[Heimdal-source-changes] [heimdal/heimdal] 6043cc: kadmind: check for KADM5_PRIV_GET when op GET

GitHub noreply at github.com
Mon Mars 16 17:39:13 CET 2015 

  Branch: refs/heads/master
  Home:   https://github.com/heimdal/heimdal
  Commit: 6043cc8c88a7faf20e16176bd9982356fa4b3d24
      https://github.com/heimdal/heimdal/commit/6043cc8c88a7faf20e16176bd9982356fa4b3d24
  Author: Jeffrey Altman <jaltman at secure-endpoints.com>
  Date:   2015-03-16 (Mon, 16 Mar 2015)

  Changed paths:
    M kadmin/server.c

  Log Message:
  -----------
  kadmind: check for KADM5_PRIV_GET when op GET

When performing a permission check for a GET operation the
KADM5_PRIV_GET_KEYS privilege should not be assumed to be a pure
superset of KADM5_PRIV_GET.  If the "get" permission is denied the
user cannot get an entry with or without key data.


  Commit: 34bf7ae1629eb29a87f45f6e9f4e0e42bc2a1fd2
      https://github.com/heimdal/heimdal/commit/34bf7ae1629eb29a87f45f6e9f4e0e42bc2a1fd2
  Author: Jeffrey Altman <jaltman at secure-endpoints.com>
  Date:   2015-03-16 (Mon, 16 Mar 2015)

  Changed paths:
    M kadmin/server.c

  Log Message:
  -----------
  kadmind: don't send bogus keys to ext_keytab et al

The Heimdal kadmind sends bogus keys when the client has 'get'
but not 'get-keys' permission.  For some kadmin commands this is
dangerous.  For example, ext_keytab could happily write bogus
keys to a keytab when real keys are expected, causing eventual
breakage.  Sending bogus keys is important for the kadmin get
command: so it can list the keysets that a principal has.

This patch implements a heuristic detection of kadmin get vs.
ext_keytab, add_enctype, del_enctype, and check commands.  If the
client principal lacks 'get-keys' permission, then the server
will fail requests that appear to be from those kadmin commands,
but will continue to serve bogus keys to kadmin get commands.

Thanks to Nico Williams for the idea behind this implementation.


  Commit: 15e69fbb58103706c96ebcead58413905ce12145
      https://github.com/heimdal/heimdal/commit/15e69fbb58103706c96ebcead58413905ce12145
  Author: Jeffrey Altman <jaltman at secure-endpoints.com>
  Date:   2015-03-16 (Mon, 16 Mar 2015)

  Changed paths:
    M kadmin/ext.c
    M kadmin/kadmin-commands.in

  Log Message:
  -----------
  kadmin: add ext_keytab --random-key switch

Add a --random-key switch to kadmin's ext_keytab to force the generation
of a new keyset consisting of random keys and a new key version number.


  Commit: 540c3273c4fab980a474a2f1d489a0a0d5690bc8
      https://github.com/heimdal/heimdal/commit/540c3273c4fab980a474a2f1d489a0a0d5690bc8
  Author: Nicolas Williams <nico at cryptonector.com>
  Date:   2015-03-16 (Mon, 16 Mar 2015)

  Changed paths:
    M kadmin/ext.c

  Log Message:
  -----------
  kadmin: improve warnings in ext_keytab


Compare: https://github.com/heimdal/heimdal/compare/9fbbc4cf85e2...540c3273c4fa

More information about the Heimdal-source-changes mailing list