + - drop backports for RT#7682 + - drop backport for RT#7709 + - drop backport for RT#7590 and partial backport for RT#7680 + - drop OTP backport + - drop backports for RT#7656 and RT#7657 +- BuildRequires: libedit-devel to prefer it +- BuildRequires: pkgconfig, since configure uses it + +* Wed Oct 16 2013 Nalin Dahyabhai - 1.11.3-26 +- create and own /etc/gss (#1019937) + +* Tue Oct 15 2013 Nalin Dahyabhai - 1.11.3-25 +- pull up fix for importing previously-exported credential caches in the + gssapi library (RT# 7706, #1019420) + +* Mon Oct 14 2013 Nalin Dahyabhai - 1.11.3-24 +- backport the callback to use the libkrb5 prompter when we can't load PEM + files for PKINIT (RT#7590, includes part of #965721/#1016690) +- extract the rest of the fix #965721/#1016690 from the changes for RT#7680 + +* Mon Oct 14 2013 Nalin Dahyabhai - 1.11.3-23 +- fix trigger scriptlet's invocation of sed (#1016945) + +* Fri Oct 4 2013 Nalin Dahyabhai - 1.11.3-22 +- rebuild with keyutils 1.5.8 (part of #1012043) + +* Wed Oct 2 2013 Nalin Dahyabhai - 1.11.3-21 +- switch to the version of persistent-keyring that was just merged to + master (RT#7711), along with related changes to kinit (RT#7689) +- go back to setting default_ccache_name to a KEYRING type + +* Mon Sep 30 2013 Nalin Dahyabhai - 1.11.3-20 +- pull up fix for not calling a kdb plugin's check-transited-path + method before calling the library's default version, which only knows + how to read what's in the configuration file (RT#7709, #1013664) + +* Thu Sep 26 2013 Nalin Dahyabhai - 1.11.3-19 +- configure --without-krb5-config so that we don't pull in the old default + ccache name when we want to stop setting a default ccache name at configure- + time + +* Wed Sep 25 2013 Nalin Dahyabhai - 1.11.3-18 +- fix broken dependency on awk (should be gawk, rdieter) + +* Wed Sep 25 2013 Nalin Dahyabhai - 1.11.3-17 +- add missing dependency on newer keyutils-libs (#1012034) + +* Tue Sep 24 2013 Nalin Dahyabhai - 1.11.3-16 +- back out setting default_ccache_name to the new default for now, resetting + it to the old default while the kernel/keyutils bits get sorted (sgallagh) + +* Mon Sep 23 2013 Nalin Dahyabhai - 1.11.3-15 +- add explicit build-time dependency on a version of keyutils that's new + enough to include keyctl_get_persistent() (more of #991148) + +* Thu Sep 19 2013 Nalin Dahyabhai - 1.11.3-14 +- incorporate Simo's updated backport of his updated persistent-keyring changes + (more of #991148) + +* Fri Sep 13 2013 Nalin Dahyabhai - 1.11.3-13 +- don't break during %%check when the session keyring is revoked + +* Fri Sep 13 2013 Nalin Dahyabhai - 1.11.3-12 +- pull the newer F21 defaults back to F20 (sgallagh) + +* Mon Sep 9 2013 Nalin Dahyabhai +- only apply the patch to autocreate /run/user/0 when we're hard-wiring the + default ccache location to be under it; otherwise it's unnecessary + +* Mon Sep 9 2013 Nalin Dahyabhai 1.11.3-11 +- don't let comments intended for one scriptlet become part of the "script" + that gets passed to ldconfig as part of another one (Mattias Ellert, #1005675) + +* Fri Sep 6 2013 Nalin Dahyabhai 1.11.3-10 +- incorporate Simo's backport of his persistent-keyring changes (#991148) +- restore build-time default DEFCCNAME on Fedora 21 and later and EL, and + instead set default_ccache_name in the default krb5.conf's [libdefaults] + section (#991148) +- on releases where we expect krb5.conf to be configured with a + default_ccache_name, add it whenever we upgrade from an older version of + the package that wouldn't have included it in its default configuration + file (#991148) + +* Fri Aug 23 2013 Nalin Dahyabhai 1.11.3-9 +- take another stab at accounting for UnversionedDocdirs for the -libs + subpackage (spotted by ssorce) +- switch to just the snapshot of nss_wrapper we were using, since we + no longer need to carry anything that isn't in the cwrap.org repository + (ssorce) + +* Thu Aug 15 2013 Nalin Dahyabhai 1.11.3-8 +- drop a patch we weren't not applying (build tooling) +- wrap kadmind and kpropd in scripts which check for the presence/absence + of files which dictate particular exit codes before exec'ing the actual + binaries, instead of trying to use ConditionPathExists in the unit files + to accomplish that, so that we exit with failure properly when what we + expect isn't actually in effect on the system (#800343) + +* Mon Jul 29 2013 Nalin Dahyabhai 1.11.3-7 +- attempt to account for UnversionedDocdirs for the -libs subpackage + +* Fri Jul 26 2013 Nalin Dahyabhai 1.11.3-6 +- tweak configuration files used during tests to try to reduce the number + of conflicts encountered when builds for multiple arches land on the same + builder + +* Mon Jul 22 2013 Nalin Dahyabhai 1.11.3-5 +- pull up changes to allow GSSAPI modules to provide more functions + (RT#7682, #986564/#986565) + +* Fri Jul 19 2013 Nalin Dahyabhai 1.11.3-4 +- use (a bundled, for now, copy of) nss_wrapper to let us run some of the + self-tests at build-time in more places than we could previously (#978756) +- cover inconsistencies in whether or not there's a local caching nameserver + that's willing to answer when the build environment doesn't have a + resolver configuration, so that nss_wrapper's faking of the local + hostname can be complete + +* Mon Jul 1 2013 Nalin Dahyabhai 1.11.3-3 +- specify dependencies on the same arch of krb5-libs by using the %%{?_isa} + suffix, to avoid dragging 32-bit libraries onto 64-bit systems (#980155) + +* Thu Jun 13 2013 Nalin Dahyabhai 1.11.3-2 +- special-case /run/user/0, attempting to create it when resolving a + directory cache below it fails due to ENOENT and we find that it doesn't + already exist, either, before attempting to create the directory cache + (maybe helping, maybe just making things more confusing for #961235) + +* Tue Jun 4 2013 Nalin Dahyabhai 1.11.3-1 +- update to 1.11.3 + - drop patch for RT#7605, fixed in this release + - drop patch for CVE-2002-2443, fixed in this release + - drop patch for RT#7369, fixed in this release +- pull upstream fix for breaking t_skew.py by adding the patch for #961221 + +* Fri May 31 2013 Nalin Dahyabhai 1.11.2-10 +- respin with updated version of patch for RT#7650 (#969331) + +* Thu May 30 2013 Nalin Dahyabhai 1.11.2-9 +- don't forget to set the SELinux label when creating the directory for + a DIR: ccache +- pull in proposed fix for attempts to get initial creds, which end up + following referrals, incorrectly trying to always use master KDCs if + they talked to a master at any point (should fix RT#7650) + +* Thu May 30 2013 Nalin Dahyabhai 1.11.2-8 +- pull in patches from master to not test GSSRPC-over-UDP and to not + depend on the portmapper, which are areas where our build systems + often give us trouble, too + +* Tue May 28 2013 Nalin Dahyabhai 1.11.2-7 +- backport fix for not being able to verify the list of transited realms + in GSS acceptors (RT#7639, #959685) +- backport fix for not being able to pass an empty password to the + get-init-creds APIs and have them actually use it (RT#7642, #960001) +- add backported proposed fix to use the unauthenticated server time + as the basis for computing the requested credential expiration times, + rather than the client's idea of the current time, which could be + significantly incorrect (#961221) + +* Tue May 21 2013 Nalin Dahyabhai 1.11.2-6 +- pull in upstream fix to start treating a KRB5CCNAME value that begins + with DIR:: the same as it would a DIR: value with just one ccache file + in it (RT#7172, #965574) + +* Mon May 13 2013 Nalin Dahyabhai 1.11.2-5 +- pull up fix for UDP ping-pong flaw in kpasswd service (CVE-2002-2443, + #962531,#962534) + +* Mon Apr 29 2013 Nathaniel McCallum 1.11.2-4 +- Update otp patches +- Merge otp patches into a single patch +- Add keycheck patch + +* Tue Apr 23 2013 Nalin Dahyabhai 1.11.2-3 +- pull the changing of the compiled-in default ccache location to + DIR:/run/user/%%{uid}/krb5cc back into F19, in line with SSSD and + the most recent pam_krb5 build + +* Wed Apr 17 2013 Nalin Dahyabhai 1.11.2-2 +- correct some configuration file paths which the KDC_DIR patch missed + +* Mon Apr 15 2013 Nalin Dahyabhai 1.11.2-1 +- update to 1.11.2 + - drop pulled in patch for RT#7586, included in this release + - drop pulled in patch for RT#7592, included in this release +- pull in fix for keeping track of the message type when parsing FAST requests + in the KDC (RT#7605, #951843) (also #951965) + +* Fri Apr 12 2013 Nalin Dahyabhai 1.11.1-9 +- move the compiled-in default ccache location from the previous default of + FILE:/tmp/krb5cc_%%{uid} to DIR:/run/user/%%{uid}/krb5cc (part of #949588) + +* Tue Apr 09 2013 Nathaniel McCallum - 1.11.1-8 +- Update otp backport patches (libk5radius => libkrad) + +* Wed Apr 3 2013 Nalin Dahyabhai 1.11.1-7 +- when testing the RPC library, treat denials from the local portmapper the + same as a portmapper-not-running situation, to allow other library tests + to be run while building the package + +* Thu Mar 28 2013 Nalin Dahyabhai 1.11.1-6 +- create and own /var/kerberos/krb5/user instead of /var/kerberos/kdc/user, + since that's what the libraries actually look for +- add buildrequires on nss-myhostname, in an attempt to get more of the tests + to run properly during builds +- pull in Simo's patch to recognize "client_keytab" as a key type which can + be passed in to gss_acquire_cred_from() (RT#7598) + +* Tue Mar 26 2013 Nalin Dahyabhai 1.11.1-5 +- pull up Simo's patch to mark the correct mechanism on imported GSSAPI + contexts (RT#7592) +- go back to using reconf to run autoconf and autoheader (part of #925640) +- add temporary patch to use newer config.guess/config.sub (more of #925640) + +* Mon Mar 18 2013 Nalin Dahyabhai +- fix a version comparison to expect newer texlive build requirements when + %%{_rhel} > 6 rather than when it's > 7 + +* Mon Mar 11 2013 Nathaniel McCallum 1.11.1-4 +- Add libverto-devel requires for krb5-devel +- Add otp support + +* Thu Feb 28 2013 Nalin Dahyabhai 1.11.1-3 +- fix a memory leak when acquiring credentials using a keytab (RT#7586, #911110) + +* Wed Feb 27 2013 Nalin Dahyabhai 1.11.1-2 +- prebuild PDF docs to reduce multilib differences (internal tooling, #884065) +- drop the kerberos-iv portreserve file, and drop the rest on systemd systems +- escape uses of macros in comments (more of #884065) + +* Mon Feb 25 2013 Nalin Dahyabhai 1.11.1-1 +- update to 1.11.1 + - drop patch for noticing negative