samba.git/source4/heimdal, branch talloc-2.3.2 Unnamed repository; edit this file 'description' to name the repository. Compile .l files (flex) with the waf rule at runtime 2020-08-07T03:23:44+00:00 Andrew Bartlett abartlet@samba.org 2020-05-27T09:31:43+00:00 c51c15144e3fbdd3ebed301a077c687e23882e09 Other parts of Samba already compile these directly. This makes these files compile with modern compiler warnings. The primary difference (other than being built with a newer flex) is the loss of the #include "config.h" but this is not used in the other .l files elsewehre and does not seem to matter on modern systems. The generated output from compile_et asn1_compile has not changed (so I think the hx509 case is safe). The mdssvc case just has changed file locations and line numbers. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> 
Other parts of Samba already compile these directly.

This makes these files compile with modern compiler warnings.

The primary difference (other than being built with a newer
flex) is the loss of the #include "config.h" but
this is not used in the other .l files elsewehre and does not
seem to matter on modern systems.

The generated output from compile_et asn1_compile has not changed
(so I think the hx509 case is safe).

The mdssvc case just has changed file locations and line numbers.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
heimdal: Exclude more of plugin.c if HAVE_DLOPEN (which Samba unsets) is not set 2020-08-07T03:23:43+00:00 Andrew Bartlett abartlet@samba.org 2020-05-27T10:18:31+00:00 1663ada9751d35f10c92149801c5b209b0361ac1 This allows us to avoid warnings and errors due to unsued variables and functions. Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> 
This allows us to avoid warnings and errors due to unsued variables
and functions.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
heimdal: Use #ifdef HAVE_DLOPEN around function used by HAVE_DLOPEN 2020-08-07T03:23:43+00:00 Gary Lockyer gary@catalyst.net.nz 2017-09-25T00:58:10+00:00 1687813ec2d2609b2f9d65ef2917983d8f255af9 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> 
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
heimdal: Use #ifdef HAVE_DLOPEN around functions used only by HAVE_DLOPEN 2020-08-07T03:23:43+00:00 Gary Lockyer gary@catalyst.net.nz 2017-09-25T01:15:28+00:00 4e8f3fdf82ab1ed4ecb8edcc284168dc85dadc49 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> 
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
heimdal: apply disallow-forwardable on server in TGS request 2020-06-12T20:42:38+00:00 Isaac Boukris iboukris@gmail.com 2020-01-13T22:42:54+00:00 8fdff19c5461315556014d25d237a958edeed1a2 upstream commit: 839b073facd2aecda6740224d73e560bc79965dc BUG: https://bugzilla.samba.org/show_bug.cgi?id=14233 Signed-off-by: Isaac Boukris <iboukris@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> 
upstream commit: 839b073facd2aecda6740224d73e560bc79965dc

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14233

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
kdc: allow checksum of PA-FOR-USER to be HMAC_MD5 2020-06-11T02:48:58+00:00 Isaac Boukris iboukris@gmail.com 2018-11-12T10:26:25+00:00 6095a4f0d58cad3dde6e76cadd7bcae0a240c9e6 even if the tgt session key uses different hmac. Per [MS-SFU] 2.2.1 PA-FOR-USER the checksum is always HMAC_MD5, and that's what windows 7 client and MIT client send. In heimdal both the client and kdc use the checksum of the tgt key instead and therefore work with each other but windows and MIT clients fail against heimdal KDC. Windows KDC allows either checksum (HMAC_MD5 or from tgt) so we should do the same to support all clients. Signed-off-by: Isaac Boukris <iboukris@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Thu Jun 11 02:48:58 UTC 2020 on sn-devel-184 
even if the tgt session key uses different hmac.

Per [MS-SFU] 2.2.1 PA-FOR-USER the checksum is
always HMAC_MD5, and that's what windows 7 client
and MIT client send.

In heimdal both the client and kdc use the checksum of
the tgt key instead and therefore work with each other
but windows and MIT clients fail against heimdal KDC.

Windows KDC allows either checksum (HMAC_MD5 or from
tgt) so we should do the same to support all clients.

