oysteikt/heimdal
0
0
Fork 0
Code Issues5 Pull Requests Releases Activity
30,889 Commits 2 Branches 2 Tags
Commit Graph

60 Commits

Author SHA1 Message Date
Stefan Metzmacher
ba8c3dbc62 lib/gssapi/krb5: implement GSS_C_CHANNEL_BOUND_FLAG for gss_init_sec_context() 
This will force KERB_AP_OPTIONS_CBT to be sent.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15621

Signed-off-by: Stefan Metzmacher <metze@samba.org>
 2024-07-06 16:14:43 -04:00
Isaac Boukris
f84a98bd5f Add client_aware_channel_bindings option 
Add client support for KERB_AP_OPTIONS_CBT from MS-KILE.
 2021-08-06 13:15:19 +10:00
Nicolas Williams
6f9eb81243 krb5: copy AD from auth_context to Authenticator 
If the caller provides authz data in the auth context, then we should
copy it to the Authenticator when making an AP-REQ!
 2019-10-08 22:20:40 -05:00
Jeffrey Altman
6f3ab01c75 check return copy_Realm, copy_PrincipalName, copy_EncryptionKey 
The ASN.1 functions copy_Realm(), copy_PrincipalName() and
copy_EncryptionKey() can fail.  Check the return and perform error
handling as appropriate.

Change-Id: I2b3629d19db96eb41d1cd554cef1dca99745e753
 2017-04-29 15:24:42 -04:00
Roland C. Dowdeswell
f0f07ff408 Use krb5_enomem() more consistently in lib/krb5. 2013-02-13 16:15:00 +08:00
Love Hörnquist Åstrand
0f489b7b28 unexport krb5_init_etype, remove duplicate code 2011-06-14 21:08:52 -07:00
Nicolas Williams
2fbad6432b Initial support for default_{as, tgs}_etypes. 
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2011-06-14 20:35:19 -07:00
Jeffrey Altman
6850d6a65f avoid uninit variable and unreachable code warnings 
most of these warnings are not problems because of ample
use of abort() calls.  However, the large number of warnings
makes it difficult to identify real problems.  Initialize
the variables to shut up the compilers.

Change-Id: I8477c11b17c7b6a7d9074c721fdd2d7303b186a8
 2011-05-17 12:02:16 -04:00
Love Hornquist Astrand
687db64c56 Patch from Secure Endpoints/Asanka Herath for windows support 2009-12-21 08:45:28 +01:00
Love Hornquist Astrand
a132ffe757 Simplify krb5_build_authenticator and unexport 2009-10-05 19:52:28 -07:00
Love Hornquist Astrand
cc65dc4e8e Just make a copy of the cksum instead of trying to work around the 
fact that its not really copied.
 2009-10-05 19:25:46 -07:00
Love Hörnquist Åstrand
942a821fab remove RCSID 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25171 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-05-04 06:17:40 +00:00
Love Hörnquist Åstrand
4eb662c7a0 free data on failure, cid#86 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24140 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-12-11 05:06:34 +00:00
Love Hörnquist Åstrand
6937d41a02 remove trailing whitespace 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23815 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 09:21:03 +00:00
Love Hörnquist Åstrand
e172367898 switch to utf8 encoding of all files 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23814 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 08:53:55 +00:00
Love Hörnquist Åstrand
4f023f744b provide i18n hooks and renew krb5_create_checksum_iov from comments from metze 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23733 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-07 21:06:34 +00:00
Love Hörnquist Åstrand
854ef9a202 switch to krb5_set_error_message 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23273 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-06-23 03:25:00 +00:00
Love Hörnquist Åstrand
6b9e922298 (krb5_build_authenticator): use calloc. removed check that was never 
really used. Coverity NetBSD CID#2370


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17033 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-10 08:53:21 +00:00
Luke Howard
8dba6bea66 support for enctype negotiation 
(client sends EtypeList in Authenticator authz data)


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14453 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-01-05 02:34:53 +00:00
Love Hörnquist Åstrand
91351971f7 add KRB5_LIB_FUNCTION to all exported functions 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13863 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-05-25 21:46:46 +00:00
Love Hörnquist Åstrand
79ec557a94 (krb5_build_authenticator): abort on internal asn1 encode error 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13301 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-02-03 16:58:24 +00:00
Johan Danielsson
10617940f1 (krb5_build_authenticator): if the local sequence number is non-zero, 
don't generate a new one


