parent
8129615200
commit
8cdb8619f5
@ -0,0 +1,226 @@
|
|||||||
|
From 433dd85aaf8d9ed0e923c873f107995232b94422 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Greg Hudson <ghudson@mit.edu>
|
||||||
|
Date: Thu, 26 Oct 2023 14:20:34 -0400
|
||||||
|
Subject: [PATCH] Add request_timeout configuration parameter
|
||||||
|
|
||||||
|
Add a parameter to limit the total amount of time taken for a KDC or
|
||||||
|
password change request.
|
||||||
|
|
||||||
|
ticket: 9106 (new)
|
||||||
|
(cherry picked from commit 802318cda963456b3ed7856c836e89da891483be)
|
||||||
|
---
|
||||||
|
doc/admin/conf_files/krb5_conf.rst | 9 ++++++
|
||||||
|
src/include/k5-int.h | 2 ++
|
||||||
|
src/lib/krb5/krb/init_ctx.c | 14 +++++++-
|
||||||
|
src/lib/krb5/os/sendto_kdc.c | 51 ++++++++++++++++++++----------
|
||||||
|
4 files changed, 58 insertions(+), 18 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/doc/admin/conf_files/krb5_conf.rst b/doc/admin/conf_files/krb5_conf.rst
|
||||||
|
index 315253e378..557094f6a2 100644
|
||||||
|
--- a/doc/admin/conf_files/krb5_conf.rst
|
||||||
|
+++ b/doc/admin/conf_files/krb5_conf.rst
|
||||||
|
@@ -357,6 +357,15 @@ The libdefaults section may contain any of the following relations:
|
||||||
|
(:ref:`duration` string.) Sets the default renewable lifetime
|
||||||
|
for initial ticket requests. The default value is 0.
|
||||||
|
|
||||||
|
+**request_timeout**
|
||||||
|
+ (:ref:`duration` string.) Sets the maximum total time for KDC or
|
||||||
|
+ password change requests. This timeout does not affect the
|
||||||
|
+ intervals between requests, so setting a low timeout may result in
|
||||||
|
+ fewer requests being attempted and/or some servers not being
|
||||||
|
+ contacted. A value of 0 indicates no specific maximum, in which
|
||||||
|
+ case requests will time out if no server responds after several
|
||||||
|
+ tries. The default value is 0. (New in release 1.22.)
|
||||||
|
+
|
||||||
|
**spake_preauth_groups**
|
||||||
|
A whitespace or comma-separated list of words which specifies the
|
||||||
|
groups allowed for SPAKE preauthentication. The possible values
|
||||||
|
diff --git a/src/include/k5-int.h b/src/include/k5-int.h
|
||||||
|
index 912aaedac4..9d5e41ca2c 100644
|
||||||
|
--- a/src/include/k5-int.h
|
||||||
|
+++ b/src/include/k5-int.h
|
||||||
|
@@ -293,6 +293,7 @@ typedef unsigned char u_char;
|
||||||
|
#define KRB5_CONF_SPAKE_PREAUTH_INDICATOR "spake_preauth_indicator"
|
||||||
|
#define KRB5_CONF_SPAKE_PREAUTH_KDC_CHALLENGE "spake_preauth_kdc_challenge"
|
||||||
|
#define KRB5_CONF_SPAKE_PREAUTH_GROUPS "spake_preauth_groups"
|
||||||
|
+#define KRB5_CONF_REQUEST_TIMEOUT "request_timeout"
|
||||||
|
#define KRB5_CONF_TICKET_LIFETIME "ticket_lifetime"
|
||||||
|
#define KRB5_CONF_UDP_PREFERENCE_LIMIT "udp_preference_limit"
|
||||||
|
#define KRB5_CONF_UNLOCKITER "unlockiter"
|
||||||
|
@@ -1218,6 +1219,7 @@ struct _krb5_context {
|
||||||
|
kdb5_dal_handle *dal_handle;
|
||||||
|
/* allowable clock skew */
|
||||||
|
krb5_deltat clockskew;
|
||||||
|
+ krb5_deltat req_timeout;
|
||||||
|
krb5_flags kdc_default_options;
|
||||||
|
krb5_flags library_options;
|
||||||
|
krb5_boolean profile_secure;
|
||||||
|
diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c
|
||||||
|
index 9a4741fa64..1a6e0bf672 100644
|
||||||
|
--- a/src/lib/krb5/krb/init_ctx.c
|
||||||
|
+++ b/src/lib/krb5/krb/init_ctx.c
|
||||||
|
@@ -163,7 +163,7 @@ krb5_init_context_profile(profile_t profile, krb5_flags flags,
|
||||||
|
} seed_data;
|
||||||
|
krb5_data seed;
|
||||||
|
int tmp;
|
||||||
|
- char *plugin_dir = NULL;
|
||||||
|
+ char *plugin_dir = NULL, *timeout_str = NULL;
|
||||||
|