timeouts being passed to the poll() + wrapper in the client transmit functions + +* Fri Feb 8 2013 Nalin Dahyabhai 1.11-2 +- set "rdns = false" in the default krb5.conf (#908323,#908324) + +* Tue Dec 18 2012 Nalin Dahyabhai 1.11-1 +- update to 1.11 release + +* Thu Dec 13 2012 Nalin Dahyabhai 1.11-0.beta2.0 +- update to 1.11 beta 2 + +* Thu Dec 13 2012 Nalin Dahyabhai +- when building with our bundled copy of libverto, package it in with -libs + rather than with -server (#886049) + +* Wed Nov 21 2012 Nalin Dahyabhai 1.11-0.beta1.0 +- update to 1.11 beta 1 + +* Fri Nov 16 2012 Nalin Dahyabhai 1.11-0.alpha1.1 +- handle releases where texlive packaging wasn't yet as complicated as it + is in Fedora 18 +- fix an uninitialized-variable error building one of the test programs + +* Fri Nov 16 2012 Nalin Dahyabhai 1.11-0.alpha1.0 +- move the rather large pile of html and pdf docs to -workstation, so + that just having something that links to the libraries won't drag + them onto a system, and we avoid having to sort out hard-coded paths + that include %%{_libdir} showing up in docs in multilib packages +- actually create %%{_var}/kerberos/kdc/user, so that it can be packaged +- correct the list of packaged man pages +- don't dummy up required tex stylesheets, require them +- require pdflatex and makeindex + +* Thu Nov 15 2012 Nalin Dahyabhai +- update to 1.11 alpha 1 + - drop backported patch for RT #7406 + - drop backported patch for RT #7407 + - drop backported patch for RT #7408 + - the new docs system generates PDFs, so stop including them as sources + - drop backported patch to allow deltat.y to build with the usual + warning flags and the current gcc + - drop backported fix for disabling use of a replay cache when verifying + initial credentials + - drop backported fix for teaching PKINIT clients which trust the KDC's + certificate directly to verify signed-data messages that are signed with + the KDC's certificate, when the blobs don't include a copy of the KDC's + certificate + - drop backported patches to make keytab-based authentication attempts + work better when the client tells the KDC that it supports a particular + cipher, but doesn't have a key for it in the keytab + - drop backported fix for avoiding spurious clock skew when a TGT is + decrypted long after the KDC sent it to the client which decrypts it + - move the cross-referenced HTML docs into the -libs package to avoid + broken internal links + - drop patches to fixup paths in man pages, shouldn't be needed any more + +* Wed Oct 17 2012 Nalin Dahyabhai 1.10.3-7 +- tag a couple of other patches which we still need to be applied during + %%{?_rawbuild} builds (zmraz) + +* Tue Sep 25 2012 Nalin Dahyabhai 1.10.3-6 +- actually pull up the patch for RT#7063, and not some other ticket (#773496) + +* Mon Sep 10 2012 Nalin Dahyabhai 1.10.3-5 +- add patch based on one from Filip Krska to not call poll() with a negative + timeout when the caller's intent is for us to just stop calling it (#838548) + +* Fri Sep 7 2012 Nalin Dahyabhai +- on EL6, conflict with libsmbclient before 3.5.10-124, which is when it + stopped linking with a symbol which we no longer export (#771687) +- pull up patch for RT#7063, in which not noticing a prompt for a long + time throws the client library's idea of the time difference between it + and the KDC really far out of whack (#773496) +- add a backport of more patches to set the client's list of supported enctypes + when using a keytab to be the list of types of keys in the keytab, plus the + list of other types the client supports but for which it doesn't have keys, + in that order, so that KDCs have a better chance of being able to issue + tickets with session keys of types that the client can use (#837855) + +* Thu Sep 6 2012 Nalin Dahyabhai 1.10.3-4 +- cut down the number of times we load SELinux labeling configuration from + a minimum of two times to actually one (more of #845125) + +* Thu Aug 30 2012 Nalin Dahyabhai 1.10.3-3 +- backport patch to disable replay detection in krb5_verify_init_creds() + while reading the AP-REQ that's generated in the same function (RT#7229) + +* Thu Aug 30 2012 Nalin Dahyabhai 1.10.3-2 +- undo rename from krb5-pkinit-openssl to krb5-pkinit on EL6 +- version the Obsoletes: on the krb5-pkinit-openssl to krb5-pkinit rename +- reintroduce the init scripts for non-systemd releases +- forward-port %%{?_rawbuild} annotations from EL6 packaging + +* Thu Aug 9 2012 Nalin Dahyabhai 1.10.3-1 +- update to 1.10.3, rolling in the fixes from MITKRB5-SA-2012-001 + +* Thu Aug 2 2012 Nalin Dahyabhai 1.10.2-7 +- selinux: hang on to the list of selinux contexts, freeing and reloading + it only when the file we read it from is modified, freeing it when the + shared library is being unloaded (#845125) + +* Thu Aug 2 2012 Nalin Dahyabhai 1.10.2-6 +- go back to not messing with library file paths on Fedora 17: it breaks + file path dependencies in other packages, and since Fedora 17 is already + released, breaking that is our fault + +* Tue Jul 31 2012 Nalin Dahyabhai 1.10.2-5 +- add upstream patch to fix freeing an uninitialized pointer and dereferencing + another uninitialized pointer in the KDC (MITKRB5-SA-2012-001, CVE-2012-1014 + and CVE-2012-1015, #844779 and #844777) +- fix a thinko in whether or not we mess around with devel .so symlinks on + systems without a separate /usr (sbose) + +* Fri Jul 27 2012 Fedora Release Engineering - 1.10.2-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Fri Jun 22 2012 Nalin Dahyabhai 1.10.2-3 +- backport a fix to allow a PKINIT client to handle SignedData from a KDC + that's signed with a certificate that isn't in the SignedData, but which + is available as an anchor or intermediate on the client (RT#7183) + +* Tue Jun 5 2012 Nalin Dahyabhai 1.10.2-2 +- back out this labeling change (dwalsh): + - when building the new label for a file we're about to create, also mix + in the current range, in addition to the current user + +* Fri Jun 1 2012 Nalin Dahyabhai 1.10.2-1 +- update to 1.10.2 + - when building the new label for a file we're about to create, also mix + in the current range, in addition to the current user + - also package the PDF format admin, user, and install guides + - drop some PDFs that no longer get built right +- add a backport of Stef's patch to set the client's list of supported + enctypes to match the types of keys that we have when we are using a + keytab to try to get initial credentials, so that a KDC won't send us + an AS reply that we can't encrypt (RT#2131, #748528) +- don't shuffle around any shared libraries on releases with no-separate-/usr, + since /usr/lib is the same place as /lib +- add explicit buildrequires: on 'hostname', for the tests, on systems where + it's in its own package, and require net-tools, which used to provide the + command, everywhere + +* Mon May 7 2012 Nalin Dahyabhai +- skip the setfscreatecon() if fopen() is passed "rb" as the open mode (part + of #819115) + +* Tue May 1 2012 Nalin Dahyabhai 1.10.1-3 +- have -server require /usr/share/dict/words, which we set as the default + dict_file in kdc.conf (#817089) + +* Tue Mar 20 2012 Nalin Dahyabhai 1.10.1-2 +- change back dns_lookup_kdc to the default setting (Stef Walter, #805318) +- comment out example.com examples in default krb5.conf (Stef Walter, #805320) + +* Fri Mar 9 2012 Nalin Dahyabhai 1.10.1-1 +- update to 1.10.1 + - drop the KDC crash fix + - drop the KDC lookaside cache fix + - drop the fix for kadmind RPC ACLs (CVE-2012-1012) + +* Wed Mar 7 2012 Nalin Dahyabhai 1.10-5 +- when removing -workstation, remove our files from the info index while + the file is still there, in %%preun, rather than %%postun, and use the + compressed file's name (#801035) + +* Tue Feb 21 2012 Nathaniel McCallum - 1.10-4 +- Fix string RPC ACLs (RT#7093); CVE-2012-1012 + +* Tue Jan 31 2012 Nathaniel McCallum - 1.10-3 +- Add upstream lookaside cache behavior fix (RT#7082) + +* Mon Jan 30 2012 Nalin Dahyabhai 1.10-2 +- add patch to accept keytab entries with vno==0 as matches when we're + searching for an entry with a specific name/kvno (#230382/#782211,RT#3349) + +* Mon Jan 30 2012 Nalin Dahyabhai 1.10-1 +- update to 1.10 final + +* Thu Jan 26 2012 Nathaniel McCallum - 1.10-0.beta1.2 +- Add upstream crashfix patch (RT#7081) + +* Thu Jan 12 2012 Nalin Dahyabhai 1.10-0.beta1.1 +- update to beta 1 + +* Wed Jan 11 2012 Peter Robinson +- mktemp was long obsoleted by coreutils + +* Wed Jan 4 2012 Nalin Dahyabhai 1.10-0.alpha2.2 +- modify the deltat grammar to also tell gcc (4.7) to suppress + "maybe-uninitialized" warnings in addition to the "uninitialized" warnings + it's already being told to suppress (RT#7080) + +* Tue Dec 20 2011 Nalin Dahyabhai 1.10-0.alpha2.1 +- update to alpha 2 +- drop a couple of patches which were integrated for alpha 2 + +* Tue Dec 13 2011 Nalin Dahyabhai 1.10-0.alpha1.3 +- pull in patch for RT#7046: tag a ccache containing credentials obtained via + S4U2Proxy with the principal name of the proxying principal (part of #761317) + so that the default principal name can be set to that of the client for which + it is proxying, which results in the ccache looking more normal to consumers + of the ccache that don't care that there's proxying going on +- pull in patch for RT#7047: allow tickets obtained via S4U2Proxy to be cached + (more of #761317) +- pull in patch for RT#7048: allow PAC verification to only bother trying to + verify the signature with keys that it's given (still more of #761317) + +* Tue Dec 6 2011 Nalin Dahyabhai 1.10-0.alpha1.2 +- apply upstream patch to fix a null pointer dereference when processing + TGS requests (CVE-2011-1530, #753748) + +* Wed Nov 30 2011 Nalin Dahyabhai 1.10-0.alpha1.1 +- correct a bug in the fix for #754001 so that the file creation context is + consistently reset + +* Tue Nov 15 2011 Nalin Dahyabhai 1.10-0.alpha1.0 +- update to 1.10 alpha 1 +- on newer releases where we can assume NSS >= 3.13, configure PKINIT to build + using NSS +- on newer releases where we build PKINIT using NSS, configure libk5crypto to + build using NSS +- rename krb5-pkinit-openssl to krb5-pkinit on newer releases where we're + expecting to build PKINIT using NSS instead +- during %%check, run check in the library and kdc subdirectories, which + should be able to run inside of the build system without issue + +* Wed Oct 26 2011 Fedora Release Engineering - 1.9.1-19 +- Rebuilt for glibc bug#747377 + +* Tue Oct 18 2011 Nalin Dahyabhai 1.9.1-18 +- apply upstream patch to fix a null pointer dereference with the LDAP kdb + backend (CVE-2011-1527, #744125), an assertion failure with multiple kdb + backends (CVE-2011-1528), and a null pointer dereference with multiple kdb + backends (CVE-2011-1529) (#737711) + +* Thu Oct 13 2011 Nalin Dahyabhai 1.9.1-17 +- pull in patch from trunk to rename krb5int_pac_sign() to krb5_pac_sign() and + make it public (#745533) + +* Fri Oct 7 2011 Nalin Dahyabhai 1.9.1-16 +- kadmin.service: fix #723723 again +- kadmin.service,krb5kdc.service: remove optional use of $KRB5REALM in command + lines, because systemd parsing doesn't handle alternate value shell variable + syntax +- kprop.service: add missing Type=forking so that systemd doesn't assume simple +- kprop.service: expect the ACL configuration to be there, not absent +- handle a harder-to-trigger assertion failure that starts cropping up when we + exit the transmit loop on time (#739853) + +* Sun Oct 2 2011 Tom Callaway 1.9.1-15 +- hardcode pid file as option in krb5kdc.service + +* Fri Sep 30 2011 Tom Callaway 1.9.1-14 +- fix pid path in krb5kdc.service + +* Mon Sep 19 2011 Tom Callaway 1.9.1-13 +- convert to systemd + +* Tue Sep 6 2011 Nalin Dahyabhai 1.9.1-12 +- pull in upstream patch for RT#6952, confusion following referrals for + cross-realm auth (#734341) +- pull in build-time deps for the tests + +* Thu Sep 1 2011 Nalin Dahyabhai 1.9.1-11 +- switch to the upstream patch for #727829 + +* Wed Aug 31 2011 Nalin Dahyabhai 1.9.1-10 +- handle an assertion failure that starts cropping up when the patch for + using poll (#701446) meets servers that aren't running KDCs or against + which the connection fails for other reasons (#727829, #734172) + +* Mon Aug 8 2011 Nalin Dahyabhai 1.9.1-9 +- override the default build rules to not delete temporary y.tab.c files, + so that they can be packaged, allowing debuginfo files which point to them + do so usefully (#729044) + +* Fri Jul 22 2011 Nalin Dahyabhai 1.9.1-8 +- build shared libraries with partial RELRO support (#723995) +- filter out potentially multiple instances of -Wl,-z,relro from krb5-config + output, now that it's in the buildroot's default LDFLAGS +- pull in a patch to fix losing track of the replay cache FD, from SVN by + way of Kevin Coffman + +* Wed Jul 20 2011 Nalin Dahyabhai 1.9.1-7 +- kadmind.init: drop the attempt to detect no-database-present errors (#723723), + which is too fragile in cases where the database has been manually moved or + is accessed through another kdb plugin + +* Tue Jul 19 2011 Nalin Dahyabhai 1.9.1-6 +- backport fixes to teach libkrb5 to use descriptors higher than FD_SETSIZE + to talk to a KDC by using poll() if it's detected at compile-time (#701446, + RT#6905) + +* Thu Jun 23 2011 Nalin Dahyabhai 1.9.1-5 +- pull a fix from SVN to try to avoid triggering a PTR lookup in getaddrinfo() + during krb5_sname_to_principal(), and to let getaddrinfo() decide whether or + not to ask for an IPv6 address based on the set of configured interfaces + (#717378, RT#6922) +- pull a fix from SVN to use AI_ADDRCONFIG more often (RT#6923) + +* Mon Jun 20 2011 Nalin Dahyabhai 1.9.1-4 +- apply upstream patch by way of Burt Holzman to fall back to a non-referral + method in cases where we might be derailed by a KDC that rejects the + canonicalize option (for example, those from the RHEL 2.1 or 3 era) (#715074) + +* Tue Jun 14 2011 Nalin Dahyabhai 1.9.1-3 +- pull a fix from SVN to get libgssrpc clients (e.g. kadmin) authenticating + using the old protocol over IPv4 again (RT#6920) + +* Tue Jun 14 2011 Nalin Dahyabhai +- incorporate a fix to teach the file labeling bits about when replay caches + are expunged (#576093) + +* Thu May 26 2011 Nalin Dahyabhai +- switch to the upstream patch for #707145 + +* Wed May 25 2011 Nalin Dahyabhai 1.9.1-2 +- klist: don't trip over referral entries when invoked with -s (#707145, + RT#6915) + +* Fri May 6 2011 Nalin Dahyabhai +- fixup URL in a comment +- when built with NSS, require 3.12.10 rather than 3.12.9 + +* Thu May 5 2011 Nalin Dahyabhai 1.9.1-1 +- update to 1.9.1: + - drop no-longer-needed patches for CVE-2010-4022, CVE-2011-0281, + CVE-2011-0282, CVE-2011-0283, CVE-2011-0284, CVE-2011-0285 + +* Wed Apr 13 2011 Nalin Dahyabhai 1.9-9 +- kadmind: add upstream patch to fix free() on an invalid pointer (#696343, + MITKRB5-SA-2011-004, CVE-2011-0285) + +* Mon Apr 4 2011 Nalin Dahyabhai +- don't discard the error code from an error message received in response + to a change-password request (#658871, RT#6893) + +* Fri Apr 1 2011 Nalin Dahyabhai +- override INSTALL_SETUID at build-time so that ksu is installed into + the buildroot with the right permissions (part of #225974) + +* Fri Mar 18 2011 Nalin Dahyabhai 1.9-8 +- backport change from SVN to fix a computed-value-not-used warning in + kpropd (#684065) + +* Tue Mar 15 2011 Nalin Dahyabhai 1.9-7 +- turn off NSS as the backend for libk5crypto for now to work around its + DES string2key not working (#679012) +- add revised upstream patch to fix double-free in KDC while returning + typed-data with errors (MITKRB5-SA-2011-003, CVE-2011-0284, #674325) + +* Thu Feb 17 2011 Nalin Dahyabhai +- throw in a not-applied-by-default patch to try to make pkinit debugging + into a run-time boolean option named "pkinit_debug" + +* Wed Feb 16 2011 Nalin Dahyabhai 1.9-6 +- turn on NSS as the backend for libk5crypto, adding nss-devel as a build + dependency when that switch is flipped + +* Wed Feb 9 2011 Nalin Dahyabhai 1.9-5 +- krb5kdc init script: prototype some changes to do a quick spot-check + of the TGS and kadmind keys and warn if there aren't any non-weak keys + on file for them (to flush out parts of #651466) + +* Tue Feb 8 2011 Nalin Dahyabhai 1.9-4 +- add upstream patches to fix standalone kpropd exiting if the per-client + child process exits with an error (MITKRB5-SA-2011-001), a hang or crash + in the KDC when using the LDAP kdb backend, and an uninitialized pointer + use in the KDC (MITKRB5-SA-2011-002) (CVE-2010-4022, #664009, + CVE-2011-0281, #668719, CVE-2011-0282, #668726, CVE-2011-0283, #676126) + +* Mon Feb 07 2011 Fedora Release Engineering - 1.9-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Mon Feb 7 2011 Nalin Dahyabhai +- fix a compile error in the SELinux labeling patch when -DDEBUG is used (Sumit + Bose) + +* Tue Feb 1 2011 Nalin Dahyabhai +- properly advertise that the kpropd init script now supports force-reload + (Zbysek Mraz, #630587) + +* Wed Jan 26 2011 Nalin Dahyabhai 1.9-2 +- pkinit: when verifying signed data, use the CMS APIs for better + interoperability (#636985, RT#6851) + +* Wed Dec 22 2010 Nalin Dahyabhai 1.9-1 +- update to 1.9 final + +* Mon Dec 20 2010 Nalin Dahyabhai 1.9-0.beta3.1 +- fix link flags and permissions on shared libraries (ausil) + +* Thu Dec 16 2010 Nalin Dahyabhai 1.9-0.beta3.0 +- update to 1.9 beta 3 + +* Mon Dec 6 2010 Nalin Dahyabhai 1.9-0.beta2.0 +- update to 1.9 beta 2 + +* Tue Nov 9 2010 Nalin Dahyabhai 1.9-0.beta1.1 +- drop not-needed-since-1.8 build dependency on rsh (ssorce) + +* Fri Nov 5 2010 Nalin Dahyabhai 1.9-0.beta1.0 +- start moving to 1.9 with beta 1 + - drop patches for RT#5755, RT#6762, RT#6774, RT#6775 + - drop no-longer-needed backport patch for #539423 + - drop no-longer-needed patch for CVE-2010-1322 +- if WITH_NSS is set, built with --with-crypto-impl=nss (requires NSS 3.12.9) + +* Tue Oct 5 2010 Nalin Dahyabhai 1.8.3-8 +- incorporate upstream patch to fix uninitialized pointer crash in the KDC's + authorization data handling (CVE-2010-1322, #636335) + +* Mon Oct 4 2010 Nalin Dahyabhai 1.8.3-7 +- rebuild + +* Mon Oct 4 2010 Nalin Dahyabhai 1.8.3-6 +- pull down patches from trunk to implement k5login_authoritative and + k5login_directory settings for krb5.conf (#539423) + +* Wed Sep 29 2010 jkeating - 1.8.3-5 +- Rebuilt for gcc bug 634757 + +* Wed Sep 15 2010 Nalin Dahyabhai 1.8.3-4 +- fix reading of keyUsage extensions when attempting to select pkinit client + certs (part of #629022, RT#6775) +- fix selection of pkinit client certs when one or more don't include a + subjectAltName extension (part of #629022, RT#6774) + +* Fri Sep 3 2010 Nalin Dahyabhai 1.8.3-3 +- build with -fstack-protector-all instead of the default -fstack-protector, + so that we add checking to more functions (i.e., all of them) (#629950) +- also link binaries with -Wl,-z,relro,-z,now (part of #629950) + +* Tue Aug 24 2010 Nalin Dahyabhai 1.8.3-2 +- fix a logic bug in computing key expiration times (RT#6762, #627022) + +* Wed Aug 4 2010 Nalin Dahyabhai 1.8.3-1 +- update to 1.8.3 + - drop backports of fixes for gss context expiration and error table + registration/deregistration mismatch + - drop patch for upstream #6750 + +* Wed Jul 7 2010 Nalin Dahyabhai 1.8.2-3 +- tell krb5kdc and kadmind to create pid files, since they can +- add logrotate configuration files for krb5kdc and kadmind (#462658) +- fix parsing of the pidfile option in the KDC (upstream #6750) + +* Mon Jun 21 2010 Nalin Dahyabhai 1.8.2-2 +- libgssapi: pull in patch from svn to stop returning context-expired errors + when the ticket which was used to set up the context expires (#605366, + upstream #6739) + +* Mon Jun 21 2010 Nalin Dahyabhai +- pull up fix for upstream #6745, in which the gssapi library would add the + wrong error table but subsequently attempt to unload the right one + +* Thu Jun 10 2010 Nalin Dahyabhai 1.8.2-1 +- update to 1.8.2 + - drop patches for CVE-2010-1320, CVE-2010-1321 + +* Tue Jun 1 2010 Nalin Dahyabhai 1.8.1-7 +- rebuild + +* Thu May 27 2010 Nalin Dahyabhai +- ksu: move session management calls to before we drop privileges, like + su does (#596887), and don't skip the PAM account check for root or the + same user (more of #540769) + +* Mon May 24 2010 Nalin Dahyabhai 1.8.1-6 +- make krb5-server-ldap also depend on the same version-release of krb5-libs, + as the other subpackages do, if only to make it clearer than it is when we + just do it through krb5-server +- drop explicit linking with libtinfo for applications that use libss, now + that readline itself links with libtinfo (as of readline-5.2-3, since + fedora 7 or so) +- go back to building without strict aliasing (compiler warnings in gssrpc) + +* Tue May 18 2010 Nalin Dahyabhai 1.8.1-5 +- add patch to correct GSSAPI library null pointer dereference which could be + triggered by malformed client requests (CVE-2010-1321, #582466) + +* Tue