oysteikt/heimdal
0
0
Fork 0
Code Issues5 Pull Requests Releases Activity
30,889 Commits 2 Branches 2 Tags
Commit Graph

129 Commits

Author SHA1 Message Date
Love Hörnquist Åstrand
c651661d7f use KRB5_CTX_F_CHECK_PAC to init check_pac field in the krb5_rd_req_in_ctx 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22230 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-08 21:41:51 +00:00
Love Hörnquist Åstrand
5fed824f37 its vs it\'s etc. From Bjorn Sandell 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22071 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-11-14 20:04:50 +00:00
Love Hörnquist Åstrand
743ccd85cf make work with cpp again, reported by Hai Zaar 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21934 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-08-27 14:21:04 +00:00
Love Hörnquist Åstrand
9df9f6a9da revert 21003 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21004 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-08 01:53:10 +00:00
Love Hörnquist Åstrand
12df8538af use "roken.h" consitantly 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21003 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-08 01:42:05 +00:00
Love Hörnquist Åstrand
f523c291f5 clear error strings 
.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20305 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-04-11 11:15:30 +00:00
Love Hörnquist Åstrand
6a8b22c01d Revert previous, the PAC should always be verified using o->keyblock, 
just check on Windows.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19935 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-16 20:51:58 +00:00
Love Hörnquist Åstrand
2ca0d5a961 (krb5_rd_req_ctx): The code failed to consider the enc_tkt_in_skey 
case, from Douglas E. Engert.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19919 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-15 22:40:42 +00:00
Love Hörnquist Åstrand
a84be6224b (krb5_rd_req_ctx): Use the correct keyblock when verifying the PAC. 
From Andrew Bartlett.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19792 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-10 12:10:17 +00:00
Love Hörnquist Åstrand
a03b0ce550 Make it possible to turn off PAC check, its default on. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19680 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-04 11:27:20 +00:00
Love Hörnquist Åstrand
c8c4c730ac (krb5_rd_req_ctx): If there is a PAC, verify its server signature. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19679 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-04 11:23:34 +00:00
Love Hörnquist Åstrand
a04ab012c3 Add more krb5_rd_req_out_get functions. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18931 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-11-07 17:11:31 +00:00
Love Hörnquist Åstrand
3c84029aba (krb5_rd_req_ctx): Add context all singing-all dancing version of the 
krb5_rd_req and implement krb5_rd_req and krb5_rd_req_with_keyblock
using it.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18925 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-11-07 00:13:58 +00:00
Love Hörnquist Åstrand
c7b54c3372 Adapt to signature change of _krb5_principalname2krb5_principal. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18270 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-10-06 17:06:30 +00:00
Love Hörnquist Åstrand
aea29bec78 Add previous ETypeList code again, it was a halfbuilt context that 
broke the code.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18140 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-09-21 09:00:36 +00:00
Love Hörnquist Åstrand
7c180646d3 disable ETypeList parsing usage for now, cfx seems broken and its not 
good to upgrade to a broken enctype.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18136 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-09-21 07:44:32 +00:00
Love Hörnquist Åstrand
69dda05a9c (krb5_verify_authenticator_checksum): on protocol failure, avoid leaking memory 
Coverity, NetBSD CID#1900


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17042 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-10 10:14:44 +00:00
Love Hörnquist Åstrand
59aa089d03 (krb5_verify_ap_req2): make sure `ticket´ points to NULL in case of 
error, add error handling, use calloc.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17025 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-09 17:56:10 +00:00
Love Hörnquist Åstrand
56538b207f Update (c) 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16310 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-11-29 18:22:51 +00:00
Love Hörnquist Åstrand
755229f6d3 (krb5_verify_ap_re2): check timestamp in authenticator 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16309 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-11-29 15:55:34 +00:00
Love Hörnquist Åstrand
ca1a379a41 (check_transited): explain the TR-type 0 better and why it matters. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16308 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-11-29 14:14:26 +00:00
Love Hörnquist Åstrand
4196a3bb90 (check_transited): Allow empty content of type 0 because that is was 
Microsoft enerates in their TGT.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15994 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-08-27 05:48:57 +00:00
Love Hörnquist Åstrand
2d1c1063ef krb5_enctype_is_disabled is the same thing as krb5_enctype_valid, so 
use the later since its older and the api doesn't really need another
entry point


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14487 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-01-08 20:43:50 +00:00
Luke Howard
8dba6bea66 support for enctype negotiation 
(client sends EtypeList in Authenticator authz data)