|
||||||
|
/* Verify some assumptions. If the assumptions hold and the
|
||||||
|
compiler is optimizing, this should result in no code being
|
||||||
|
@@ -257,6 +257,17 @@ krb5_init_context_profile(profile_t profile, krb5_flags flags,
|
||||||
|
get_integer(ctx, KRB5_CONF_CLOCKSKEW, DEFAULT_CLOCKSKEW, &tmp);
|
||||||
|
ctx->clockskew = tmp;
|
||||||
|
|
||||||
|
+ retval = profile_get_string(ctx->profile, KRB5_CONF_LIBDEFAULTS,
|
||||||
|
+ KRB5_CONF_REQUEST_TIMEOUT, NULL, NULL,
|
||||||
|
+ &timeout_str);
|
||||||
|
+ if (retval)
|
||||||
|
+ goto cleanup;
|
||||||
|
+ if (timeout_str != NULL) {
|
||||||
|
+ retval = krb5_string_to_deltat(timeout_str, &ctx->req_timeout);
|
||||||
|
+ if (retval)
|
||||||
|
+ goto cleanup;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
get_integer(ctx, KRB5_CONF_KDC_DEFAULT_OPTIONS, KDC_OPT_RENEWABLE_OK,
|
||||||
|
&tmp);
|
||||||
|
ctx->kdc_default_options = tmp;
|
||||||
|
@@ -298,6 +309,7 @@ krb5_init_context_profile(profile_t profile, krb5_flags flags,
|
||||||
|
|
||||||
|
cleanup:
|
||||||
|
profile_release_string(plugin_dir);
|
||||||
|
+ profile_release_string(timeout_str);
|
||||||
|
krb5_free_context(ctx);
|
||||||
|
return retval;
|
||||||
|
}
|
||||||
|
diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c
|
||||||
|
index 8e4fcd2a38..f57117126e 100644
|
||||||
|
--- a/src/lib/krb5/os/sendto_kdc.c
|
||||||
|
+++ b/src/lib/krb5/os/sendto_kdc.c
|
||||||
|
@@ -1390,34 +1390,41 @@ get_endtime(time_ms endtime, struct conn_state *conns)
|
||||||
|
|
||||||
|
static krb5_boolean
|
||||||
|
service_fds(krb5_context context, struct select_state *selstate,
|
||||||
|
- time_ms interval, struct conn_state *conns,
|
||||||
|
+ time_ms interval, time_ms timeout, struct conn_state *conns,
|
||||||
|
struct select_state *seltemp, const krb5_data *realm,
|
||||||
|
int (*msg_handler)(krb5_context, const krb5_data *, void *),
|
||||||
|
void *msg_handler_data, struct conn_state **winner_out)
|
||||||
|
{
|
||||||
|
int e, selret = 0;
|
||||||
|
- time_ms endtime;
|
||||||
|
+ time_ms curtime, interval_end, endtime;
|
||||||
|
struct conn_state *state;
|
||||||
|
|
||||||
|
*winner_out = NULL;
|
||||||
|
|
||||||
|
- e = get_curtime_ms(&endtime);
|
||||||
|
+ e = get_curtime_ms(&curtime);
|
||||||
|
if (e)
|
||||||
|
return TRUE;
|
||||||
|
- endtime += interval;
|
||||||
|
+ interval_end = curtime + interval;
|
||||||
|
|
||||||
|
e = 0;
|
||||||
|
while (selstate->nfds > 0) {
|
||||||
|
- e = cm_select_or_poll(selstate, get_endtime(endtime, conns),
|
||||||
|
- seltemp, &selret);
|
||||||
|
+ endtime = get_endtime(interval_end, conns);
|
||||||
|
+ /* Don't wait longer than the whole request should last. */
|
||||||
|
+ if (timeout && endtime > timeout)
|
||||||
|
+ endtime = timeout;
|
||||||
|
+ e = cm_select_or_poll(selstate, endtime, seltemp, &selret);
|
||||||
|
if (e == EINTR)
|
||||||
|
continue;
|
||||||
|
if (e != 0)
|
||||||
|
break;
|
||||||
|
|
||||||
|
- if (selret == 0)
|
||||||
|
- /* Timeout, return to caller. */
|
||||||
|
+ if (selret == 0) {
|
||||||
|
+ /* We timed out. Stop if we hit the overall request timeout. */
|
||||||
|
+ if (timeout && (get_curtime_ms(&curtime) || curtime >= timeout))
|
||||||
|
+ return TRUE;
|
||||||
|
+ /* Otherwise return to the caller to send the next request. */
|
||||||
|
return FALSE;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
/* Got something on a socket, process it. */
|
||||||
|
for (state = conns; state != NULL; state = state->next) {
|
||||||
|
@@ -1490,7 +1497,7 @@ k5_sendto(krb5_context context, const krb5_data *message,
|
||||||
|
void *msg_handler_data)
|
||||||
|
{
|
||||||
|
int pass;
|
||||||
|
- time_ms delay;
