oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
30,043 Commits 2 Branches 2 Tags
0e8c4ccc6ee0123ea39e53e8917fc3f6bb74e8c8
Commit Graph

66 Commits

Author SHA1 Message Date
Luke Howard
0e8c4ccc6e hdb: eliminate hdb_entry_ex 
Remove hdb_entry_ex and revert to the original design of hdb_entry (except with
an additional context member in hdb_entry which is managed by the free_entry
method in HDB).
 2022-01-15 18:54:57 +11:00
Luke Howard
c5551775e2 hdb: decorate HDB_entry with context member 
Decorate HDB_entry with context and move free_entry callback into HDB structure
itself. Requires updating hdb_free_entry() signature to include HDB parameter.
A follow-up commit will consolidate hdb_entry_ex (which has a single hdb_entry
member) into hdb_entry.
 2022-01-15 18:54:57 +11:00
Nicolas Williams
cf2bab411d kdc: Fix warnings 2022-01-14 17:59:49 -06:00
Luke Howard
fd3f463152 kdc: map KRB5_PROG_SUMTYPE_NOSUPP to KRB5KDC_ERR_SUMTYPE_NOSUPP 
RFC4120 says KRB5KDC_ERR_SUMTYPE_NOSUPP should be returned if the KDC does not
support a given checksum type. Return this instead of KRB5_PROG_SUMTYPE_NOSUPP
by introducing a new wrapper function, _kdc_verify_checksum().
 2021-09-21 18:17:00 +10:00
Roland C. Dowdeswell
c7d4682aed Define log levels in docs and change default to 0-3. 
We define the meaning of the various log levels in the man page
for krb5_openlog(3).  If logging configured and levels are not
specified, we change the default levels to 0-3 which should exclude
debugging messages which are generally only desired in exceptional
circumstances.

We also go through the KDC and adjust the levels to be appropriate.
 2019-10-21 13:43:01 +01:00
Nicolas Williams
b4cf4de807 Fix warnings (clang 3.6) 2016-02-26 01:04:31 -06:00
Love Hornquist Astrand
1d84562886 add HDBGET: that only supports get, iteration doesnt really make sense for the HDB keytab except when dumping 2013-10-15 12:40:39 +02:00
Love Hornquist Astrand
060474df16 quel 64bit warnings, fixup implicit encoding for template, fix spelling 2013-06-03 21:46:20 -07:00
Roland C. Dowdeswell
cc47c8fa7b Turn on -Wextra -Wno-sign-compare -Wno-unused-paramter and fix issues. 
We turn on a few extra warnings and fix the fallout that occurs
when building with --enable-developer.  Note that we get different
warnings on different machines and so this will be a work in
progress.  So far, we have built on NetBSD/amd64 5.99.64 (which
uses gcc 4.5.3) and Ubuntu 10.04.3 LTS (which uses gcc 4.4.3).

Notably, we fixed

	1.  a lot of missing structure initialisers,

	2.  unchecked return values for functions that glibc
	    marks as __attribute__((warn-unused-result)),

	3.  made minor modifications to slc and asn1_compile
	    which can generate code which generates warnings,
	    and

	4.  a few stragglers here and there.

We turned off the extended warnings for many programs in appl/ as
they are nearing the end of their useful lifetime, e.g.  rsh, rcp,
popper, ftp and telnet.

Interestingly, glibc's strncmp() macro needed to be worked around
whereas the function calls did not.

We have not yet tried this on 32 bit platforms, so there will be
a few more warnings when we do.
 2012-02-20 19:45:41 +00:00
Nicolas Williams
c9609cdb37 Initial patch for dealing with AD x-realm key rollover 
AD issues x-realm TGTs with kvno 0.  On key x-realm trust key change
    we need to be able to try current and previous keys for trust, else
    we will have some failures.
 2011-11-15 21:53:33 -06:00
Love Hornquist Astrand
0879b9831a remove trailing whitespace 2011-05-21 11:57:31 -07:00
Love Hornquist Astrand
f5f9014c90 Warning fixes from Christos Zoulas 
- shadowed variables
- signed/unsigned confusion
- const lossage
- incomplete structure initializations
- unused code
 2011-04-29 20:25:05 -07:00
Andrew Bartlett
f469fc6d49 heimdal Add support for extracting a particular KVNO from the database 
This should allow master key rollover.

