oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
28,683 Commits 2 Branches 2 Tags
014f16883c7c911b2804fb081e885e0571528e85
Commit Graph

102 Commits

Author SHA1 Message Date
Nicolas Williams
e6d1c10808 Rewrite gss_add_cred() (fix #413) 
It turns out gss_add_cred() really needed a complete rewrite.  It's much
better to first have a gss_duplicate_cred() (which has been needed for
other reasons anyways), and use that when the input_cred_handle is not
GSS_C_NO_CREDENTIAL and output_cred_handle is not NULL, then mutate that
duplicate credential handle (or the input_cred_handle if
output_cred_handle is NULL).
 2018-12-28 19:26:25 -06:00
Luke Howard
4a93c4774a gss: intern OIDs (#447) 
Intern OIDs so that gss_release_oid() can be a NOOP.
 2018-12-18 23:28:38 -06:00
Daria Phoebe Brashear
b12e01035c gss: _locl.h files should include local copy of -private.h files 
apparently some versions of heimdal installed mech private headers.
don't inadvertantly end up with it in your path from a previous version
 2018-04-19 13:12:59 -04:00
Nicolas Williams
7dfad1ab0b Use secure_getenv() instead of issuid() 2017-04-17 18:02:30 -04:00
Nicolas Williams
52a562a3a4 Misc fixes (coverity) 2016-11-18 22:21:45 -06:00
Nicolas Williams
774f166e31 First attempt s/\<const gss_.*_t/gss_const_.*_t/g 2013-06-02 15:30:58 -05:00
Love Hornquist Astrand
617f4b7bd5 use the exteral delete sec context that will locked the mutex 2013-04-29 11:08:46 -07:00
Roland C. Dowdeswell
cc47c8fa7b Turn on -Wextra -Wno-sign-compare -Wno-unused-paramter and fix issues. 
We turn on a few extra warnings and fix the fallout that occurs
when building with --enable-developer.  Note that we get different
warnings on different machines and so this will be a work in
progress.  So far, we have built on NetBSD/amd64 5.99.64 (which
uses gcc 4.5.3) and Ubuntu 10.04.3 LTS (which uses gcc 4.4.3).

Notably, we fixed

	1.  a lot of missing structure initialisers,

	2.  unchecked return values for functions that glibc
	    marks as __attribute__((warn-unused-result)),

	3.  made minor modifications to slc and asn1_compile
	    which can generate code which generates warnings,
	    and

	4.  a few stragglers here and there.

We turned off the extended warnings for many programs in appl/ as
they are nearing the end of their useful lifetime, e.g.  rsh, rcp,
popper, ftp and telnet.

Interestingly, glibc's strncmp() macro needed to be worked around
whereas the function calls did not.

We have not yet tried this on 32 bit platforms, so there will be
a few more warnings when we do.
 2012-02-20 19:45:41 +00:00
Love Hornquist Astrand
0879b9831a remove trailing whitespace 2011-05-21 11:57:31 -07:00
Love Hornquist Astrand
9b07f0e847 Include <heimbase.h>. 2011-05-17 21:21:07 -07:00
Love Hornquist Astrand
b01fe66069 Use right variable with comparing lengths. Patch orignally from Jaideep Padhye 2011-05-17 21:17:59 -07:00
Jeffrey Altman
6850d6a65f avoid uninit variable and unreachable code warnings 
most of these warnings are not problems because of ample
use of abort() calls.  However, the large number of warnings
makes it difficult to identify real problems.  Initialize
the variables to shut up the compilers.

Change-Id: I8477c11b17c7b6a7d9074c721fdd2d7303b186a8
 2011-05-17 12:02:16 -04:00
Love Hornquist Astrand
f5f9014c90 Warning fixes from Christos Zoulas 
- shadowed variables
- signed/unsigned confusion
- const lossage
- incomplete structure initializations
- unused code
 2011-04-29 20:25:05 -07:00
Love Hornquist Astrand
5dcf0753f4 fill in all mo that make sense for now 2010-11-25 23:52:43 -08:00
Love Hornquist Astrand
6ca842c5b7 gss_indicate_mechs_by_attrs 2010-11-25 21:40:25 -08:00
Asanka Herath
5dcc605f6b Fix calling conventions for Windows 2010-08-20 13:14:10 -04:00
Love Hornquist Astrand
1021099f3d rename external so that they can be included in array and struct initializer 2010-07-22 20:47:04 -07:00
Love Hornquist Astrand
2b1645aa08 catch error from as.*printf 2010-05-30 13:44:41 -07:00
Asanka Herath
b1063ea8fc Initial Windows port 2009-11-24 10:11:14 -08:00
Love Hornquist Astrand
de0102fa0c drop RCSID 2009-11-14 11:14:56 -08:00
Love Hornquist Astrand
0d60a7d0ae implement gss-wrap-iov and friends 2009-08-29 09:04:53 -07:00
Love Hornquist Astrand
9a4e91b1de don't reset handle twice 2009-08-27 18:30:28 -07:00
Love Hornquist Astrand
1999c85670 Make mech glue layer aware of composite mechs that uses mech glue layer credentials 
This make it possible to use krb5/ntlm credentials with SPNEGO.
Needs some more work to avoid double fetching credentials.
 2009-08-27 12:12:44 -07:00
Love Hornquist Astrand
022e7d4319 Return unwrapped delegated credentials if the actual mech is not the called mech 
Assumes that pseudo mechs are are of how mechglue credentails look like and
return credentials like that.