|
||||||
|
+ time_ms delay, timeout = 0;
|
||||||
|
krb5_error_code retval;
|
||||||
|
struct conn_state *conns = NULL, *state, **tailptr, *next, *winner;
|
||||||
|
size_t s;
|
||||||
|
@@ -1500,6 +1507,13 @@ k5_sendto(krb5_context context, const krb5_data *message,
|
||||||
|
|
||||||
|
*reply = empty_data();
|
||||||
|
|
||||||
|
+ if (context->req_timeout) {
|
||||||
|
+ retval = get_curtime_ms(&timeout);
|
||||||
|
+ if (retval)
|
||||||
|
+ return retval;
|
||||||
|
+ timeout += 1000 * context->req_timeout;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
/* One for use here, listing all our fds in use, and one for
|
||||||
|
* temporary use in service_fds, for the fds of interest. */
|
||||||
|
sel_state = malloc(2 * sizeof(*sel_state));
|
||||||
|
@@ -1527,8 +1541,9 @@ k5_sendto(krb5_context context, const krb5_data *message,
|
||||||
|
if (maybe_send(context, state, message, sel_state, realm,
|
||||||
|
callback_info))
|
||||||
|
continue;
|
||||||
|
- done = service_fds(context, sel_state, 1000, conns, seltemp,
|
||||||
|
- realm, msg_handler, msg_handler_data, &winner);
|
||||||
|
+ done = service_fds(context, sel_state, 1000, timeout, conns,
|
||||||
|
+ seltemp, realm, msg_handler, msg_handler_data,
|
||||||
|
+ &winner);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -1540,13 +1555,13 @@ k5_sendto(krb5_context context, const krb5_data *message,
|
||||||
|
if (maybe_send(context, state, message, sel_state, realm,
|
||||||
|
callback_info))
|
||||||
|
continue;
|
||||||
|
- done = service_fds(context, sel_state, 1000, conns, seltemp,
|
||||||
|
+ done = service_fds(context, sel_state, 1000, timeout, conns, seltemp,
|
||||||
|
realm, msg_handler, msg_handler_data, &winner);
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Wait for two seconds at the end of the first pass. */
|
||||||
|
if (!done) {
|
||||||
|
- done = service_fds(context, sel_state, 2000, conns, seltemp,
|
||||||
|
+ done = service_fds(context, sel_state, 2000, timeout, conns, seltemp,
|
||||||
|
realm, msg_handler, msg_handler_data, &winner);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -1557,15 +1572,17 @@ k5_sendto(krb5_context context, const krb5_data *message,
|
||||||
|
if (maybe_send(context, state, message, sel_state, realm,
|
||||||
|
callback_info))
|
||||||
|
continue;
|
||||||
|
- done = service_fds(context, sel_state, 1000, conns, seltemp,
|
||||||
|
- realm, msg_handler, msg_handler_data, &winner);
|
||||||
|
+ done = service_fds(context, sel_state, 1000, timeout, conns,
|
||||||
|
+ seltemp, realm, msg_handler, msg_handler_data,
|
||||||
|
+ &winner);
|
||||||
|
if (sel_state->nfds == 0)
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
/* Wait for the delay backoff at the end of this pass. */
|
||||||
|
if (!done) {
|
||||||
|
- done = service_fds(context, sel_state, delay, conns, seltemp,
|
||||||
|
- realm, msg_handler, msg_handler_data, &winner);
|
||||||
|
+ done = service_fds(context, sel_state, delay, timeout, conns,
|
||||||
|
+ seltemp, realm, msg_handler, msg_handler_data,
|
||||||
|
+ &winner);
|
||||||
|
}
|
||||||
|
if (sel_state->nfds == 0)
|
||||||
|
break;
|
||||||
|
--
|
||||||
|
2.44.0
|
||||||
|
|
@ -0,0 +1,34 @@
|
|||||||
|
From a68fba22588cc21dcd1dc28550529187dca58331 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Greg Hudson <ghudson@mit.edu>
|
||||||
|
Date: Fri, 27 Oct 2023 00:44:53 -0400
|
||||||
|
Subject: [PATCH] End connection on KDC_ERR_SVC_UNAVAILABLE
|
||||||
|
|
||||||
|
In sendto_kdc.c:service_fds(), if a message handler indicates that a
|
||||||
|
message should be discarded, kill the connection so we don't continue
|
||||||
|
waiting on it for more data.