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12143 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-04-25 18:10:29 +00:00
Johan Danielsson
ddc308c36f use ASN1_MALLOC_ENCODE 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11372 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2002-09-04 16:26:05 +00:00
Johan Danielsson
084816d5ec just get the length of the encoded authenticator instead of trying to 
grow a buffer


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11336 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2002-09-03 15:17:09 +00:00
Johan Danielsson
8b71b2c312 we don't have enough information about whether to generate a local 
subkey here, so don't try to


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@11331 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2002-09-02 17:12:45 +00:00
Assar Westerlund
d27aa3b62e add some krb5_{set,clear}_error_string 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9937 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-05-14 06:14:52 +00:00
Assar Westerlund
ba3301b422 (krb5_build_authenticator): add a `usage' parameter to permit the 
generation of authenticators with different crypto usage


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9168 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-11-15 06:58:51 +00:00
Assar Westerlund
accdd87f82 check return value from krb5_crypto_init 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8975 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-08-18 06:50:26 +00:00
Johan Danielsson
c5b916ca6f remove advertising clause 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7464 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-12-02 17:05:13 +00:00
Johan Danielsson
aaae186ab9 merge new-crypto branch 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@5332 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-02-11 21:03:59 +00:00
Assar Westerlund
ea28b3e1c6 (krb5_build_authenticator): realloc correctly 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@5054 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1998-06-30 16:13:07 +00:00
Assar Westerlund
e99f4c1720 remove arbitrary limit 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4488 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1998-03-01 02:44:29 +00:00
Johan Danielsson
e07a5b2712 Use krb5_encode_Authenticator. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4361 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1998-01-31 16:29:24 +00:00
Johan Danielsson
6e8c9e5569 Only generate local subkey if there is none. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4328 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1998-01-21 00:41:50 +00:00
Assar Westerlund
01b88fdcf4 (krb5_build_authenticator): use krb5_{free,copy}_keyblock instead of 
the _contents versions


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4183 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-12-11 06:34:57 +00:00
Johan Danielsson
6754ee4cad use free/copy_keyblock 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4154 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-12-07 15:41:24 +00:00
Assar Westerlund
4bdc982dc6 (krb5_build_authenticator): enctype as a parameter instead of guessing 
it.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4013 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-11-16 06:24:48 +00:00
Assar Westerlund
168aee6f56 remove dead code 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3892 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-11-11 00:16:56 +00:00
Assar Westerlund
c145f0f8e4 const and char cleanup 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3699 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-10-29 01:30:15 +00:00
Assar Westerlund
f2943ec899 (krb5_build_authenticator): figure out what etype to use from the 
keytype.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3565 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-09-29 20:42:30 +00:00
Assar Westerlund
ff51fc0d00 fix bug 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2952 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-08-12 15:53:32 +00:00
Assar Westerlund
6fd5ea4f86 use krb5_timeofday and krb5_us_timeofday 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2927 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-08-11 23:35:31 +00:00
Assar Westerlund
101d27937d (krb5_build_authenticator): don't free `cksum'. It's allocated and 
freed by the caller


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2632 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-25 15:35:04 +00:00
Assar Westerlund
3492c39def alloc seq_number so that it can be freed. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2605 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-24 08:05:22 +00:00
Assar Westerlund
d7928440a3 free more 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2569 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-23 23:54:37 +00:00
Johan Danielsson
5a32a5c8e7 Add copyright notice. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2389 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-16 21:40:05 +00:00
Johan Danielsson
884b9012ab Remove non ASN.1 principal code. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2354 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-16 01:37:19 +00:00
Assar Westerlund
5b161bb382 always generate a subkey. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2286 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-14 11:47:23 +00:00
Assar Westerlund
3641740069 stupid seq_num optimization 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2100 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-09 04:56:00 +00:00
Assar Westerlund
43ec74b9f4 fix krb5_encrypt calls 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2012 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-07 09:45:20 +00:00