May 4 2010 Nalin Dahyabhai 1.8.1-4 +- fix output of kprop's init script's "status" and "reload" commands (#588222) + +* Tue Apr 20 2010 Nalin Dahyabhai 1.8.1-3 +- incorporate patch to fix double-free in the KDC (CVE-2010-1320, #581922) + +* Wed Apr 14 2010 Nalin Dahyabhai 1.8.1-2 +- fix a typo in kerberos.ldif + +* Fri Apr 9 2010 Nalin Dahyabhai 1.8.1-1 +- update to 1.8.1 + - no longer need patches for #555875, #561174, #563431, RT#6661, CVE-2010-0628 +- replace buildrequires on tetex-latex with one on texlive-latex, which is + the package that provides it now + +* Thu Apr 8 2010 Nalin Dahyabhai +- kdc.conf: no more need to suggest a v4 mode, or listening on the v4 port + +* Thu Apr 8 2010 Nalin Dahyabhai +- drop patch to suppress key expiration warnings sent from the KDC in + the last-req field, as the KDC is expected to just be configured to either + send them or not as a particular key approaches expiration (#556495) + +* Tue Mar 23 2010 Nalin Dahyabhai - 1.8-5 +- add upstream fix for denial-of-service in SPNEGO (CVE-2010-0628, #576325) +- kdc.conf: no more need to suggest keeping keys with v4-compatible salting + +* Fri Mar 19 2010 Nalin Dahyabhai - 1.8-4 +- remove the krb5-appl bits (the -workstation-clients and -workstation-servers + subpackages) now that krb5-appl is its own package +- replace our patch for #563431 (kpasswd doesn't fall back to guessing your + principal name using your user name if you don't have a ccache) with the + one upstream uses + +* Fri Mar 12 2010 Nalin Dahyabhai - 1.8-3 +- add documentation for the ticket_lifetime option (#561174) + +* Mon Mar 8 2010 Nalin Dahyabhai - 1.8-2 +- pull up patch to get the client libraries to correctly perform password + changes over IPv6 (Sumit Bose, RT#6661) + +* Fri Mar 5 2010 Nalin Dahyabhai - 1.8-1 +- update to 1.8 + - temporarily bundling the krb5-appl package (split upstream as of 1.8) + until its package review is complete + - profile.d scriptlets are now only needed by -workstation-clients + - adjust paths in init scripts + - drop upstreamed fix for KDC denial of service (CVE-2010-0283) + - drop patch to check the user's password correctly using crypt(), which + isn't a code path we hit when we're using PAM + +* Wed Mar 3 2010 Nalin Dahyabhai - 1.7.1-6 +- fix a null pointer dereference and crash introduced in our PAM patch that + would happen if ftpd was given the name of a user who wasn't known to the + local system, limited to being triggerable by gssapi-authenticated clients by + the default xinetd config (Olivier Fourdan, #569472) + +* Tue Mar 2 2010 Nalin Dahyabhai - 1.7.1-5 +- fix a regression (not labeling a kdb database lock file correctly, #569902) + +* Thu Feb 25 2010 Nalin Dahyabhai - 1.7.1-4 +- move the package changelog to the end to match the usual style (jdennis) +- scrub out references to RPM_SOURCE_DIR (jdennis) +- include a symlink to the readme with the name LICENSE so that people can + find it more easily (jdennis) + +* Wed Feb 17 2010 Nalin Dahyabhai - 1.7.1-3 +- pull up the change to make kpasswd's behavior better match the docs + when there's no ccache (#563431) + +* Tue Feb 16 2010 Nalin Dahyabhai - 1.7.1-2 +- apply patch from upstream to fix KDC denial of service (CVE-2010-0283, + #566002) + +* Wed Feb 3 2010 Nalin Dahyabhai - 1.7.1-1 +- update to 1.7.1 + - don't trip AD lockout on wrong password (#542687, #554351) + - incorporates fixes for CVE-2009-4212 and CVE-2009-3295 + - fixes gss_krb5_copy_ccache() when SPNEGO is used +- move sim_client/sim_server, gss-client/gss-server, uuclient/uuserver to + the devel subpackage, better lining up with the expected krb5/krb5-appl + split in 1.8 +- drop kvno,kadmin,k5srvutil,ktutil from -workstation-servers, as it already + depends on -workstation which also includes them + +* Mon Jan 25 2010 Nalin Dahyabhai - 1.7-23 +- tighten up default permissions on kdc.conf and kadm5.acl (#558343) + +* Fri Jan 22 2010 Nalin Dahyabhai - 1.7-22 +- use portreserve correctly -- portrelease takes the basename of the file + whose entries should be released, so we need three files, not one + +* Mon Jan 18 2010 Nalin Dahyabhai - 1.7-21 +- suppress warnings of impending password expiration if expiration is more than + seven days away when the KDC reports it via the last-req field, just as we + already do when it reports expiration via the key-expiration field (#556495) +- link with libtinfo rather than libncurses, when we can, in future RHEL + +* Fri Jan 15 2010 Nalin Dahyabhai - 1.7-20 +- krb5_get_init_creds_password: check opte->flags instead of options->flags + when checking whether or not we get to use the prompter callback (#555875) + +* Thu Jan 14 2010 Nalin Dahyabhai - 1.7-19 +- use portreserve to make sure the KDC can always bind to the kerberos-iv + port, kpropd can always bind to the krb5_prop port, and that kadmind can + always bind to the kerberos-adm port (#555279) +- correct inadvertent use of macros in the changelog (rpmlint) + +* Tue Jan 12 2010 Nalin Dahyabhai - 1.7-18 +- add upstream patch for integer underflow during AES and RC4 decryption + (CVE-2009-4212), via Tom Yu (#545015) + +* Wed Jan 6 2010 Nalin Dahyabhai - 1.7-17 +- put the conditional back for the -devel subpackage +- back down to the earlier version of the patch for #551764; the backported + alternate version was incomplete + +* Tue Jan 5 2010 Nalin Dahyabhai - 1.7-16 +- use %%global instead of %%define +- pull up proposed patch for creating previously-not-there lock files for + kdb databases when 'kdb5_util' is called to 'load' (#551764) + +* Mon Jan 4 2010 Dennis Gregorovic +- fix conditional for future RHEL + +* Mon Jan 4 2010 Nalin Dahyabhai - 1.7-15 +- add upstream patch for KDC crash during referral processing (CVE-2009-3295), + via Tom Yu (#545002) + +* Mon Dec 21 2009 Nalin Dahyabhai - 1.7-14 +- refresh patch for #542868 from trunk + +* Thu Dec 10 2009 Nalin Dahyabhai +- move man pages that live in the -libs subpackage into the regular + %%{_mandir} tree where they'll still be found if that package is the + only one installed (#529319) + +* Wed Dec 9 2009 Nalin Dahyabhai - 1.7-13 +- and put it back in + +* Tue Dec 8 2009 Nalin Dahyabhai +- back that last change out + +* Tue Dec 8 2009 Nalin Dahyabhai - 1.7-12 +- try to make gss_krb5_copy_ccache() work correctly for spnego (#542868) + +* Fri Dec 4 2009 Nalin Dahyabhai +- make krb5-config suppress CFLAGS output when called with --libs (#544391) + +* Thu Dec 3 2009 Nalin Dahyabhai - 1.7-11 +- ksu: move account management checks to before we drop privileges, like + su does (#540769) +- selinux: set the user part of file creation contexts to match the current + context instead of what we looked up +- configure with --enable-dns-for-realm instead of --enable-dns, which isn't + recognized any more + +* Fri Nov 20 2009 Nalin Dahyabhai - 1.7-10 +- move /etc/pam.d/ksu from krb5-workstation-servers to krb5-workstation, + where it's actually needed (#538703) + +* Fri Oct 23 2009 Nalin Dahyabhai - 1.7-9 +- add some conditional logic to simplify building on older Fedora releases + +* Tue Oct 13 2009 Nalin Dahyabhai +- don't forget the README + +* Mon Sep 14 2009 Nalin Dahyabhai - 1.7-8 +- specify the location of the subsystem lock when using the status() function + in the kadmind and kpropd init scripts, so that we get the right error when + we're dead but have a lock file - requires initscripts 8.99 (#521772) + +* Tue Sep 8 2009 Nalin Dahyabhai +- if the init script fails to start krb5kdc/kadmind/kpropd because it's already + running (according to status()), return 0 (part of #521772) + +* Mon Aug 24 2009 Nalin Dahyabhai - 1.7-7 +- work around a compile problem with new openssl + +* Fri Aug 21 2009 Tomas Mraz - 1.7-6 +- rebuilt with new openssl + +* Fri Jul 24 2009 Fedora Release Engineering - 1.7-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Tue Jul 7 2009 Nalin Dahyabhai 1.7-5 +- rebuild to pick up the current forms of various patches + +* Mon Jul 6 2009 Nalin Dahyabhai +- simplify the man pages patch by only preprocessing the files we care about + and moving shared configure.in logic into a shared function +- catch the case of ftpd printing file sizes using %%i, when they might be + bigger than an int now + +* Tue Jun 30 2009 Nalin Dahyabhai 1.7-4 +- try to merge and clean up all the large file support for ftp and rcp + - ftpd no longer prints a negative length when sending a large file + from a 32-bit host + +* Tue Jun 30 2009 Nalin Dahyabhai +- pam_rhosts_auth.so's been gone, use pam_rhosts.so instead + +* Mon Jun 29 2009 Nalin Dahyabhai 1.7-3 +- switch buildrequires: and requires: on e2fsprogs-devel into + buildrequires: and requires: on libss-devel, libcom_err-devel, per + sandeen on fedora-devel-list + +* Fri Jun 26 2009 Nalin Dahyabhai +- fix a type mismatch in krb5_copy_error_message() +- ftp: fix some odd use of strlen() +- selinux labeling: use selabel_open() family of functions rather than + matchpathcon(), bail on it if attempting to get the mutex lock fails + +* Tue Jun 16 2009 Nalin Dahyabhai +- compile with %%{?