|
||||||
|
|
||||||
|
ticket: 7899
|
||||||
|
(cherry picked from commit ca80f64c786341d5871ae1de18142e62af64f7b9)
|
||||||
|
---
|
||||||
|
src/lib/krb5/os/sendto_kdc.c | 5 ++++-
|
||||||
|
1 file changed, 4 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c
|
||||||
|
index d76e24ccf0..8e4fcd2a38 100644
|
||||||
|
--- a/src/lib/krb5/os/sendto_kdc.c
|
||||||
|
+++ b/src/lib/krb5/os/sendto_kdc.c
|
||||||
|
@@ -1435,7 +1435,10 @@ service_fds(krb5_context context, struct select_state *selstate,
|
||||||
|
if (msg_handler != NULL) {
|
||||||
|
krb5_data reply = make_data(state->in.buf, state->in.pos);
|
||||||
|
|
||||||
|
- stop = (msg_handler(context, &reply, msg_handler_data) != 0);
|
||||||
|
+ if (!msg_handler(context, &reply, msg_handler_data)) {
|
||||||
|
+ kill_conn(context, state, selstate);
|
||||||
|
+ stop = 0;
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
|
||||||
|
if (stop) {
|
||||||
|
--
|
||||||
|
2.44.0
|
||||||
|
|
@ -0,0 +1,205 @@
|
|||||||
|
From efb3acd20cbe6330439635a9f297b9dae8a0a5d3 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Greg Hudson <ghudson@mit.edu>
|
||||||
|
Date: Tue, 5 Mar 2024 19:53:07 -0500
|
||||||
|
Subject: [PATCH] Fix two unlikely memory leaks
|
||||||
|
|
||||||
|
In gss_krb5int_make_seal_token_v3(), one of the bounds checks (which
|
||||||
|
could probably never be triggered) leaks plain.data. Fix this leak
|
||||||
|
and use current practices for cleanup throughout the function.
|
||||||
|
|
||||||
|
In xmt_rmtcallres() (unused within the tree and likely elsewhere),
|
||||||
|
store port_ptr into crp->port_ptr as soon as it is allocated;
|
||||||
|
otherwise it could leak if the subsequent xdr_u_int32() operation
|
||||||
|
fails.
