oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
30,005 Commits 2 Branches 2 Tags
005a43da963d44948e131e8e74030851973bb7cc
Commit Graph

30005 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nicolas Williams
9269a4428a Add missing KRB-FX-CF2 test vectors (3DES broken) 
Note that this shows that the our KRB-FX-CF2 is broken as to 3DES (and
the 1DES PRF is still missing).
 2014-03-16 02:19:35 -05:00
Viktor Dukhovni
ae2df333cd More complete logging of capths violations 
It is much easier (i.e. actually possible) to debug transit path policy
violations when the logs specify the client and server realms, not just
the transit realm.
 2014-03-15 00:04:20 -04:00
Nicolas Williams
c9f65fc942 env KRB5CCNAME=/tmp/foocc kinit ignores the env 
The problem is that fcc_get_cache_next() is called in a context where
context->default_cc_name is not set.  We should call
krb5_cc_default_name(), and that fixes the problem.  There's a comment
warning that this can result in reentering krb5_cc_cache_match(), but
nothing in libkrb5 calls krb5_cc_cache_match(), so the comment is wrong,
at least in the github tree.

An alternative would be to call krb5_cc_set_default_name(NULL) in
kuser/kinit.c before calling krb5_cc_cache_match(), however, that seems
like an insufficiently general solution.  Also, the semantics of
krb5_cc_cache_match() would differ from MIT's -- it seems better to
match MIT's semantics.
 2014-03-13 00:38:48 -05:00
Viktor Dukhovni
46e0bd3c68 Use P-256 for EC tests 
Fedora/RedHat OpenSSL supports only P-256, P-384 and P-521.

The new mkcert.sh script can create updated certs when these
expire on Jan 17th 2038.
 2014-03-12 21:18:03 -04:00
Jeffrey Altman
6bfcd13506 Windows: add usleep() to roken 
Add a version of usleep() which is capable of sleeping in one
millisecond increments instead of microseconds.

Change-Id: I173f7e6f91a947cdb66f7cc6df5520e1c03f10b7
 2014-02-23 23:24:48 -05:00
Love Hörnquist Åstrand
1a616b0faf update copyright year 2014-02-18 08:34:32 -08:00
Love Hörnquist Åstrand
62b413b5df make quiet 2014-02-18 08:27:00 -08:00
Love Hörnquist Åstrand
a6e136c739 make quiet 2014-02-18 08:27:00 -08:00
Love Hörnquist Åstrand
f00a60e75c Merge pull request #64 from ktdreyer/openpty 
roken: don't ignore HAVE_OPENPTY on linux
 2014-02-17 15:29:34 -08:00
Love Hörnquist Åstrand
a332248e3b Merge pull request #65 from ktdreyer/gitignore-base64 
ignore lib/base/base64.c in Git
 2014-02-17 15:29:00 -08:00
Ken Dreyer
f8753adb64 ignore lib/base/base64.c in Git 
lib/base/base64.c is an auto-generated file. Add it to the list in
.gitignore
 2014-02-17 14:49:28 -07:00
Ken Dreyer
d0b70a463c roken: don't ignore HAVE_OPENPTY on linux 
openpty() is not available on all Linux distributions. Trust autoconf's
determination for HAVE_OPENPTY instead of unconditionally using
openpty() on all Linux.
 2014-02-17 14:40:33 -07:00
Love Hörnquist Åstrand
ea446ec1fd Merge pull request #62 from ktdreyer/rm-old-makefile-references 
remove reference to pop3, telnet and rsh Makefiles
 2014-02-17 12:33:41 -08:00
Love Hörnquist Åstrand
d8e347f04b Merge pull request #63 from ktdreyer/endif-cross 
Properly terminate ifdef conditional in krb5-types.h
 2014-02-17 12:33:21 -08:00
Ken Dreyer
10a7fb0bfa Properly terminate ifdef conditional in krb5-types.h 2014-02-17 13:25:16 -07:00
Ken Dreyer
505cdbefc2 remove reference to pop3, telnet and rsh Makefiles 
The pop3, telnet and rsh/rcp support was removed from the tree in
e55b0d0ca5. Delete the corresponding
Makefiles so autoconf doesn't try to look for them.
 2014-02-17 11:53:57 -07:00
Love Hörnquist Åstrand
514d4d3ef4 remove extra _ 2014-02-16 21:50:03 -08:00
Jeffrey Altman
f3d9d4119e export hx509_ca_tbs_set_signature_algorithm 
hx509_ca_tbs_set_signature_algorithm was added by commit
c69c4634ad.  It must be exported
for use by hxtool on Windows.

