Permalink
Switch branches/tags
Nothing to show
Commits on Jan 30, 2009
  1. Update kdb5_util purge_mkey's messaging behavior to be more informative.

    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21843 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 30, 2009
  2. merge to trunk r21838; no conflicts; tested on mac, and partially tes…

    …ted on linux
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21839 dc483132-0cff-0310-8789-dd5450dbe970
    raeburn committed Jan 30, 2009
  3. export krb5_dbe_lookup_mkey_aux

    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21837 dc483132-0cff-0310-8789-dd5450dbe970
    raeburn committed Jan 30, 2009
  4. Implemented kdb5_util purge_meys.

    Fixed a number of memleaks where the master key list was refetched.
    
    Modified the initial actkvno TL entry to set the act_time to 0 in case
    the kdc's clock is moved back after the initial entry is created.  This
    way the initial mkey will always be active.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21836 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 30, 2009
  5. merge to trunk r21834; no conflicts; tested on mac and linux

    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21835 dc483132-0cff-0310-8789-dd5450dbe970
    raeburn committed Jan 30, 2009
Commits on Jan 29, 2009
  1. When listing master key versions, if none of them appears to be active

    (can currently happen in certain time-warp cases), print a message to
    that effect and keep going with the listing.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21834 dc483132-0cff-0310-8789-dd5450dbe970
    raeburn committed Jan 29, 2009
  2. Support -n (dry-run) and -v (verbose) options for update_princ_encryp…

    …tion.
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21833 dc483132-0cff-0310-8789-dd5450dbe970
    raeburn committed Jan 29, 2009
  3. handle updating an activation time for a mkvno that already has one

    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21832 dc483132-0cff-0310-8789-dd5450dbe970
    raeburn committed Jan 29, 2009
  4. report error if time string doesn't parse

    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21831 dc483132-0cff-0310-8789-dd5450dbe970
    raeburn committed Jan 29, 2009
  5. Implement "kdb5_util update_princ_encryption".

    Duplicates glob-to-regexp code from libkadm5srv for now (noted in
    comments in both places).
    
    Updated kdb5_util.M for update_princ_encryption, and added
    placeholders for add_mkey, use_mkey, and list_mkeys.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21830 dc483132-0cff-0310-8789-dd5450dbe970
    raeburn committed Jan 29, 2009
  6. Unlock mutex for principal-iterator callback. (Bug still present for …

    …policies.)
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21829 dc483132-0cff-0310-8789-dd5450dbe970
    raeburn committed Jan 29, 2009
  7. Implement krb5_db_store_master_key_list.

    Make "kdb5_util stash" store the full master key list.
    Make "kdb5_util stash" use a preexisting stashed key if available.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21827 dc483132-0cff-0310-8789-dd5450dbe970
    ghudson committed Jan 29, 2009
  8. Fix an issue Ken noted with the kdb5_util dump -mkey_convert logic.

    Also tweaked the add_mkey code to call krb5_dbe_update_mkvno to update
    the mkvno stored in the K/M princ so the kadmin getprinc will output the
    right value.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21824 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 29, 2009
Commits on Jan 28, 2009
  1. svn merge -r21791:21820 svn+ssh://wfiveash@svn.mit.edu/krb5/trunk

    All conflicts resolved, everything builds.  Did a quick test, seems to
    work ok.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21822 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 28, 2009
  2. Add code to refetch master key list if the matching mkey to decrypt a

    princ isn't found on the current mkey list.  This is useful if the mkey
    princ has a new key but the running krb5kdc/kamind was started prior to
    that.
    
    Fix another issue related to nentries and krb5_db_get_principal() in
    kdb5_mkey.c.
    
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21821 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 28, 2009
  3. Make sure nentries == 1 after calling krb5_db_get_principal() in

    kdb5_mkey.c.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21817 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 28, 2009
  4. Fixed bad free logic in krb5_dbe_free_key_list which was causing krb5kdc

    to crash on exit when memory corruption detection is on.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21816 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 28, 2009
Commits on Jan 27, 2009
  1. Modified the ldap plugin so the mkvno slot in the krbprincipalkey

    attribute is used.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21811 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 27, 2009
  2. More review changes:

    If I use "kdb5_util dump -mkey_convert" after using the master key rollover
    support, does something reasonably sane happen?  E.g., process all the old
    keys properly, leave just one new master key value in the output database,
    reset the mkvno values attached to principals, etc.
    
        Done.  Note I may have to update the dump code to deal with the
        various mkey input options which I'll do in a follow on commit.
        Also note that I removed the locking around the krb5_db2_alloc and
        free functions.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21807 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 27, 2009
  3. More review changes:

    Have both LDAP and DB2 back ends been tried with Will's new code?  Looks
    like some default routines like kdb_def_get_mkey_list won't do anything; is
    that okay?
    
        Done but not tested.
    
    "XXX" comments in kdc/extern.h and elsewhere need to be looked into,
    obviously.
    
        Almost done (working on the mkey_convert issue).
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21806 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 27, 2009
Commits on Jan 26, 2009
  1. Revert an #include of <kdb.h> in kfree.c which stuck around after the

    code which needed it moved away.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21804 dc483132-0cff-0310-8789-dd5450dbe970
    ghudson committed Jan 26, 2009
  2. Bah, forgot to remove the -lkdb5 dependency in the kadm5clnt

    Makefile.in.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21803 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 26, 2009
  3. Restore krb5_free_key_data_contents() as it was in

    src/lib/kadm5/misc_free.c and rename the version of that function in
    kdb5.c to krb5_dbe_free_key_data_contents.  Eventually this needs to be
    consolidated somewhere.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21802 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 26, 2009
  4. Namespace-protect get_key_data_kvno.