|
||||||
|
|
||||||
|
(cherry picked from commit c5f9c816107f70139de11b38aa02db2f1774ee0d)
|
||||||
|
---
|
||||||
|
src/lib/gssapi/krb5/k5sealv3.c | 56 +++++++++++++++-------------------
|
||||||
|
src/lib/rpc/pmap_rmt.c | 9 +++---
|
||||||
|
2 files changed, 29 insertions(+), 36 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/lib/gssapi/krb5/k5sealv3.c b/src/lib/gssapi/krb5/k5sealv3.c
|
||||||
|
index 3b4f8cb837..e881eee835 100644
|
||||||
|
--- a/src/lib/gssapi/krb5/k5sealv3.c
|
||||||
|
+++ b/src/lib/gssapi/krb5/k5sealv3.c
|
||||||
|
@@ -65,7 +65,7 @@ gss_krb5int_make_seal_token_v3 (krb5_context context,
|
||||||
|
int conf_req_flag, int toktype)
|
||||||
|
{
|
||||||
|
size_t bufsize = 16;
|
||||||
|
- unsigned char *outbuf = 0;
|
||||||
|
+ unsigned char *outbuf = NULL;
|
||||||
|
krb5_error_code err;
|
||||||
|
int key_usage;
|
||||||
|
unsigned char acceptor_flag;
|
||||||
|
@@ -75,9 +75,13 @@ gss_krb5int_make_seal_token_v3 (krb5_context context,
|
||||||
|
#endif
|
||||||
|
size_t ec;
|
||||||
|
unsigned short tok_id;
|
||||||
|
- krb5_checksum sum;
|
||||||
|
+ krb5_checksum sum = { 0 };
|
||||||
|
krb5_key key;
|
||||||
|
krb5_cksumtype cksumtype;
|
||||||
|
+ krb5_data plain = empty_data();
|
||||||
|
+
|
||||||
|
+ token->value = NULL;
|
||||||
|
+ token->length = 0;
|
||||||
|
|
||||||
|
acceptor_flag = ctx->initiate ? 0 : FLAG_SENDER_IS_ACCEPTOR;
|
||||||
|
key_usage = (toktype == KG_TOK_WRAP_MSG
|
||||||
|
@@ -107,14 +111,15 @@ gss_krb5int_make_seal_token_v3 (krb5_context context,
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if (toktype == KG_TOK_WRAP_MSG && conf_req_flag) {
|
||||||
|
- krb5_data plain;
|
||||||
|
krb5_enc_data cipher;
|
||||||
|
size_t ec_max;
|
||||||
|
size_t encrypt_size;
|
||||||
|
|
||||||
|
/* 300: Adds some slop. */
|
||||||
|
- if (SIZE_MAX - 300 < message->length)
|
||||||
|
- return ENOMEM;
|
||||||
|
+ if (SIZE_MAX - 300 < message->length) {
|
||||||
|
+ err = ENOMEM;
|
||||||
|
+ goto cleanup;
|
||||||
|
+ }
|
||||||
|
ec_max = SIZE_MAX - message->length - 300;
|
||||||
|
if (ec_max > 0xffff)
|
||||||
|
ec_max = 0xffff;
|
||||||
|
@@ -126,20 +131,20 @@ gss_krb5int_make_seal_token_v3 (krb5_context context,
|
||||||
|
#endif
|
||||||
|
err = alloc_data(&plain, message->length + 16 + ec);
|
||||||
|
if (err)
|
||||||
|
- return err;
|
||||||
|
+ goto cleanup;
|
||||||
|
|
||||||
|
/* Get size of ciphertext. */
|
||||||
|
encrypt_size = krb5_encrypt_size(plain.length, key->keyblock.enctype);
|
||||||
|
if (encrypt_size > SIZE_MAX / 2) {
|
||||||
|
err = ENOMEM;
|
||||||
|
- goto error;
|
||||||
|
+ goto cleanup;
|
||||||
|
}
|
||||||
|
bufsize = 16 + encrypt_size;
|
||||||
|
/* Allocate space for header plus encrypted data. */
|
||||||
|
outbuf = gssalloc_malloc(bufsize);
|
||||||
|
if (outbuf == NULL) {
|
||||||
|
- free(plain.data);
|
||||||
|
- return ENOMEM;
|
||||||
|
+ err = ENOMEM;
|
||||||
|
+ goto cleanup;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* TOK_ID */
|
||||||
|
@@ -164,11 +169,8 @@ gss_krb5int_make_seal_token_v3 (krb5_context context,
|
||||||
|
cipher.ciphertext.length = bufsize - 16;
|
||||||
|
cipher.enctype = key->keyblock.enctype;
|
||||||
|
err = krb5_k_encrypt(context, key, key_usage, 0, &plain, &cipher);
|
||||||
|
- zap(plain.data, plain.length);
|
||||||