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14453 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-01-05 02:34:53 +00:00
Love Hörnquist Åstrand
69b55bfa0b use private version of principalname 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@14423 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-12-29 18:56:43 +00:00
Love Hörnquist Åstrand
91351971f7 add KRB5_LIB_FUNCTION to all exported functions 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13863 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-05-25 21:46:46 +00:00
Love Hörnquist Åstrand
1d8257ac92 (krb5_verify_ap_req2): clear the whole ticket, not just a pointer size of it 
From: Luke Howard <lukeh@padl.com>


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13822 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2004-04-29 07:31:45 +00:00
Love Hörnquist Åstrand
f0e00bfd8d (krb5_verify_ap_req2): krb5_free_ticket free the ticket now, rewrite 
error handling to handle that


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13108 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-11-09 01:28:01 +00:00
Johan Danielsson
88e4f61f85 (krb5_decrypt_ticket): try to verify transited realms, unless the 
transited-policy-checked flag is set


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@13026 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-10-20 16:43:30 +00:00
Love Hörnquist Åstrand
97d37d8057 (krb5_rd_req): always free keyblock since its alway used 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12947 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-10-03 00:39:21 +00:00
Love Hörnquist Åstrand
29f526b115 (krb5_rd_req): if we have a keyblock in auth context, use that 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12914 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-09-23 10:43:50 +00:00
Love Hörnquist Åstrand
286019f6cd (krb5_rd_req): allow caller to pass in a key in the auth_context, they 
way processes that doesn't use the keytab can still pass in the key of
the service (matches behavior of MIT Kerberos).


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12875 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-09-18 22:22:57 +00:00
Assar Westerlund
67934559ea (krb5_rd_req): use krb5_auth_con* functions and remove some comments 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10095 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-06-18 02:48:18 +00:00
Assar Westerlund
c9804d29c8 (krb5_verify_authenticator_checksum): use renamed 
krb5_auth_con_getauthenticator


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@10082 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-06-17 23:13:31 +00:00
Assar Westerlund
d27aa3b62e add some krb5_{set,clear}_error_string 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9937 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-05-14 06:14:52 +00:00
Assar Westerlund
fd1fa8bd77 (decrypt_authenticator): add an encryption `usage'. also try the old 
(and wrong) usage of KRB5_KU_AP_REQ_AUTH for backwards compatibility
(krb5_verify_ap_req2): new function for specifying the usage different
from the default (KRB5_KU_AP_REQ_AUTH)


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9199 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-11-15 23:16:28 +00:00
Assar Westerlund
20173f77c5 (krb5_decrypt_ticket): plug some memory leak 
(krb5_rd_req): try not to return an allocated auth_context on error


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9058 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-09-17 21:47:37 +00:00
Assar Westerlund
accdd87f82 check return value from krb5_crypto_init 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@8975 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-08-18 06:50:26 +00:00
Johan Danielsson
ba912b7548 check_transited 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7898 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-02-07 13:31:55 +00:00
Assar Westerlund
209565763c update to new prototype of krb5_timeofday 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7857 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-02-06 05:20:51 +00:00
Assar Westerlund
6e3c101b6c (get_key_from_keytab): rename parameter to `out_key' to avoid 
conflicting with label.  reported by Sean Doran <smd@ebone.net>


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7847 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-02-03 02:13:37 +00:00
Johan Danielsson
c5b916ca6f remove advertising clause 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7464 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-12-02 17:05:13 +00:00
Assar Westerlund
6cc3a89c55 (krb5_decrypt_ticket): add flags and 
KRB5_VERIFY_AP_REQ_IGNORE_INVALID for ignoring that the ticket is invalid


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6017 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-04-20 14:18:11 +00:00
Johan Danielsson
aaae186ab9 merge new-crypto branch 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@5332 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-02-11 21:03:59 +00:00
Johan Danielsson
4a82de96b1 Use krb5_decode_EncTicketPart, and krb5_decode_Authenticator. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4368 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1998-01-31 16:36:02 +00:00
Johan Danielsson
a99929c553 Use krb5_convert_etype. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4354 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1998-01-22 23:32:52 +00:00
Johan Danielsson
259d89264a changes for modified auth_context 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4156 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-12-07 15:43:18 +00:00
Assar Westerlund
45fd07a5a9 (krb5_rd_req): fixed obvious bug 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4073 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-11-29 06:16:53 +00:00
Johan Danielsson
99d169ba18 Use principal from ticket if no server is given. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@4046 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-11-20 01:55:04 +00:00
Johan Danielsson
5cc9270d81 Remove krb5_rd_req_with_keytab. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3926 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-11-11 04:16:09 +00:00