Pointed out on krbdev by Nicolas Williams
 2009-08-26 22:32:50 -07:00
Love Hornquist Astrand
fa502c6648 Add support for gss_{import,export}_cred() as requested by metze 
Works for krb5 and SPNEGO mechanisms. Kerberos credentials are passed as
credential cache names, or if there are memory based credentials, inband in the protocol. This means that the credentials buffers must be keep secret.

As documented by IBM (they have the wrong prototype though)
and GGF (GSS-API Extensions) back in 2001
 2009-07-29 13:36:02 +02:00
Love Hörnquist Åstrand
8eb14db155 remove unused variable 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25323 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-07-15 22:16:21 +00:00
Love Hörnquist Åstrand
90ac3afd08 hostname is not_defined_in_RFC4178@please_ignore 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25291 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-06-28 21:12:38 +00:00
Love Hörnquist Åstrand
65adbffd77 handle error 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24877 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-27 03:34:54 +00:00
Love Hörnquist Åstrand
44db677898 add missing file 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24758 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-16 19:14:30 +00:00
Love Hörnquist Åstrand
a5d7a1ad04 Drop sign/seal functions (version 1 of the interface). 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24744 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-02-16 19:11:51 +00:00
Love Hörnquist Åstrand
269a7a057b flatten include headers 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24382 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-01-25 00:35:00 +00:00
Love Hörnquist Åstrand
e9d32a0ac5 Use asn1 decoder now that it can handle CHOICE 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24187 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-12-15 04:30:02 +00:00
Love Hörnquist Åstrand
f106a2aff9 release mechs when done, cid#75 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24137 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-12-11 05:06:03 +00:00
Love Hörnquist Åstrand
b35c56fff6 check for value of get_mic, not that is a pointer. cid#141 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24109 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-12-11 05:01:10 +00:00
Love Hörnquist Åstrand
0e01d8fa11 check for value of get_mic, not that is a pointer. cid#141 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24108 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-12-11 05:01:00 +00:00
Love Hörnquist Åstrand
dc5e4b8033 try handle gss_import_name() better, its not really perfect, its breaks spengo inquire_names_for_mech, but that less common.... 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24026 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-11-12 04:18:15 +00:00
Love Hörnquist Åstrand
6937d41a02 remove trailing whitespace 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23815 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 09:21:03 +00:00
Love Hörnquist Åstrand
e172367898 switch to utf8 encoding of all files 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23814 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 08:53:55 +00:00
Love Hörnquist Åstrand
f462f342a0 don't bother setting verify_mic if its not used after this. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23499 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-08-11 09:59:49 +00:00
Love Hörnquist Åstrand
ef70ee1c5a Add back "mech/utils.h", its needed for oid/buffer functions. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23161 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-05-05 09:56:20 +00:00
Love Hörnquist Åstrand
fc518d9fca Changes from doug barton to make spnego indepedant of the heimdal version of the plugin system. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23158 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-05-02 09:45:28 +00:00
Love Hörnquist Åstrand
784ffbfa6a Make delegated credentials delegated directly, Oleg Sharoiko pointed out that it always didnt work with the old code. Also add som missing cred and context pass-thou functions in the SPNEGO layer 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22688 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-16 11:33:58 +00:00
Love Hörnquist Åstrand
2b90d952c6 (_gss_spnego_inquire_context): make work, based on patch from Ryan Sleevi. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22604 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-02-21 21:12:48 +00:00
Love Hörnquist Åstrand
3673482a9b make the SPNEGO mech store the error itself instead, works for everything except other stackable mechs 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22600 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-02-21 12:46:24 +00:00
Love Hörnquist Åstrand
c2bc1d4b03 (spnego_reply): if the reply token was of length 0, make it the same 
as no token. Pointed out by Zeqing Xia.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22598 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-02-18 18:19:51 +00:00
Love Hörnquist Åstrand
b53c90da08 Make error reporting somewhat more correct for SPNEGO. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22569 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-02-03 18:20:24 +00:00
Love Hörnquist Åstrand
f282936479 drop file 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22400 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-01-11 14:28:13 +00:00
Love Hörnquist Åstrand
39ad4a364f (_gss_spnego_internal_delete_sec_context): release ctx->target_name too 
From Rafal Malinowski.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21866 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-08-08 11:31:29 +00:00
Love Hörnquist Åstrand
05e5153afc Make compile again. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21461 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-07-10 14:01:13 +00:00
Love Hörnquist Åstrand
f3842471ec remove checks that are done by the previous function. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21459 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-07-10 13:23:14 +00:00