|
- free(plain.data);
|
||||||
|
- plain.data = 0;
|
||||||
|
if (err)
|
||||||
|
- goto error;
|
||||||
|
+ goto cleanup;
|
||||||
|
|
||||||
|
/* Now that we know we're returning a valid token.... */
|
||||||
|
ctx->seq_send++;
|
||||||
|
@@ -181,7 +183,6 @@ gss_krb5int_make_seal_token_v3 (krb5_context context,
|
||||||
|
/* If the rotate fails, don't worry about it. */
|
||||||
|
#endif
|
||||||
|
} else if (toktype == KG_TOK_WRAP_MSG && !conf_req_flag) {
|
||||||
|
- krb5_data plain;
|
||||||
|
size_t cksumsize;
|
||||||
|
|
||||||
|
/* Here, message is the application-supplied data; message2 is
|
||||||
|
@@ -193,21 +194,19 @@ gss_krb5int_make_seal_token_v3 (krb5_context context,
|
||||||
|
wrap_with_checksum:
|
||||||
|
err = alloc_data(&plain, message->length + 16);
|
||||||
|
if (err)
|
||||||
|
- return err;
|
||||||
|
+ goto cleanup;
|
||||||
|
|
||||||
|
err = krb5_c_checksum_length(context, cksumtype, &cksumsize);
|
||||||
|
if (err)
|
||||||
|
- goto error;
|
||||||
|
+ goto cleanup;
|
||||||
|
|
||||||
|
assert(cksumsize <= 0xffff);
|
||||||
|
|
||||||
|
bufsize = 16 + message2->length + cksumsize;
|
||||||
|
outbuf = gssalloc_malloc(bufsize);
|
||||||
|
if (outbuf == NULL) {
|
||||||
|
- free(plain.data);
|
||||||
|
- plain.data = 0;
|
||||||
|
err = ENOMEM;
|
||||||
|
- goto error;
|
||||||
|
+ goto cleanup;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* TOK_ID */
|
||||||
|
@@ -239,23 +238,15 @@ gss_krb5int_make_seal_token_v3 (krb5_context context,
|
||||||
|
if (message2->length)
|
||||||
|
memcpy(outbuf + 16, message2->value, message2->length);
|
||||||
|
|
||||||
|
- sum.contents = outbuf + 16 + message2->length;
|
||||||
|
- sum.length = cksumsize;
|
||||||
|
-
|
||||||
|
err = krb5_k_make_checksum(context, cksumtype, key,
|
||||||
|
key_usage, &plain, &sum);
|
||||||
|
- zap(plain.data, plain.length);
|
||||||
|
- free(plain.data);
|
||||||
|
- plain.data = 0;
|
||||||
|
if (err) {
|
||||||
|
zap(outbuf,bufsize);
|
||||||
|
- goto error;
|
||||||
|
+ goto cleanup;
|
||||||
|
}
|
||||||
|
if (sum.length != cksumsize)
|
||||||
|
abort();
|
||||||
|
memcpy(outbuf + 16 + message2->length, sum.contents, cksumsize);
|
||||||
|
- krb5_free_checksum_contents(context, &sum);
|
||||||
|
- sum.contents = 0;
|
||||||
|
/* Now that we know we're actually generating the token... */
|
||||||
|
ctx->seq_send++;
|
||||||
|
|
||||||
|
@@ -285,12 +276,13 @@ gss_krb5int_make_seal_token_v3 (krb5_context context,
|
||||||
|
|
||||||
|
token->value = outbuf;
|
||||||
|
token->length = bufsize;
|
||||||
|
- return 0;
|
||||||
|
+ outbuf = NULL;
|
||||||
|
+ err = 0;
|
||||||
|
|
||||||
|
-error:
|
||||||
|
+cleanup:
|
||||||
|
+ krb5_free_checksum_contents(context, &sum);
|
||||||
|
+ zapfree(plain.data, plain.length);
|
||||||
|
gssalloc_free(outbuf);
|
||||||
|
- token->value = NULL;
|
||||||
|
- token->length = 0;
|
||||||
|
return err;
|
||||||
|
}
|
||||||
|
|
||||||
|
diff --git a/src/lib/rpc/pmap_rmt.c b/src/lib/rpc/pmap_rmt.c
|
||||||
|
index 8c7e30c21a..0748af34a7 100644
|
||||||
|
--- a/src/lib/rpc/pmap_rmt.c
|
||||||
|
+++ b/src/lib/rpc/pmap_rmt.c
|
||||||
|
@@ -160,11 +160,12 @@ xdr_rmtcallres(
|
||||||
|
caddr_t port_ptr;
|
||||||
|
|
||||||
|
port_ptr = (caddr_t)(void *)crp->port_ptr;
|
||||||
|
- if (xdr_reference(xdrs, &port_ptr, sizeof (uint32_t),