_smp_mflags} (Steve Grubb) +- drop the bit where we munge part of the error table header, as it's not + needed any more + +* Fri Jun 5 2009 Nalin Dahyabhai 1.7-2 +- add and own %%{_libdir}/krb5/plugins/authdata + +* Thu Jun 4 2009 Nalin Dahyabhai 1.7-1 +- update to 1.7 + - no need to work around build issues with ASN1BUF_OMIT_INLINE_FUNCS + - configure recognizes --enable/--disable-pkinit now + - configure can take --disable-rpath now + - no more libdes425, krb524d, krb425.info + - kadmin/k5srvutil/ktutil are user commands now + - new kproplog + - FAST encrypted-challenge plugin is new +- drop static build logic +- drop pam_krb5-specific configuration from the default krb5.conf +- drop only-use-v5 flags being passed to various things started by xinetd +- put %%{krb5prefix}/sbin in everyone's path, too (#504525) + +* Tue May 19 2009 Nalin Dahyabhai 1.6.3-106 +- add an auth stack to ksu's PAM configuration so that pam_setcred() calls + won't just fail + +* Mon May 11 2009 Nalin Dahyabhai 1.6.3-105 +- make PAM support for ksu also set PAM_RUSER + +* Thu Apr 23 2009 Nalin Dahyabhai 1.6.3-104 +- extend PAM support to ksu: perform account and session management for the + target user +- pull up and merge James Leddy's changes to also set PAM_RHOST in PAM-aware + network-facing services + +* Tue Apr 21 2009 Nalin Dahyabhai 1.6.3-103 +- fix a typo in a ksu error message (Marek Mahut) +- "rev" works the way the test suite expects now, so don't disable tests + that use it + +* Mon Apr 20 2009 Nalin Dahyabhai 1.6.3-102 +- add LSB-style init script info + +* Fri Apr 17 2009 Nalin Dahyabhai +- explicitly run the pdf generation script using sh (part of #225974) + +* Tue Apr 7 2009 Nalin Dahyabhai 1.6.3-101 +- add patches for read overflow and null pointer dereference in the + implementation of the SPNEGO mechanism (CVE-2009-0844, CVE-2009-0845) +- add patch for attempt to free uninitialized pointer in libkrb5 + (CVE-2009-0846) +- add patch to fix length validation bug in libkrb5 (CVE-2009-0847) +- put the krb5-user .info file into just -workstation and not also + -workstation-clients + +* Mon Apr 6 2009 Nalin Dahyabhai 1.6.3-100 +- turn off krb4 support (it won't be part of the 1.7 release, but do it now) +- use triggeruns to properly shut down and disable krb524d when -server and + -workstation-servers gets upgraded, because it's gone now +- move the libraries to /%%{_lib}, but leave --libdir alone so that plugins + get installed and are searched for in the same locations (#473333) +- clean up buildprereq/prereqs, explicit mktemp requires, and add the + ldconfig for the -server-ldap subpackage (part of #225974) +- escape possible macros in the changelog (part of #225974) +- fixup summary texts (part of #225974) +- take the execute bit off of the protocol docs (part of #225974) +- unflag init scripts as configuration files (part of #225974) +- make the kpropd init script treat 'reload' as 'restart' (part of #225974) + +* Tue Mar 17 2009 Nalin Dahyabhai 1.6.3-19 +- libgssapi_krb5: backport fix for some errors which can occur when + we fail to set up the server half of a context (CVE-2009-0845) + +* Wed Feb 25 2009 Fedora Release Engineering - 1.6.3-18 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Fri Jan 16 2009 Nalin Dahyabhai 1.6.3-17 +- rebuild + +* Thu Sep 4 2008 Nalin Dahyabhai +- if we successfully change the user's password during an attempt to get + initial credentials, but then fail to get initial creds from a non-master + using the new password, retry against the master (#432334) + +* Tue Aug 5 2008 Tom "spot" Callaway 1.6.3-16 +- fix license tag + +* Wed Jul 16 2008 Nalin Dahyabhai +- clear fuzz out of patches, dropping a man page patch which is no longer + necessary +- quote %%{__cc} where needed because it includes whitespace now +- define ASN1BUF_OMIT_INLINE_FUNCS at compile-time (for now) to keep building + +* Fri Jul 11 2008 Nalin Dahyabhai 1.6.3-15 +- build with -fno-strict-aliasing, which is needed because the library + triggers these warnings +- don't forget to label principal database lock files +- fix the labeling patch so that it doesn't break bootstrapping + +* Sat Jun 14 2008 Tom "spot" Callaway 1.6.3-14 +- generate src/include/krb5/krb5.h before building +- fix conditional for sparcv9 + +* Wed Apr 16 2008 Nalin Dahyabhai 1.6.3-13 +- ftp: use the correct local filename during mget when the 'case' option is + enabled (#442713) + +* Fri Apr 4 2008 Nalin Dahyabhai 1.6.3-12 +- stop exporting kadmin keys to a keytab file when kadmind starts -- the + daemon's been able to use the database directly for a long long time now +- belatedly add aes128,aes256 to the default set of supported key types + +* Tue Apr 1 2008 Nalin Dahyabhai 1.6.3-11 +- libgssapi_krb5: properly export the acceptor subkey when creating a lucid + context (Kevin Coffman, via the nfs4 mailing list) + +* Tue Mar 18 2008 Nalin Dahyabhai 1.6.3-10 +- add fixes from MITKRB5-SA-2008-001 for use of null or dangling pointer + when v4 compatibility is enabled on the KDC (CVE-2008-0062, CVE-2008-0063, + #432620, #432621) +- add fixes from MITKRB5-SA-2008-002 for array out-of-bounds accesses when + high-numbered descriptors are used (CVE-2008-0947, #433596) +- add backport bug fix for an attempt to free non-heap memory in + libgssapi_krb5 (CVE-2007-5901, #415321) +- add backport bug fix for a double-free in out-of-memory situations in + libgssapi_krb5 (CVE-2007-5971, #415351) + +* Tue Mar 18 2008 Nalin Dahyabhai 1.6.3-9 +- rework file labeling patch to not depend on fragile preprocessor trickery, + in another attempt at fixing #428355 and friends + +* Tue Feb 26 2008 Nalin Dahyabhai 1.6.3-8 +- ftp: add patch to fix "runique on" case when globbing fixes applied +- stop adding a redundant but harmless call to initialize the gssapi internals + +* Mon Feb 25 2008 Nalin Dahyabhai +- add patch to suppress double-processing of /etc/krb5.conf when we build + with --sysconfdir=/etc, thereby suppressing double-logging (#231147) + +* Mon Feb 25 2008 Nalin Dahyabhai +- remove a patch, to fix problems with interfaces which are "up" but which + have no address assigned, which conflicted with a different fix for the same + problem in 1.5 (#200979) + +* Mon Feb 25 2008 Nalin Dahyabhai +- ftp: don't lose track of a descriptor on passive get when the server fails to + open a file + +* Mon Feb 25 2008 Nalin Dahyabhai +- in login, allow PAM to interact with the user when they've been strongly + authenticated +- in login, signal PAM when we're changing an expired password that it's an + expired password, so that when cracklib flags a password as being weak it's + treated as an error even if we're running as root + +* Mon Feb 18 2008 Nalin Dahyabhai 1.6.3-7 +- drop netdb patch +- kdb_ldap: add patch to treat 'nsAccountLock: true' as an indication that + the DISALLOW_ALL_TIX flag is set on an entry, for better interop with Fedora, + Netscape, Red Hat Directory Server (Simo Sorce) + +* Wed Feb 13 2008 Nalin Dahyabhai 1.6.3-6 +- patch to avoid depending on to define NI_MAXHOST and NI_MAXSERV + +* Tue Feb 12 2008 Nalin Dahyabhai 1.6.3-5 +- enable patch for key-expiration reporting +- enable patch to make kpasswd fall back to TCP if UDP fails (#251206) +- enable patch to make kpasswd use the right sequence number on retransmit +- enable patch to allow mech-specific creds delegated under spnego to be found + when searching for creds + +* Wed Jan 2 2008 Nalin Dahyabhai 1.6.3-4 +- some init script cleanups + - drop unquoted check and silent exit for "$NETWORKING" (#426852, #242502) + - krb524: don't barf on missing database if it looks like we're using kldap, + same as for kadmin + - return non-zero status for missing files which cause startup to + fail (#242502) + +* Tue Dec 18 2007 Nalin Dahyabhai 1.6.3-3 +- allocate space for the nul-terminator in the local pathname when looking up + a file context, and properly free a previous context (Jose Plans, #426085) + +* Wed Dec 5 2007 Nalin Dahyabhai 1.6.3-2 +- rebuild + +* Tue Oct 23 2007 Nalin Dahyabhai 1.6.3-1 +- update to 1.6.3, dropping now-integrated patches for CVE-2007-3999 + and CVE-2007-4000 (the new pkinit module is built conditionally and goes + into the -pkinit-openssl package, at least for now, to make a buildreq + loop with openssl avoidable) + +* Wed Oct 17 2007 Nalin Dahyabhai 1.6.2-10 +- make proper use of pam_loginuid and pam_selinux in rshd and ftpd + +* Fri Oct 12 2007 Nalin Dahyabhai +- make krb5.conf %%verify(not md5 size mtime) in addition to + %%config(noreplace), like /etc/nsswitch.conf (#329811) + +* Mon Oct 1 2007 Nalin Dahyabhai 1.6.2-9 +- apply the fix for CVE-2007-4000 instead of the experimental patch for + setting ok-as-delegate flags + +* Tue Sep 11 2007 Nalin Dahyabhai 1.6.2-8 +- move the db2 kdb plugin from -server to -libs, because a multilib libkdb + might need it + +* Tue Sep 11 2007 Nalin Dahyabhai 1.6.2-7 +- also perform PAM session and credential management when ftpd accepts a + client using strong authentication, missed earlier +- also label kadmind log files and files created by the db2 plugin + +* Thu Sep 6 2007 Nalin Dahyabhai 1.6.2-6 +- incorporate updated fix for CVE-2007-3999 (CVE-2007-4743) +- fix incorrect call to "test" in the kadmin init script (#252322,#287291) + +* Tue Sep 4 2007 Nalin Dahyabhai 1.6.2-5 +- incorporate fixes for MITKRB5-SA-2007-006 (CVE-2007-3999, CVE-2007-4000) + +* Sat Aug 25 2007 Nalin Dahyabhai 1.6.2-4 +- cover more cases in labeling files on creation +- add missing gawk build dependency + +* Thu Aug 23 2007 Nalin Dahyabhai 1.6.2-3 +- rebuild + +* Thu Jul 26 2007 Nalin Dahyabhai 1.6.2-2 +- kdc.conf: default to listening for TCP clients, too (#248415) + +* Thu Jul 19 2007 Nalin Dahyabhai 1.6.2-1 +- update to 1.6.2 +- add "buildrequires: texinfo-tex" to get texi2pdf + +* Wed Jun 27 2007 Nalin Dahyabhai 1.6.1-8 +- incorporate fixes for MITKRB5-SA-2007-004 (CVE-2007-2442,CVE-2007-2443) + and MITKRB5-SA-2007-005 (CVE-2007-2798) + +* Mon Jun 25 2007 Nalin Dahyabhai 1.6.1-7 +- reintroduce missing %%postun for the non-split_workstation case + +* Mon Jun 25 2007 Nalin Dahyabhai 1.6.1-6 +- rebuild + +* Mon Jun 25 2007 Nalin Dahyabhai 1.6.1-5.1 +- rebuild + +* Sun Jun 24 2007 Nalin Dahyabhai 1.6.1-5 +- add missing pam-devel build requirement, force selinux-or-fail build + +* Sun Jun 24 2007 Nalin Dahyabhai 1.6.1-4 +- rebuild + +* Sun Jun 24 2007 Nalin Dahyabhai 1.6.1-3 +- label all files at creation-time according to the SELinux policy (#228157) + +* Fri Jun 22 2007 Nalin Dahyabhai +- perform PAM account / session management in krshd (#182195,#195922) +- perform PAM authentication and account / session management in ftpd +- perform PAM authentication, account / session management, and password- + changing in login.krb5 (#182195,#195922) + +* Fri Jun 22 2007 Nalin Dahyabhai +- preprocess kerberos.ldif into a format FDS will like better, and include + that as a doc file as well + +* Fri Jun 22 2007 Nalin Dahyabhai +- switch man pages to being generated with the right paths in them +- drop old, incomplete SELinux patch +- add patch from Greg Hudson to make srvtab routines report missing-file errors + at same point that keytab routines do (#241805) + +* Thu May 24 2007 Nalin Dahyabhai 1.6.1-2 +- pull patch from svn to undo unintentional chattiness in ftp +- pull patch from svn to handle NULL krb5_get_init_creds_opt structures + better in a couple of places where they're expected + +* Wed May 23 2007 Nalin Dahyabhai 1.6.1-1 +- update to 1.6.1 + - drop no-longer-needed patches for CVE-2007-0956,CVE-2007-0957,CVE-2007-1216 + - drop patch for sendto bug in 1.6, fixed in 1.6.1 + +* Fri May 18 2007 Nalin Dahyabhai +- kadmind.init: don't fail outright if the default principal database + isn't there if it looks like we might be using the kldap plugin +- kadmind.init: attempt to extract the key