(but the real reason is to allow multiple krbtgt accounts, as used by
Active Directory to implement RODC support)

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-11-28 09:52:54 -08:00
Love Hornquist Astrand
984dd76fda switch to EVP_MD_CTX_create() and thus make smaller 2009-08-21 07:15:06 -07:00
Love Hornquist Astrand
ec01d69f73 switch to use EVP interface instead of old crypto interface 2009-08-17 10:45:21 +02:00
Love Hornquist Astrand
c57fcae29a switch to use EVP interface instead of old MDX_ style interface 2009-08-16 20:35:40 +02:00
Love Hornquist Astrand
729a13a985 switch to use EVP interface instead of old MDX_ style interface 2009-08-16 20:10:41 +02:00
Love Hornquist Astrand
4378f084ef Switch to EVP_MD digest 2009-08-16 11:58:03 +02:00
Love Hörnquist Åstrand
44e0556a12 make compie 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24423 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-01-25 00:41:38 +00:00
Love Hörnquist Åstrand
f8e4039ea3 make digest and kx509 optional 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24409 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-01-25 00:39:26 +00:00
Love Hörnquist Åstrand
d179f1dee5 plug memory leak 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24162 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-12-11 05:10:19 +00:00
Love Hörnquist Åstrand
70536920bb plug memory leak 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24161 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-12-11 05:10:09 +00:00
Love Hörnquist Åstrand
1bcabc9f49 dont double free on error cid#155 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24100 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-12-11 04:59:38 +00:00
Love Hörnquist Åstrand
dd22b9cdde switch to krb5_clear_error_message 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23914 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-10-14 02:56:17 +00:00
Love Hörnquist Åstrand
6937d41a02 remove trailing whitespace 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23815 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 09:21:03 +00:00
Love Hörnquist Åstrand
e172367898 switch to utf8 encoding of all files 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23814 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 08:53:55 +00:00
Love Hörnquist Åstrand
7fcd266fdd use krb5_set_error_message 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23316 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-06-23 04:32:32 +00:00
Love Hörnquist Åstrand
8eafb063b6 Log probe message, add NTLM_TARGET_DOMAIN to the type2 message. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22374 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-28 18:36:52 +00:00
Love Hörnquist Åstrand
0db626f9e3 Implement supportedMechs request. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22151 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-12-04 19:58:55 +00:00
Love Hörnquist Åstrand
73ba3c2493 Use unsigned char * as argument to MD5_Update to please OpenSSL and gcc. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21606 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-07-17 07:03:25 +00:00
Love Hörnquist Åstrand
27425a5654 Try harder to provide better error message for digest messages. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21398 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-07-02 17:17:14 +00:00
Love Hörnquist Åstrand
cd291596a6 On success, print username, not ip-adress. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21389 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-28 09:03:03 +00:00
Love Hörnquist Åstrand
a0320981ed Return an error message instead of dropping the packet for more 
failure cases.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21241 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-20 11:30:19 +00:00
Love Hörnquist Åstrand
4b3ea33a6a Factor out fetching of password and move it to the code that uses 
it. This code would not hurt by factoring out some more code...


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21181 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-19 20:52:29 +00:00
Love Hörnquist Åstrand
50f2521922 Remove printing of ntlmv2 hash, was running wrong version of the kdc. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21114 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-18 13:17:23 +00:00
Love Hörnquist Åstrand
2ee2c22b2e More logging for ntlm v2 digest hash mismatch case. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21112 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-18 12:59:12 +00:00
Love Hörnquist Åstrand
f48ceb510e (digest ntlm): provide log entires by setting ret to an error. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20877 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-04 04:07:26 +00:00
Love Hörnquist Åstrand
4ac442a884 Remove debug output. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20149 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-03 07:06:24 +00:00
Love Hörnquist Åstrand
3bb7b20169 Fix ms-chap-v2 get_masterkey 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20144 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-02 22:26:38 +00:00
Love Hörnquist Åstrand
e4d855f06d Fix ms-chap-v2 mutual response auth code. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20143 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-02 22:15:52 +00:00
Love Hörnquist Åstrand
1290d1bb74 Add get_master from RFC 3079 3.4 for MS-CHAP-V2 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20140 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-02 21:27:21 +00:00
Love Hörnquist Åstrand
3ce495d26e Use right size, from Klas Lindfors. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20133 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-02 20:51:37 +00:00
Love Hörnquist Åstrand
01ad941e9b First version from kllin. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20131 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-02 20:48:23 +00:00
Love Hörnquist Åstrand
abcd0e9de6 Better logging and return status = FALSE when checksum doesn't match. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20120 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-01 20:28:49 +00:00
Love Hörnquist Åstrand
0fdc34167b Check the digest response in the KDC. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20118 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-01 20:19:53 +00:00
Love Hörnquist Åstrand
e786c4d432 Add support for MS-CHAP v2. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20114 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-01 18:15:56 +00:00
Love Hörnquist Åstrand
b097b3a816 don't verify identifier in CHAP, its the client that chooses it. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20087 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-31 12:21:21 +00:00
Love Hörnquist Åstrand
837f65e1e9 Remove <digest_asn.h>, its already included in headers.h 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19538 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-28 17:03:51 +00:00
Love Hörnquist Åstrand
98e01a4744 Return session key for the NTLMv2 case too 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19533 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-28 14:40:46 +00:00
Love Hörnquist Åstrand
fb1c8392d1 Prefix internal symbol with _kdc_. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19507 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-26 17:18:14 +00:00