|
||||||
|
- xdr_u_int32) && xdr_u_int32(xdrs, &crp->resultslen)) {
|
||||||
|
- crp->port_ptr = (uint32_t *)(void *)port_ptr;
|
||||||
|
+ if (!xdr_reference(xdrs, &port_ptr, sizeof (uint32_t),
|
||||||
|
+ (xdrproc_t)xdr_u_int32))
|
||||||
|
+ return (FALSE);
|
||||||
|
+ crp->port_ptr = (uint32_t *)(void *)port_ptr;
|
||||||
|
+ if (xdr_u_int32(xdrs, &crp->resultslen))
|
||||||
|
return ((*(crp->xdr_results))(xdrs, crp->results_ptr));
|
||||||
|
- }
|
||||||
|
return (FALSE);
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.44.0
|
||||||
|
|
@ -0,0 +1,138 @@
|
|||||||
|
From 2e871df888d526a15e9e91807480c15ca4e40618 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Greg Hudson <ghudson@mit.edu>
|
||||||
|
Date: Thu, 26 Oct 2023 16:26:42 -0400
|
||||||
|
Subject: [PATCH] Wait indefinitely on KDC TCP connections
|
||||||
|
|
||||||
|
When making a KDC or password change request, wait indefinitely
|
||||||
|
(limited only by request_timeout if set) once a KDC has accepted a TCP
|
||||||
|
connection.
|
||||||
|
|
||||||
|
ticket: 9105 (new)
|
||||||
|
(cherry picked from commit 6436a3808061da787a43c6810f5f0370cdfb6e36)
|
||||||
|
---
|
||||||
|
doc/admin/conf_files/krb5_conf.rst | 2 +-
|
||||||
|
src/lib/krb5/os/sendto_kdc.c | 50 ++++++++++++++++--------------
|
||||||
|
2 files changed, 27 insertions(+), 25 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/doc/admin/conf_files/krb5_conf.rst b/doc/admin/conf_files/krb5_conf.rst
|
||||||
|
index 557094f6a2..98fe231813 100644
|
||||||
|
--- a/doc/admin/conf_files/krb5_conf.rst
|
||||||
|
+++ b/doc/admin/conf_files/krb5_conf.rst
|
||||||
|
@@ -358,7 +358,7 @@ The libdefaults section may contain any of the following relations:
|
||||||
|
for initial ticket requests. The default value is 0.
|
||||||
|
|
||||||
|
**request_timeout**
|
||||||
|
- (:ref:`duration` string.) Sets the maximum total time for KDC or
|
||||||
|
+ (:ref:`duration` string.) Sets the maximum total time for KDC and
|
||||||
|
password change requests. This timeout does not affect the
|
||||||
|
intervals between requests, so setting a low timeout may result in
|
||||||
|
fewer requests being attempted and/or some servers not being
|
||||||
|
diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c
|
||||||
|
index f57117126e..19b78aba24 100644
|
||||||
|
--- a/src/lib/krb5/os/sendto_kdc.c
|
||||||
|
+++ b/src/lib/krb5/os/sendto_kdc.c
|
||||||
|
@@ -134,7 +134,6 @@ struct conn_state {
|
||||||
|
krb5_data callback_buffer;
|
||||||
|
size_t server_index;
|
||||||
|
struct conn_state *next;
|
||||||
|
- time_ms endtime;
|
||||||
|
krb5_boolean defer;
|
||||||
|
struct {
|
||||||
|
const char *uri_path;
|
||||||
|
@@ -344,15 +343,19 @@ cm_select_or_poll(const struct select_state *in, time_ms endtime,
|
||||||
|
struct select_state *out, int *sret)
|
||||||
|
{
|
||||||
|
#ifndef USE_POLL
|
||||||
|
- struct timeval tv;
|
||||||
|
+ struct timeval tv, *tvp;
|
||||||
|
#endif
|
||||||
|
krb5_error_code retval;
|
||||||
|
time_ms curtime, interval;
|
||||||
|
|
||||||
|
- retval = get_curtime_ms(&curtime);
|
||||||
|
- if (retval != 0)
|
||||||
|
- return retval;
|
||||||
|
- interval = (curtime < endtime) ? endtime - curtime : 0;
|
||||||
|
+ if (endtime != 0) {
|
||||||
|
+ retval = get_curtime_ms(&curtime);