for the host-specific kadmin + service when we try to create the keytab + +* Wed May 16 2007 Nalin Dahyabhai 1.6-6 +- omit dependent libraries from the krb5-config --libs output, as using + shared libraries (no more static libraries) makes them unnecessary and + they're not part of the libkrb5 interface (patch by Rex Dieter, #240220) + (strips out libkeyutils, libresolv, libdl) + +* Fri May 4 2007 Nalin Dahyabhai 1.6-5 +- pull in keyutils as a build requirement to get the "KEYRING:" ccache type, + because we've merged + +* Fri May 4 2007 Nalin Dahyabhai 1.6-4 +- fix an uninitialized length value which could cause a crash when parsing + key data coming from a directory server +- correct a typo in the krb5.conf man page ("ldap_server"->"ldap_servers") + +* Fri Apr 13 2007 Nalin Dahyabhai +- move the default acl_file, dict_file, and admin_keytab settings to + the part of the default/example kdc.conf where they'll actually have + an effect (#236417) + +* Thu Apr 5 2007 Nalin Dahyabhai 1.5-24 +- merge security fixes from RHSA-2007:0095 + +* Tue Apr 3 2007 Nalin Dahyabhai 1.6-3 +- add patch to correct unauthorized access via krb5-aware telnet + daemon (#229782, CVE-2007-0956) +- add patch to fix buffer overflow in krb5kdc and kadmind + (#231528, CVE-2007-0957) +- add patch to fix double-free in kadmind (#231537, CVE-2007-1216) + +* Thu Mar 22 2007 Nalin Dahyabhai +- back out buildrequires: keyutils-libs-devel for now + +* Thu Mar 22 2007 Nalin Dahyabhai 1.6-2 +- add buildrequires: on keyutils-libs-devel to enable use of keyring ccaches, + dragging keyutils-libs in as a dependency + +* Mon Mar 19 2007 Nalin Dahyabhai 1.5-23 +- fix bug ID in changelog + +* Thu Mar 15 2007 Nalin Dahyabhai 1.5-22 + +* Thu Mar 15 2007 Nalin Dahyabhai 1.5-21 +- add preliminary patch to fix buffer overflow in krb5kdc and kadmind + (#231528, CVE-2007-0957) +- add preliminary patch to fix double-free in kadmind (#231537, CVE-2007-1216) + +* Wed Feb 28 2007 Nalin Dahyabhai +- add patch to build semi-useful static libraries, but don't apply it unless + we need them + +* Tue Feb 27 2007 Nalin Dahyabhai - 1.5-20 +- temporarily back out %%post changes, fix for #143289 for security update +- add preliminary patch to correct unauthorized access via krb5-aware telnet + +* Mon Feb 19 2007 Nalin Dahyabhai +- make profile.d scriptlets mode 644 instead of 755 (part of #225974) + +* Tue Jan 30 2007 Nalin Dahyabhai 1.6-1 +- clean up quoting of command-line arguments passed to the krsh/krlogin + wrapper scripts + +* Mon Jan 22 2007 Nalin Dahyabhai +- initial update to 1.6, pre-package-reorg +- move workstation daemons to a new subpackage (#81836, #216356, #217301), and + make the new subpackage require xinetd (#211885) + +* Mon Jan 22 2007 Nalin Dahyabhai - 1.5-18 +- make use of install-info more failsafe (Ville Skyttä, #223704) +- preserve timestamps on shell scriptlets at %%install-time + +* Tue Jan 16 2007 Nalin Dahyabhai - 1.5-17 +- move to using pregenerated PDF docs to cure multilib conflicts (#222721) + +* Fri Jan 12 2007 Nalin Dahyabhai - 1.5-16 +- update backport of the preauth module interface (part of #194654) + +* Tue Jan 9 2007 Nalin Dahyabhai - 1.5-14 +- apply fixes from Tom Yu for MITKRB5-SA-2006-002 (CVE-2006-6143) (#218456) +- apply fixes from Tom Yu for MITKRB5-SA-2006-003 (CVE-2006-6144) (#218456) + +* Wed Dec 20 2006 Nalin Dahyabhai - 1.5-12 +- update backport of the preauth module interface + +* Mon Oct 30 2006 Nalin Dahyabhai +- update backport of the preauth module interface +- add proposed patches 4566, 4567 +- add proposed edata reporting interface for KDC +- add temporary placeholder for module global context fixes + +* Mon Oct 23 2006 Nalin Dahyabhai - 1.5-11 +- don't bail from the KDC init script if there's no database, it may be in + a different location than the default (fenlason) +- remove the [kdc] section from the default krb5.conf -- doesn't seem to have + been applicable for a while + +* Wed Oct 18 2006 Nalin Dahyabhai - 1.5-10 +- rename krb5.sh and krb5.csh so that they don't overlap (#210623) +- way-late application of added error info in kadmind.init (#65853) + +* Wed Oct 18 2006 Nalin Dahyabhai - 1.5-9.pal_18695 +- add backport of in-development preauth module interface (#208643) + +* Mon Oct 9 2006 Nalin Dahyabhai - 1.5-9 +- provide docs in PDF format instead of as tex source (Enrico Scholz, #209943) + +* Wed Oct 4 2006 Nalin Dahyabhai - 1.5-8 +- add missing shebang headers to krsh and krlogin wrapper scripts (#209238) + +* Wed Sep 6 2006 Nalin Dahyabhai - 1.5-7 +- set SS_LIB at configure-time so that libss-using apps get working readline + support (#197044) + +* Fri Aug 18 2006 Nalin Dahyabhai - 1.5-6 +- switch to the updated patch for MITKRB-SA-2006-001 + +* Tue Aug 8 2006 Nalin Dahyabhai - 1.5-5 +- apply patch to address MITKRB-SA-2006-001 (CVE-2006-3084) + +* Mon Aug 7 2006 Nalin Dahyabhai - 1.5-4 +- ensure that the gssapi library's been initialized before walking the + internal mechanism list in gss_release_oid(), needed if called from + gss_release_name() right after a gss_import_name() (#198092) + +* Tue Jul 25 2006 Nalin Dahyabhai - 1.5-3 +- rebuild + +* Tue Jul 25 2006 Nalin Dahyabhai - 1.5-2 +- pull up latest revision of patch to reduce lockups in rsh/rshd + +* Mon Jul 17 2006 Nalin Dahyabhai - 1.5-1.2 +- rebuild + +* Wed Jul 12 2006 Jesse Keating - 1.5-1.1 +- rebuild + +* Thu Jul 6 2006 Nalin Dahyabhai 1.5-1 +- build + +* Wed Jul 5 2006 Nalin Dahyabhai 1.5-0 +- update to 1.5 + +* Fri Jun 23 2006 Nalin Dahyabhai 1.4.3-9 +- mark profile.d config files noreplace (Laurent Rineau, #196447) + +* Thu Jun 8 2006 Nalin Dahyabhai 1.4.3-8 +- add buildprereq for autoconf + +* Mon May 22 2006 Nalin Dahyabhai 1.4.3-7 +- further munge krb5-config so that 'libdir=/usr/lib' is given even on 64-bit + architectures, to avoid multilib conflicts; other changes will conspire to + strip out the -L flag which uses this, so it should be harmless (#192692) + +* Fri Apr 28 2006 Nalin Dahyabhai 1.4.3-6 +- adjust the patch which removes the use of rpath to also produce a + krb5-config which is okay in multilib environments (#190118) +- make the name-of-the-tempfile comment which compile_et adds to error code + headers always list the same file to avoid conflicts on multilib installations +- strip SIZEOF_LONG out of krb5.h so that it doesn't conflict on multilib boxes +- strip GSS_SIZEOF_LONG out of gssapi.h so that it doesn't conflict on mulitlib + boxes + +* Fri Apr 14 2006 Stepan Kasal 1.4.3-5 +- Fix formatting typo in kinit.1 (krb5-kinit-man-typo.patch) + +* Fri Feb 10 2006 Jesse Keating 1.4.3-4.1 +- bump again for double-long bug on ppc(64) + +* Mon Feb 6 2006 Nalin Dahyabhai 1.4.3-4 +- give a little bit more information to the user when kinit gets the catch-all + I/O error (#180175) + +* Thu Jan 19 2006 Nalin Dahyabhai 1.4.3-3 +- rebuild properly when pthread_mutexattr_setrobust_np() is defined but not + declared, such as with recent glibc when _GNU_SOURCE isn't being used + +* Thu Jan 19 2006 Matthias Clasen 1.4.3-2 +- Use full paths in krb5.sh to avoid path lookups + +* Fri Dec 09 2005 Jesse Keating +- rebuilt + +* Thu Dec 1 2005 Nalin Dahyabhai +- login: don't truncate passwords before passing them into crypt(), in + case they're significant (#149476) + +* Thu Nov 17 2005 Nalin Dahyabhai 1.4.3-1 +- update to 1.4.3 +- make ksu setuid again (#137934, others) + +* Tue Sep 13 2005 Nalin Dahyabhai 1.4.2-4 +- mark %%{krb5prefix}/man so that files which are packaged within it are + flagged as %%doc (#168163) + +* Tue Sep 6 2005 Nalin Dahyabhai 1.4.2-3 +- add an xinetd configuration file for encryption-only telnetd, parallelling + the kshell/ekshell pair (#167535) + +* Wed Aug 31 2005 Nalin Dahyabhai 1.4.2-2 +- change the default configured encryption type for KDC databases to the + compiled-in default of des3-hmac-sha1 (#57847) + +* Thu Aug 11 2005 Nalin Dahyabhai 1.4.2-1 +- update to 1.4.2, incorporating the fixes for MIT-KRB5-SA-2005-002 and + MIT-KRB5-SA-2005-003 + +* Wed Jun 29 2005 Nalin Dahyabhai 1.4.1-6 +- rebuild + +* Wed Jun 29 2005 Nalin Dahyabhai 1.4.1-5 +- fix telnet client environment variable disclosure the same way NetKit's + telnet client did (CAN-2005-0488) (#159305) +- keep apps which call krb5_principal_compare() or krb5_realm_compare() with + malformed or NULL principal structures from crashing outright (Thomas Biege) + (#161475) + +* Tue Jun 28 2005 Nalin Dahyabhai +- apply fixes from draft of MIT-KRB5-SA-2005-002 (CAN-2005-1174,CAN-2005-1175) + (#157104) +- apply fixes from draft of MIT-KRB5-SA-2005-003 (CAN-2005-1689) (#159755) + +* Fri Jun 24 2005 Nalin Dahyabhai 1.4.1-4 +- fix double-close in keytab handling +- add port of fixes for CAN-2004-0175 to krb5-aware rcp (#151612) + +* Fri May 13 2005 Nalin Dahyabhai 1.4.1-3 +- prevent spurious EBADF in krshd when stdin is closed by the client while + the command is running (#151111) + +* Fri May 13 2005 Martin Stransky 1.4.1-2 +- add deadlock patch, removed old patch + +* Fri May 6 2005 Nalin Dahyabhai 1.4.1-1 +- update to 1.4.1, incorporating fixes for CAN-2005-0468 and CAN-2005-0469 +- when starting the KDC or kadmind, if KRB5REALM is set via the /etc/sysconfig + file for the service, pass it as an argument for the -r flag + +* Wed Mar 23 2005 Nalin Dahyabhai 1.4-3 +- drop krshd patch for now + +* Thu Mar 17 2005 Nalin Dahyabhai +- add draft fix from Tom Yu for slc_add_reply() buffer overflow (CAN-2005-0469) +- add draft fix from Tom Yu for env_opt_add() buffer overflow (CAN-2005-0468) + +* Wed Mar 16 2005 Nalin Dahyabhai 1.4-2 +- don't include into the telnet client when we're not using curses + +* Thu Feb 24 2005 Nalin Dahyabhai 1.4-1 +- update to 1.4 + - v1.4 kadmin client requires a v1.4 kadmind on the server, or use the "-O" + flag to specify that it should communicate with the server using the older + protocol + - new libkrb5support library + - v5passwdd and kadmind4 are gone + - versioned symbols +- pick up $KRB5KDC_ARGS from /etc/sysconfig/krb5kdc, if it exists, and pass + it on to krb5kdc +- pick up $KADMIND_ARGS from /etc/sysconfig/kadmin, if it exists, and pass + it on to kadmind +- pick up $KRB524D_ARGS from /etc/sysconfig/krb524, if it exists, and pass + it on to krb524d *instead of* "-m" +- set "forwardable" in [libdefaults] in the default krb5.conf to match the + default setting which we supply for pam_krb5 +- set a default of 24h for "ticket_lifetime" in [libdefaults], reflecting the + compiled-in default + +* Mon Dec 20 2004 Nalin Dahyabhai 1.3.6-3 +- rebuild + +* Mon Dec 20 2004 Nalin Dahyabhai 1.3.6-2 +- rebuild + +* Mon Dec 20 2004 Nalin Dahyabhai 1.3.6-1 +- update to 1.3.6, which includes the previous fix + +* Mon Dec 20 2004 Nalin Dahyabhai 1.3.5-8 +- apply fix from Tom Yu for MITKRB5-SA-2004-004 (CAN-2004-1189) + +* Fri Dec 17 2004 Martin Stransky 1.3.5-7 +- fix deadlock during file transfer via rsync/krsh +- thanks goes to James Antill for hint + +* Fri Nov 26 2004 Nalin Dahyabhai 1.3.5-6 +- rebuild + +* Mon Nov 22 2004 Nalin Dahyabhai 1.3.5-3 +- fix predictable-tempfile-name bug in krb5-send-pr (CAN-2004-0971, #140036) + +* Tue Nov 16 2004 Nalin Dahyabhai +- silence compiler warning in kprop by using an in-memory ccache with a fixed + name instead of an on-disk ccache with a name generated by tmpnam() + +* Tue Nov 16 2004 Nalin Dahyabhai 1.3.5-2 +- fix globbing patch port mode (#139075) + +* Mon Nov 1 2004 Nalin Dahyabhai 1.3.5-1 +- fix segfault in telnet due to incorrect checking of gethostbyname_r result + codes (#129059) + +* Fri Oct 15 2004 Nalin Dahyabhai +- remove rc4-hmac:norealm and rc4-hmac:onlyrealm from the default list of + supported keytypes in kdc.conf -- they produce exactly the same keys as + rc4-hmac:normal because rc4 string-to-key ignores salts +- nuke kdcrotate -- there are better ways to balance the load on KDCs, and + the SELinux policy for it would have been scary-looking +- update to 1.3.5, mainly to include MITKRB5SA 2004-002 and 2004-003 + +* Tue Aug 31 2004 Nalin Dahyabhai 1.3.4-7 +- rebuild + +* Tue Aug 24 2004 Nalin Dahyabhai 1.3.4-6 +- rebuild + +* Tue Aug 24 2004 Nalin Dahyabhai 1.3.4-5 +- incorporate revised fixes from Tom Yu for CAN-2004-0642, CAN-2004-0644, + CAN-2004-0772 + +* Mon Aug 23 2004 Nalin Dahyabhai 1.3.4-4 +- rebuild + +* Mon Aug 23 2004 Nalin Dahyabhai 1.3.4-3 +- incorporate fixes from Tom Yu for CAN-2004-0642, CAN-2004-0772 + (MITKRB5-SA-2004-002, #130732) +- incorporate fixes from Tom Yu for CAN-2004-0644 (MITKRB5-SA-2004-003, #130732) + +* Tue Jul 27 2004 Nalin Dahyabhai 1.3.4-2 +- fix indexing error in server sorting patch (#127336) + +* Tue Jun 15 2004 Elliot Lee +- rebuilt + +* Mon Jun 14 2004 Nalin Dahyabhai 1.3.4-0.1 +- update to 1.3.4 final + +* Mon Jun 7 2004 Nalin Dahyabhai 1.3.4-0 +- update to 1.3.4 beta1 +- remove MITKRB5-SA-2004-001, included in 1.3.4 + +* Mon Jun 7 2004 Nalin Dahyabhai 1.3.3-8 +- rebuild + +* Fri Jun 4 2004 Nalin Dahyabhai 1.3.3-7 +- rebuild + +* Fri Jun 4 2004 Nalin Dahyabhai 1.3.3-6 +- apply updated patch from MITKRB5-SA-2004-001 (revision 2004-06-02) + +* Tue Jun 1 2004 Nalin Dahyabhai 1.3.3-5 +- rebuild + +* Tue Jun 1 2004 Nalin Dahyabhai 1.3.3-4 +- apply patch from MITKRB5-SA-2004-001 (#125001) + +* Wed May 12 2004 Thomas Woerner 1.3.3-3 +- removed rpath + +* Thu Apr 15 2004 Nalin Dahyabhai 1.3.3-2 +- re-enable large file support, fell out in 1.3-1 +- patch rcp to use long long and %%lld format specifiers when reporting file + sizes on large files + +* Tue Apr 13 2004 Nalin Dahyabhai 1.3.3-1 +- update to 1.3.3 + +* Wed Mar 10 2004 Nalin Dahyabhai 1.3.2-1 +- update to 1.3.2 + +* Mon Mar 8 2004 Nalin Dahyabhai 1.3.1-12 +- rebuild + +* Tue Mar 02 2004 Elliot Lee 1.3.1-11.1 +- rebuilt + +* Fri Feb 13 2004 Elliot Lee 1.3.1-11 +- rebuilt + +* Mon Feb 9 2004 Nalin Dahyabhai 1.3.1-10 +- catch krb4 send_to_kdc cases in kdc preference patch + +* Mon Feb 2 2004 Nalin Dahyabhai 1.3.1-9 +- remove patch to set TERM in klogind which, combined with the upstream fix in + 1.3.1, actually produces the bug now (#114762) + +* Mon Jan 19 2004 Nalin Dahyabhai 1.3.1-8 +- when iterating over lists of interfaces which are "up" from getifaddrs(), + skip over those which have no address (#113347) + +* Mon Jan 12 2004 Nalin Dahyabhai +- prefer the kdc which last replied to a request when sending requests to kdcs + +* Mon Nov 24 2003 Nalin Dahyabhai 1.3.1-7 +- fix combination of --with-netlib and --enable-dns (#82176) + +* Tue Nov 18 2003 Nalin Dahyabhai +- remove libdefault ticket_lifetime option from the default krb5.conf, it is + ignored by libkrb5 + +* Thu Sep 25 2003 Nalin Dahyabhai 1.3.1-6 +- fix bug in patch to make rlogind start login with a clean environment a la + netkit rlogin, spotted and fixed by Scott McClung + +* Tue Sep 23 2003 Nalin Dahyabhai 1.3.1-5 +- include profile.d scriptlets in krb5-devel so that krb5-config will be in + the path if krb5-workstation isn't installed, reported by Kir Kolyshkin + +* Mon Sep 8 2003 Nalin Dahyabhai +- add more etypes (arcfour) to the default enctype list in kdc.conf +- don't apply previous patch, refused upstream + +* Fri Sep 5 2003 Nalin Dahyabhai 1.3.1-4 +- fix 32/64-bit bug storing and retrieving the issue_date in v4 credentials + +* Wed Sep 3 2003 Dan Walsh 1.3.1-3 +- Don't check for write access on /etc/krb5.conf if SELinux + +* Tue Aug 26 2003 Nalin Dahyabhai 1.3.1-2 +- fixup some int/pointer varargs wackiness + +* Tue Aug 5 2003 Nalin Dahyabhai 1.3.1-1 +- rebuild + +* Mon Aug 4 2003 Nalin Dahyabhai 1.3.1-0 +- update to 1.3.1 + +* Thu Jul 24 2003 Nalin Dahyabhai 1.3-2 +- pull fix for non-compliant encoding of salt field in etype-info2 preauth + data from 1.3.1 beta 1, until 1.3.1 is released. + +* Mon Jul 21 2003 Nalin Dahyabhai 1.3-1 +- update to 1.3 + +* Mon Jul 7 2003 Nalin Dahyabhai 1.2.8-4 +- correctly use stdargs + +* Wed Jun 18 2003 Nalin Dahyabhai 1.3-0.beta.4 +- test update to 1.3 beta 4 +- ditch statglue build option +- krb5-devel requires e2fsprogs-devel, which now provides libss and libcom_err + +* Wed Jun 04 2003 Elliot Lee +- rebuilt + +* Wed May 21 2003 Jeremy Katz 1.2.8-2 +- gcc 3.3 doesn't implement varargs.h, include stdarg.h instead + +* Wed Apr 9 2003 Nalin Dahyabhai 1.2.8-1 +- update to 1.2.8 + +* Mon Mar 31 2003 Nalin Dahyabhai 1.2.7-14 +- fix double-free of enc_part2 in krb524d + +* Fri Mar 21 2003 Nalin Dahyabhai 1.2.7-13 +- update to latest patch kit for MITKRB5-SA-2003-004 + +* Wed Mar 19 2003 Nalin Dahyabhai 1.2.7-12 +- add patch included in MITKRB5-SA-2003-003 (CAN-2003-0028) + +* Mon Mar 17 2003 Nalin Dahyabhai 1.2.7-11 +- add patches from patchkit from MITKRB5-SA-2003-004 (CAN-2003-0138 and + CAN-2003-0139) + +* Thu Mar 6 2003 Nalin Dahyabhai 1.2.7-10 +- rebuild + +* Thu Mar 6 2003 Nalin Dahyabhai 1.2.7-9 +- fix buffer underrun in unparsing certain principals (CAN-2003-0082) + +* Tue Feb 4 2003 Nalin Dahyabhai 1.2.7-8 +- add patch to document the reject-bad-transited option in kdc.conf + +* Mon Feb 3 2003 Nalin Dahyabhai +- add patch to fix server-side crashes when principals have no + components (CAN-2003-0072) + +* Thu Jan 23 2003 Nalin Dahyabhai 1.2.7-7 +- add patch from Mark Cox for exploitable bugs in ftp client + +* Wed Jan 22 2003 Tim Powers +- rebuilt + +* Wed Jan 15 2003 Nalin Dahyabhai 1.2.7-5 +- use PICFLAGS when building code from the ktany patch + +* Thu Jan 9 2003 Bill Nottingham 1.2.7-4 +- debloat + +* Tue Jan 7 2003 Jeremy Katz 1.2.7-3 +- include .so.* symlinks as well as .so.*.* + +* Mon Dec 9 2002 Jakub Jelinek 1.2.7-2 +- always #include to access errno, never do it directly +- enable LFS on a bunch of other 32-bit arches + +* Wed Dec 4 2002 Nalin Dahyabhai +- increase the maximum name length allowed by kuserok() to the higher value + used in development versions + +* Mon Dec 2 2002 Nalin Dahyabhai +- install src/krb524/README as README.krb524 in the -servers package, + includes information about converting for AFS principals + +* Fri Nov 15 2002 Nalin Dahyabhai 1.2.7-1 +- update to 1.2.7 +- disable use of tcl + +* Mon Nov 11 2002 Nalin Dahyabhai +- update to 1.2.7-beta2 (internal only, not for release), dropping dnsparse + and kadmind4 fixes + +* Wed Oct 23 2002 Nalin Dahyabhai 1.2.6-5 +- add patch for buffer overflow in kadmind4 (not used by default) + +* Fri Oct 11 2002 Nalin Dahyabhai 1.2.6-4 +- drop a hunk from the dnsparse patch which is actually redundant (thanks to + Tom Yu) + +* Wed Oct 9 2002 Nalin Dahyabhai 1.2.6-3 +- patch to handle truncated dns responses + +* Mon Oct 7 2002 Nalin Dahyabhai 1.2.6-2 +- remove hashless key types from the default kdc.conf, they're not supposed to + be there, noted by Sam Hartman on krbdev + +* Fri Sep 27 2002 Nalin Dahyabhai 1.2.6-1 +- update to 1.2.6 + +* Fri Sep 13 2002 Nalin Dahyabhai 1.2.5-7 +- use %%{_lib} for the sake of multilib systems + +* Fri Aug 2 2002 Nalin Dahyabhai 1.2.5-6 +- add patch from Tom Yu for exploitable bugs in rpc code used in kadmind + +* Tue Jul 23 2002 Nalin Dahyabhai 1.2.5-5 +- fix bug in krb5.csh which would cause the path check to always succeed + +* Fri Jul 19 2002 Jakub Jelinek 1.2.5-4 +- build even libdb.a with -fPIC and $RPM_OPT_FLAGS. + +* Fri Jun 21 2002 Tim Powers +- automated rebuild + +* Sun May 26 2002 Tim Powers +- automated rebuild + +* Wed May 1 2002 Nalin Dahyabhai 1.2.5-1 +- update to 1.2.5 +- disable statglue + +* Fri Mar 1 2002 Nalin Dahyabhai 1.2.4-1 +- update to 1.2.4 + +* Wed Feb 20 2002 Nalin Dahyabhai 1.2.3-5 +- rebuild in new environment +- reenable statglue + +* Sat Jan 26 2002 Florian La Roche +- prereq chkconfig for the server subpackage + +* Wed Jan 16 2002 Nalin Dahyabhai 1.2.3-3 +- build without -g3, which gives us large static libraries in -devel + +* Tue Jan 15 2002 Nalin Dahyabhai 1.2.3-2 +- reintroduce ld.so.conf munging in the -libs %%post + +* Thu Jan 10 2002 Nalin Dahyabhai 1.2.3-1 +- rename the krb5 package back to krb5-libs; the previous rename caused + something of an uproar +- update to 1.2.3, which includes the FTP and telnetd fixes +- configure without --enable-dns-for-kdc --enable-dns-for-realm, which now set + the default behavior instead of enabling the feature (the feature is enabled + by --enable-dns, which we still use) +- reenable optimizations on Alpha +- support more encryption types in the default kdc.conf (heads-up from post + to comp.protocols.kerberos by Jason Heiss) + +* Fri Aug 3 2001 Nalin Dahyabhai 1.2.2-14 +- rename the krb5-libs package to krb5 (naming a subpackage -libs when there + is no main package is silly) +- move defaults for PAM to the appdefaults section of krb5.conf -- this is + the area where the krb5_appdefault_* functions look for settings) +- disable statglue (warning: breaks binary compatibility with previous + packages, but has to be broken at some point to work correctly with + unpatched versions built with newer versions of glibc) + +* Fri Aug 3 2001 Nalin Dahyabhai 1.2.2-13 +- bump release number and rebuild + +* Wed Aug 