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 11 02:48:58 UTC 2020 on sn-devel-184
CVE-2019-14870: heimdal: enforce delegation_not_allowed in S4U2Self 2019-12-10T09:18:46+00:00 Isaac Boukris iboukris@gmail.com 2019-10-28T00:54:09+00:00 84de46f5347288a3683ba083f529137efa8028e9 Signed-off-by: Isaac Boukris <iboukris@gmail.com> 
Signed-off-by: Isaac Boukris <iboukris@gmail.com>
s4 heimdal_build: Fix static heimdal builds with replacement closefrom() 2019-07-05T03:33:19+00:00 Karl Lenz xorangekiller@gmail.com 2019-07-05T00:27:46+00:00 f31333d40e6fa38daa32a3ebb32d5a317c06fc62 If Samba was configured with "--nonshared-binary=winexe" to build winexe as a static binary, and the replacement closefrom() function was used (which is default on most GNU/Linux systems without the libbsd development package installed), then winexe would fail to link with the error message shown below. [2631/3059] Linking bin/default/examples/winexe/winexe source4/heimdal/lib/roken/closefrom.c.1.o: In function `rep_closefrom': closefrom.c:(.text+0x0): multiple definition of `rep_closefrom' lib/replace/closefrom.c.2.o:closefrom.c:(.text+0x292): first defined here collect2: error: ld returned 1 exit status The real problem here was not with the winexe build itself - that was merely the application that I was attempting to build statically when I encountered it. As Andrew Bartlett very helpfully pointed out to me, this regression was introduced when "lib/replace/closefrom.c" was added in commit 55529d0f and, more to the point, when the heimdal build started using it in commit 3a7ebd0e. From that point on, any time that Samba's embedded copy of heimdal was statically linked into an application, it would fail to link because heimdal's own rep_closefrom() function in its "roken" library would conflict with the rep_closefrom() function in the "replace" library used elsewhere in Samba - a library which the "roken" library itself depends on. To further compound the problem, heimdal's own "roken" library is also compiled for the host (a necessary distinction for cross-compiled builds) and linked into a small number of utility applications used during the heimdal build. However, they can't link directly against the "replace" library, unlike the main "roken" library build which carries that dependency, because the "replace" library is _not_ built for the host. I solved this problem by eliminating heimdal's version of rep_closefrom() and making it use the one from "lib/replace" everywhere. That wasn't a problem for the main heimdal library that is built for the target because it was already linking in "lib/replace" (that's what caused this problem in the first place!), but to solve the aforementioned issue with "lib/replace" not being built for the host, I added "lib/replace/closefrom.c" to the list of "source4/heimdal/lib/roken" sources to be built for the host to satisfy heimdal's host utilities. Everyone wins, I think. Signed-off-by: Karl Lenz <xorangekiller@gmail.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> 
If Samba was configured with "--nonshared-binary=winexe" to build
winexe as a static binary, and the replacement closefrom() function
was used (which is default on most GNU/Linux systems without the libbsd
development package installed), then winexe would fail to link with the
error message shown below.

[2631/3059] Linking bin/default/examples/winexe/winexe
source4/heimdal/lib/roken/closefrom.c.1.o: In function `rep_closefrom':
closefrom.c:(.text+0x0): multiple definition of `rep_closefrom'
lib/replace/closefrom.c.2.o:closefrom.c:(.text+0x292): first defined here
collect2: error: ld returned 1 exit status

The real problem here was not with the winexe build itself - that was
merely the application that I was attempting to build statically when I
encountered it. As Andrew Bartlett very helpfully pointed out to me, this
regression was introduced when "lib/replace/closefrom.c" was added in
commit 55529d0f and, more to the point, when the heimdal build started
using it in commit 3a7ebd0e. From that point on, any time that Samba's
embedded copy of heimdal was statically linked into an application, it
would fail to link because heimdal's own rep_closefrom() function in its
"roken" library would conflict with the rep_closefrom() function in the
"replace" library used elsewhere in Samba - a library which the "roken"
library itself depends on. To further compound the problem, heimdal's
own "roken" library is also compiled for the host (a necessary
distinction for cross-compiled builds) and linked into a small number of
utility applications used during the heimdal build. However, they can't
link directly against the "replace" library, unlike the main "roken"
library build which carries that dependency, because the "replace"
library is _not_ built for the host.

I solved this problem by eliminating heimdal's version of rep_closefrom()
and making it use the one from "lib/replace" everywhere. That wasn't a
problem for the main heimdal library that is built for the target because
it was already linking in "lib/replace" (that's what caused this problem
in the first place!), but to solve the aforementioned issue with
"lib/replace" not being built for the host, I added
"lib/replace/closefrom.c" to the list of "source4/heimdal/lib/roken"
sources to be built for the host to satisfy heimdal's host utilities.
Everyone wins, I think.

Signed-off-by: Karl Lenz <xorangekiller@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
CVE-2018-16860 Heimdal KDC: Reject PA-S4U2Self with unkeyed checksum 2019-05-14T11:45:13+00:00 Isaac Boukris iboukris@gmail.com 2019-01-30T21:49:07+00:00 43958af1d50f0185e21e6cd74110c455ee8996af BUG: https://bugzilla.samba.org/show_bug.cgi?id=13685 Signed-off-by: Isaac Boukris <iboukris@gmail.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Signed-off-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Karolin Seeger <kseeger@samba.org> Autobuild-Date(master): Tue May 14 11:45:13 UTC 2019 on sn-devel-184 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13685

Signed-off-by: Isaac Boukris <iboukris@gmail.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Karolin Seeger <kseeger@samba.org>
Autobuild-Date(master): Tue May 14 11:45:13 UTC 2019 on sn-devel-184
heimdal: Fix "assuming signed overflow doesnt occur" error 2019-03-18T19:21:24+00:00 Volker Lendecke vl@samba.org 2019-03-18T08:30:17+00:00 d0dc4033cc0b636914611883caaaf6cddf527223 Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>