    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21800 dc483132-0cff-0310-8789-dd5450dbe970
    ghudson committed Jan 26, 2009
  5. Work to address some of Ken's review comments. This doesn't address all

    of his issues so there will be a follow up commit.
    
    The type krb5_keylist_node shouldn't go into krb5.hin, as it's not part of
    the library (or any other) public API.  Maybe k5-int.h as a catch-all, if
    there's not a more appropriate internal header?
    
        Done.
    
    Can we avoid moving krb5_free_key_data_contents, which deals with a data
    structure used only in the KDC-related libraries, into libkrb5 and
    k5-int.h?  (Exception: The libkrb5 asn.1 code does encode/decode the data
    structure and thus may allocate it.  But I think we can assume the same C
    runtime for kadm5srv/kdb and krb5 libs, so it's kind of okay.  And the
    asn.1 setup should be "modularized" at some point, so the ldap support can
    move out into the ldap kdb plugin.)  I think it can probably go into
    libkdb?
    
        Done.
    
    If possible, k5-int.h shouldn't include kdb.h, so updating kdb.h doesn't
    cause recompilation of (for example) all of the crypto library code.
    
        Done.
    
    After printing "master keys for principal", if enctype_to_string fails, we
    haven't set retval to the error code but use it anyways.  Later, asprintf
    isn't checked for failure.
    
        Done.
    
    Some cases of indentation not matching MIT style, in particular,
    continuation lines in function calls being indented four columns instead of
    indented to make function arguments line up.
    
        Done.
    
    krb5_dbe_lookup_mkvno, krb5_dbe_lookup_mkey_aux, krb5_dbe_lookup_actkvno
    need to verify lengths before decoding data.
    
        Done.
    
    kdb5_add_mkey should use the "zap" macro on key data instead of memset
    before directly freeing it; some compilers (one reference I found mentions
    the Microsoft C++ .NET compiler) may optimize away scribbles over storage
    about to be freed, leaving the values to be retained in core dumps or
    uninitialized heap allocations, and "zap" is intended to be where we dump
    any necessary hacks to defeat that.  Similarly for any other places where
    key data is stored (e.g., within tl_data).
    
        Done.
    
    krb5_dbe_update_actkvno (and probably elsewhere in our existing code): Note
    that failure in realloc (NULL return when size is nonzero) leaves the old
    storage un-freed.  So "x=realloc(x,sz)" is a good way to leak memory if
    reallocation fails, since you no longer have a handle on the orignial "x".
    
        Done.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21797 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 26, 2009
Commits on Jan 23, 2009
  1. Merge with head of trunk. Pulled in Ken's fix for db2 hash bug on

    filesystems whose record size is > 64K.  All make check tests pass on my
    Solaris test system using ZFS with recordsize=128K.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21791 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 23, 2009
Commits on Jan 22, 2009
  1. Change the name of the krb5_dbe_act_mkey_list function to

    krb5_dbe_act_key_list to indicate it is a generic function of use on any
    princ.  I also modified the process_tgs_req function to use the
    master_keylist and look up the proper mkey when decrypting the server
    key.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21777 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 22, 2009
  2. Fixed problem that was causing the src/tests/mkeystash_compat to fail.

    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21772 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 22, 2009
Commits on Jan 21, 2009
  1. Modified krb5_db_fetch_mkey() to use the enctype in the stash file.

    After making this modification 917 dejagnu tests pass (did not see any
    failures on my Solaris test system).
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21771 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 21, 2009
  2. Merge with current head of trunk:

    svn merge -r21722:HEAD svn+ssh://wfiveash@svn.mit.edu/krb5/trunk
    
    Everything compiles.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21769 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 21, 2009
  3. Made a change to the code reading the mkey stash to use the enctype

    stored in the stash instead of overriding that with what is set in the
    gobal parameter.  This allows a stashed mkey's enctype to differ from
    the current mkey stored in the K/M princ.  I also updated
    krb5_def_fetch_mkey_list() to avoid a crash when trying to decrypt data
    encrypted with a des-cbc-crc key with a aes-128 key.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21767 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 21, 2009
Commits on Jan 20, 2009
  1. More bug fixes. There were several bugs in the existing new commands.

    At this point the add_mkey, use_mkey and list_mkeys commands appear to
    work generally.  I've noticed however that specifying a non-default
    enctype when using add_mkey and stashing the result (add_mkey -e
    aes128-cts-hmac-sha1-96 -s) causes problems when the new mkey is fetched
    from the stash file.  I'll fix this in another commit.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21765 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 20, 2009
Commits on Jan 16, 2009
  1. Fixed the kdb5_util list_mkeys command (wasn't printing mkey info).

    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21757 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 16, 2009
  2. Fixed several more places where type mismatches could cause corruption

    with the encoding/decoding of the new TL data types.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21756 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 16, 2009
  3. Fixed several bugs discovered during initial debugging of KDB

    creation.
    
    
    git-svn-id: svn://anonsvn.mit.edu/krb5/branches/mkey_migrate@21755 dc483132-0cff-0310-8789-dd5450dbe970
    wfiveash committed Jan 16, 2009