|
||||||
|
+ if (retval != 0)
|
||||||
|
+ return retval;
|
||||||
|
+ interval = (curtime < endtime) ? endtime - curtime : 0;
|
||||||
|
+ } else {
|
||||||
|
+ interval = -1;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
/* We don't need a separate copy of the selstate for poll, but use one for
|
||||||
|
* consistency with how we use select. */
|
||||||
|
@@ -361,9 +364,14 @@ cm_select_or_poll(const struct select_state *in, time_ms endtime,
|
||||||
|
#ifdef USE_POLL
|
||||||
|
*sret = poll(out->fds, out->nfds, interval);
|
||||||
|
#else
|
||||||
|
- tv.tv_sec = interval / 1000;
|
||||||
|
- tv.tv_usec = interval % 1000 * 1000;
|
||||||
|
- *sret = select(out->max, &out->rfds, &out->wfds, &out->xfds, &tv);
|
||||||
|
+ if (interval != -1) {
|
||||||
|
+ tv.tv_sec = interval / 1000;
|
||||||
|
+ tv.tv_usec = interval % 1000 * 1000;
|
||||||
|
+ tvp = &tv;
|
||||||
|
+ } else {
|
||||||
|
+ tvp = NULL;
|
||||||
|
+ }
|
||||||
|
+ *sret = select(out->max, &out->rfds, &out->wfds, &out->xfds, tvp);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
return (*sret < 0) ? SOCKET_ERRNO : 0;
|
||||||
|
@@ -1094,11 +1102,6 @@ service_tcp_connect(krb5_context context, const krb5_data *realm,
|
||||||
|
}
|
||||||
|
|
||||||
|
conn->state = WRITING;
|
||||||
|
-
|
||||||
|
- /* Record this connection's timeout for service_fds. */
|
||||||
|
- if (get_curtime_ms(&conn->endtime) == 0)
|
||||||
|
- conn->endtime += 10000;
|
||||||
|
-
|
||||||
|
return conn->service_write(context, realm, conn, selstate);
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -1373,19 +1376,18 @@ kill_conn:
|
||||||
|
return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
-/* Return the maximum of endtime and the endtime fields of all currently active
|
||||||
|
- * TCP connections. */
|
||||||
|
-static time_ms
|
||||||
|
-get_endtime(time_ms endtime, struct conn_state *conns)
|
||||||
|
+/* Return true if conns contains any states with connected TCP sockets. */
|
||||||
|
+static krb5_boolean
|
||||||
|
+any_tcp_connections(struct conn_state *conns)
|
||||||
|
{
|
||||||
|
struct conn_state *state;
|
||||||
|
|
||||||
|
for (state = conns; state != NULL; state = state->next) {
|
||||||
|
- if ((state->state == READING || state->state == WRITING) &&
|
||||||
|
- state->endtime > endtime)
|
||||||
|
- endtime = state->endtime;
|
||||||
|
+ if (state->addr.transport != UDP &&
|
||||||
|
+ (state->state == READING || state->state == WRITING))
|
||||||
|
+ return TRUE;
|
||||||
|
}
|
||||||
|
- return endtime;
|
||||||
|
+ return FALSE;
|
||||||
|
}
|
||||||
|
|
||||||
|
static krb5_boolean
|
||||||
|
@@ -1408,9 +1410,9 @@ service_fds(krb5_context context, struct select_state *selstate,
|
||||||
|
|
||||||
|
e = 0;
|
||||||
|
while (selstate->nfds > 0) {
|
||||||
|
- endtime = get_endtime(interval_end, conns);
|
||||||
|
+ endtime = any_tcp_connections(conns) ? 0 : interval_end;
|
||||||
|
/* Don't wait longer than the whole request should last. */
|
||||||
|
- if (timeout && endtime > timeout)
|
||||||
|
+ if (timeout && (!endtime || endtime > timeout))
|
||||||
|
endtime = timeout;
|
||||||
|
e = cm_select_or_poll(selstate, endtime, seltemp, &selret);
|
||||||
|
if (e == EINTR)
|
||||||
|
--
|
||||||
|
2.44.0
|
||||||
|
|
Loading…
Reference in new issue