Change-Id: I14b927abde96814ae2e0a90f232ab00915a9f29e
 2014-02-16 21:01:57 -05:00
Love Hörnquist Åstrand
6a192f0dce clean files 2014-02-16 11:53:56 -08:00
Love Hörnquist Åstrand
dbf523a15d clean files 2014-02-16 11:52:22 -08:00
Love Hörnquist Åstrand
4fa77ebb03 clean files 2014-02-16 11:51:56 -08:00
Love Hörnquist Åstrand
923246a66e clean files 2014-02-16 11:51:25 -08:00
Love Hörnquist Åstrand
dffccabe31 clean files 2014-02-16 11:50:43 -08:00
Love Hörnquist Åstrand
1503257983 clean files 2014-02-16 11:50:34 -08:00
Love Hörnquist Åstrand
1223428b85 add missing files, sort stuff 2014-02-16 11:47:27 -08:00
Love Hörnquist Åstrand
03f75e380f set CODE_SIGN_IDENTITY when building 2014-02-16 11:45:13 -08:00
Love Hörnquist Åstrand
f074a81c0c code sign all binaries when we can 2014-02-16 11:35:19 -08:00
Love Hörnquist Åstrand
08e4d21bcf extra dist and clean better 2014-02-16 10:05:43 -08:00
Love Hörnquist Åstrand
54378de6b4 add an2ln-db.txt 2014-02-16 10:05:24 -08:00
Love Hörnquist Åstrand
bc0109489e include noinst_HEADERS 2014-02-16 10:04:56 -08:00
Love Hörnquist Åstrand
9c560f8443 use noinst_HEADERS for login-protos.h 2014-02-16 10:04:49 -08:00
Love Hörnquist Åstrand
c78ca069f1 use noinst_HEADERS for kcm-protos.h 2014-02-16 09:16:25 -08:00
Love Hörnquist Åstrand
4fb41b50cf use noinst_HEADERS for kdc-private.h 2014-02-16 09:16:18 -08:00
Love Hörnquist Åstrand
314927691c use noinst_HEADERS for krb5-private.h 2014-02-16 09:16:05 -08:00
Love Hörnquist Åstrand
4d39bae8bb use noinst_HEADERS for hdb-private.h 2014-02-16 09:15:53 -08:00
Love Hörnquist Åstrand
762a72d650 use noinst_HEADERS for hx509-private.h 2014-02-16 09:15:48 -08:00
Love Hörnquist Åstrand
bf4a1f88de add kuserok_plugin.h 2014-02-16 09:15:44 -08:00
Love Hörnquist Åstrand
cae2e6f168 include hx509-private.h 2014-02-16 09:15:39 -08:00
Love Hörnquist Åstrand
e507f48d24 more roken rename 2014-02-16 09:15:32 -08:00
Love Hörnquist Åstrand
c39652f323 x 2014-02-16 09:15:26 -08:00
Love Hörnquist Åstrand
e55b0d0ca5 delete POP3, telnet and rsh/rcp support 2014-02-16 09:14:19 -08:00
Love Hörnquist Åstrand
444f9e6568 copy news from release branch 2014-02-16 08:10:09 -08:00
Jeffrey Altman
20aaa7c37a verify_krb5_conf: add missing entries 
Change-Id: I45761e046801fcdb101b82b081a7b1fe65d882ee
 2014-02-14 23:41:09 -05:00
Jeffrey Altman
8676b27b26 verify_krb5_conf: sort entries, remove duplicates 
Change-Id: I23dc60b4c48bcf08ed9ad687ee792366b25db3d7
 2014-02-14 23:41:08 -05:00
Love Hörnquist Åstrand
01dbfac96f fix warnings 2014-02-14 19:45:46 -08:00
Love Hörnquist Åstrand
f2e69c9c62 make hdb plugin test pass 2014-02-14 19:36:36 -08:00
Jeffrey Altman
c07aaee128 krb5_get_name_canon_rules: fix profile location 
[realms] <realm> { name_canon_rules = <strings> }

not

[libdefaults] <realm> { name_canon_rules = <strings> }

Change-Id: I770c2250333d2649f983f015de94f30740c9771d
 2014-02-14 22:32:15 -05:00
Love Hörnquist Åstrand
6d57bb6a4a quiet warnings 2014-02-14 19:26:20 -08:00
Love Hörnquist Åstrand
c69c4634ad allow setting signature algorithm 2014-02-12 09:46:02 -08:00
Jeffrey Altman
e37d66486c Merge pull request #59 from chewi/master 
Fix roken-h-process.pl
 2014-02-11 20:44:59 -08:00