1 2001 Nalin Dahyabhai +- add patch to fix telnetd vulnerability + +* Fri Jul 20 2001 Nalin Dahyabhai +- tweak statglue.c to fix stat/stat64 aliasing problems +- be cleaner in use of gcc to build shlibs + +* Wed Jul 11 2001 Nalin Dahyabhai +- use gcc to build shared libraries + +* Wed Jun 27 2001 Nalin Dahyabhai +- add patch to support "ANY" keytab type (i.e., + "default_keytab_name = ANY:FILE:/etc/krb5.keytab,SRVTAB:/etc/srvtab" + patch from Gerald Britton, #42551) +- build with -D_FILE_OFFSET_BITS=64 to get large file I/O in ftpd (#30697) +- patch ftpd to use long long and %%lld format specifiers to support the SIZE + command on large files (also #30697) +- don't use LOG_AUTH as an option value when calling openlog() in ksu (#45965) +- implement reload in krb5kdc and kadmind init scripts (#41911) +- lose the krb5server init script (not using it any more) + +* Sun Jun 24 2001 Elliot Lee +- Bump release + rebuild. + +* Tue May 29 2001 Nalin Dahyabhai +- pass some structures by address instead of on the stack in krb5kdc + +* Tue May 22 2001 Nalin Dahyabhai +- rebuild in new environment + +* Thu Apr 26 2001 Nalin Dahyabhai +- add patch from Tom Yu to fix ftpd overflows (#37731) + +* Wed Apr 18 2001 Than Ngo +- disable optimizations on the alpha again + +* Fri Mar 30 2001 Nalin Dahyabhai +- add in glue code to make sure that libkrb5 continues to provide a + weak copy of stat() + +* Thu Mar 15 2001 Nalin Dahyabhai +- build alpha with -O0 for now + +* Thu Mar 8 2001 Nalin Dahyabhai +- fix the kpropd init script + +* Mon Mar 5 2001 Nalin Dahyabhai +- update to 1.2.2, which fixes some bugs relating to empty ETYPE-INFO +- re-enable optimization on Alpha + +* Thu Feb 8 2001 Nalin Dahyabhai +- build alpha with -O0 for now +- own %%{_var}/kerberos + +* Tue Feb 6 2001 Nalin Dahyabhai +- own the directories which are created for each package (#26342) + +* Tue Jan 23 2001 Nalin Dahyabhai +- gettextize init scripts + +* Fri Jan 19 2001 Nalin Dahyabhai +- add some comments to the ksu patches for the curious +- re-enable optimization on alphas + +* Mon Jan 15 2001 Nalin Dahyabhai +- fix krb5-send-pr (#18932) and move it from -server to -workstation +- buildprereq libtermcap-devel +- temporariliy disable optimization on alphas +- gettextize init scripts + +* Tue Dec 5 2000 Nalin Dahyabhai +- force -fPIC + +* Fri Dec 1 2000 Nalin Dahyabhai +- rebuild in new environment + +* Tue Oct 31 2000 Nalin Dahyabhai +- add bison as a BuildPrereq (#20091) + +* Mon Oct 30 2000 Nalin Dahyabhai +- change /usr/dict/words to /usr/share/dict/words in default kdc.conf (#20000) + +* Thu Oct 5 2000 Nalin Dahyabhai +- apply kpasswd bug fixes from David Wragg + +* Wed Oct 4 2000 Nalin Dahyabhai +- make krb5-libs obsolete the old krb5-configs package (#18351) +- don't quit from the kpropd init script if there's no principal database so + that you can propagate the first time without running kpropd manually +- don't complain if /etc/ld.so.conf doesn't exist in the -libs %%post + +* Tue Sep 12 2000 Nalin Dahyabhai +- fix credential forwarding problem in klogind (goof in KRB5CCNAME handling) + (#11588) +- fix heap corruption bug in FTP client (#14301) + +* Wed Aug 16 2000 Nalin Dahyabhai +- fix summaries and descriptions +- switched the default transfer protocol from PORT to PASV as proposed on + bugzilla (#16134), and to match the regular ftp package's behavior + +* Wed Jul 19 2000 Jeff Johnson +- rebuild to compress man pages. + +* Sat Jul 15 2000 Bill Nottingham +- move initscript back + +* Fri Jul 14 2000 Nalin Dahyabhai +- disable servers by default to keep linuxconf from thinking they need to be + started when they don't + +* Thu Jul 13 2000 Prospector +- automatic rebuild + +* Mon Jul 10 2000 Nalin Dahyabhai +- change cleanup code in post to not tickle chkconfig +- add grep as a Prereq: for -libs + +* Thu Jul 6 2000 Nalin Dahyabhai +- move condrestarts to postun +- make xinetd configs noreplace +- add descriptions to xinetd configs +- add /etc/init.d as a prereq for the -server package +- patch to properly truncate $TERM in krlogind + +* Fri Jun 30 2000 Nalin Dahyabhai +- update to 1.2.1 +- back out Tom Yu's patch, which is a big chunk of the 1.2 -> 1.2.1 update +- start using the official source tarball instead of its contents + +* Thu Jun 29 2000 Nalin Dahyabhai +- Tom Yu's patch to fix compatibility between 1.2 kadmin and 1.1.1 kadmind +- pull out 6.2 options in the spec file (sonames changing in 1.2 means it's not + compatible with other stuff in 6.2, so no need) + +* Wed Jun 28 2000 Nalin Dahyabhai +- tweak graceful start/stop logic in post and preun + +* Mon Jun 26 2000 Nalin Dahyabhai +- update to the 1.2 release +- ditch a lot of our patches which went upstream +- enable use of DNS to look up things at build-time +- disable use of DNS to look up things at run-time in default krb5.conf +- change ownership of the convert-config-files script to root.root +- compress PS docs +- fix some typos in the kinit man page +- run condrestart in server post, and shut down in preun + +* Mon Jun 19 2000 Nalin Dahyabhai +- only remove old krb5server init script links if the init script is there + +* Sat Jun 17 2000 Nalin Dahyabhai +- disable kshell and eklogin by default + +* Thu Jun 15 2000 Nalin Dahyabhai +- patch mkdir/rmdir problem in ftpcmd.y +- add condrestart option to init script +- split the server init script into three pieces and add one for kpropd + +* Wed Jun 14 2000 Nalin Dahyabhai +- make sure workstation servers are all disabled by default +- clean up krb5server init script + +* Fri Jun 9 2000 Nalin Dahyabhai +- apply second set of buffer overflow fixes from Tom Yu +- fix from Dirk Husung for a bug in buffer cleanups in the test suite +- work around possibly broken rev binary in running test suite +- move default realm configs from /var/kerberos to %%{_var}/kerberos + +* Tue Jun 6 2000 Nalin Dahyabhai +- make ksu and v4rcp owned by root + +* Sat Jun 3 2000 Nalin Dahyabhai +- use %%{_infodir} to better comply with FHS +- move .so files to -devel subpackage +- tweak xinetd config files (bugs #11833, #11835, #11836, #11840) +- fix package descriptions again + +* Wed May 24 2000 Nalin Dahyabhai +- change a LINE_MAX to 1024, fix from Ken Raeburn +- add fix for login vulnerability in case anyone rebuilds without krb4 compat +- add tweaks for byte-swapping macros in krb.h, also from Ken +- add xinetd config files +- make rsh and rlogin quieter +- build with debug to fix credential forwarding +- add rsh as a build-time req because the configure scripts look for it to + determine paths + +* Wed May 17 2000 Nalin Dahyabhai +- fix config_subpackage logic + +* Tue May 16 2000 Nalin Dahyabhai +- remove setuid bit on v4rcp and ksu in case the checks previously added + don't close all of the problems in ksu +- apply patches from Jeffrey Schiller to fix overruns Chris Evans found +- reintroduce configs subpackage for use in the errata +- add PreReq: sh-utils + +* Mon May 15 2000 Nalin Dahyabhai +- fix double-free in the kdc (patch merged into MIT tree) +- include convert-config-files script as a documentation file + +* Wed May 03 2000 Nalin Dahyabhai +- patch ksu man page because the -C option never works +- add access() checks and disable debug mode in ksu +- modify default ksu build arguments to specify more directories in CMD_PATH + and to use getusershell() + +* Wed May 03 2000 Bill Nottingham +- fix configure stuff for ia64 + +* Mon Apr 10 2000 Nalin Dahyabhai +- add LDCOMBINE=-lc to configure invocation to use libc versioning (bug #10653) +- change Requires: for/in subpackages to include %%{version} + +* Wed Apr 05 2000 Nalin Dahyabhai +- add man pages for kerberos(1), kvno(1), .k5login(5) +- add kvno to -workstation + +* Mon Apr 03 2000 Nalin Dahyabhai +- Merge krb5-configs back into krb5-libs. The krb5.conf file is marked as + a %%config file anyway. +- Make krb5.conf a noreplace config file. + +* Thu Mar 30 2000 Nalin Dahyabhai +- Make klogind pass a clean environment to children, like NetKit's rlogind does. + +* Wed Mar 08 2000 Nalin Dahyabhai +- Don't enable the server by default. +- Compress info pages. +- Add defaults for the PAM module to krb5.conf + +* Mon Mar 06 2000 Nalin Dahyabhai +- Correct copyright: it's exportable now, provided the proper paperwork is + filed with the government. + +* Fri Mar 03 2000 Nalin Dahyabhai +- apply Mike Friedman's patch to fix format string problems +- don't strip off argv[0] when invoking regular rsh/rlogin + +* Thu Mar 02 2000 Nalin Dahyabhai +- run kadmin.local correctly at startup + +* Mon Feb 28 2000 Nalin Dahyabhai +- pass absolute path to kadm5.keytab if/when extracting keys at startup + +* Sat Feb 19 2000 Nalin Dahyabhai +- fix info page insertions + +* Wed Feb 9 2000 Nalin Dahyabhai +- tweak server init script to automatically extract kadm5 keys if + /var/kerberos/krb5kdc/kadm5.keytab doesn't exist yet +- adjust package descriptions + +* Thu Feb 3 2000 Nalin Dahyabhai +- fix for potentially gzipped man pages + +* Fri Jan 21 2000 Nalin Dahyabhai +- fix comments in krb5-configs + +* Fri Jan 7 2000 Nalin Dahyabhai +- move /usr/kerberos/bin to end of PATH + +* Tue Dec 28 1999 Nalin Dahyabhai +- install kadmin header files + +* Tue Dec 21 1999 Nalin Dahyabhai +- patch around TIOCGTLC defined on alpha and remove warnings from libpty.h +- add installation of info docs +- remove krb4 compat patch because it doesn't fix workstation-side servers + +* Mon Dec 20 1999 Nalin Dahyabhai +- remove hesiod dependency at build-time + +* Sun Dec 19 1999 Nalin Dahyabhai +- rebuild on 1.1.1 + +* Thu Oct 7 1999 Nalin Dahyabhai +- clean up init script for server, verify that it works [jlkatz] +- clean up rotation script so that rc likes it better +- add clean stanza + +* Mon Oct 4 1999 Nalin Dahyabhai +- backed out ncurses and makeshlib patches +- update for krb5-1.1 +- add KDC rotation to rc.boot, based on ideas from Michael's C version + +* Mon Sep 27 1999 Nalin Dahyabhai +- added -lncurses to telnet and telnetd makefiles + +* Mon Jul 5 1999 Nalin Dahyabhai +- added krb5.csh and krb5.sh to /etc/profile.d + +* Tue Jun 22 1999 Nalin Dahyabhai +- broke out configuration files + +* Mon Jun 14 1999 Nalin Dahyabhai +- fixed server package so that it works now + +* Sat May 15 1999 Nalin Dahyabhai +- started changelog (previous package from zedz.net) +- updated existing 1.0.5 RPM from Eos Linux to krb5 1.0.6 +- added --force to makeinfo commands to skip errors during build