Commit Graph

855 Commits

Author SHA1 Message Date
Love Hornquist Astrand
5bac96d338 add NO_WRITE_SUPPORT 2010-07-21 08:29:16 -07:00
Love Hornquist Astrand
05e836e7c6 add data-mkey.mit.des3.be and data-mkey.mit.des3.le 2010-05-26 14:37:26 -05:00
Love Hornquist Astrand
d631443133 Support both BE and LE MIT master key file formats
Prompted by discussion on heimdal-discuss by Michael Wood, Russ Allbery,
and Henry B. Hotz.
2010-05-22 13:16:52 -07:00
Love Hornquist Astrand
dd34c02329 spelling, from Tollef Fog Heen via Brian May of Debian 2010-04-11 16:36:15 -07:00
Love Hornquist Astrand
83e2a17c0f document more assumptions about hdb_rename 2010-03-21 14:56:57 -07:00
Love Hornquist Astrand
d837f736f8 Make locking work when doing rename, rename assume db in not ->hdb_open'ed. 2010-03-21 14:55:36 -07:00
Love Hornquist Astrand
48504c5771 [Heimdal-704] export encode_Key/length_Key, from Jan Rekorajski 2010-01-04 13:14:11 +01:00
Love Hornquist Astrand
6a7810d12f Export initialize_hdb_error_table_r and free_Salt, requested by Jelmer Vernooij in Debian bug #56275 2010-01-02 17:53:57 +01:00
Asanka Herath
a0ae9f5a0e Merge remote branch 'h-github/master' into win32-port2
* h-github/master: (64 commits)
  refix socket wrappers with rk_
  Patch from Secure Endpoints/Asanka Herath for windows support
  unset KRB5CCNAME
  its really just LIBADD more most of them
  correct quoting
  Use -lpthread for modern freebsd instead
  clean KRB5CCNAME and KRB5_CONFIG, require test to reset them
  more up ${env_setup}
  use PTHREADS_LIBADD for freebsd6 and newer
  add PTHREAD_LIBADD
  add PTHREAD_LIBADD
  add PTHREAD_LIBADD
  switch to PTHREADS_LIBADD
  log what the error string say too
  More debug logging
  sprinkle more 'echo "test failed"'
  sprinkle 'echo "test failed"'
  use calloc(), indent more prettier
  in sh, equal compare is really = for strings, not ==
  Check for duplicates, already loaded mechs
  ...

Conflicts (resolved):
	lib/krb5/auth_context.c
	lib/krb5/changepw.c
	lib/krb5/context.c
	lib/krb5/error_string.c
	lib/krb5/kuserok.c
	lib/krb5/libkrb5-exports.def.in
	lib/krb5/net_write.c
	lib/krb5/store_fd.c
	lib/krb5/test_cc.c
	lib/roken/strerror_r.c
2009-12-21 13:44:00 -05:00
Love Hornquist Astrand
c867fd3e2e Make libtool pull in the depenency on libldap
Put in explicy depenency on libdap so that libtool
might to the right thing for us.

Patch from Jan Rekorajski
2009-12-08 00:15:10 -08:00
Asanka Herath
b7fe2d3647 (lib/hdb) Add missing dependencies to NTMakefile 2009-12-01 01:51:08 -05:00
Gabor Gombas
75a53f54fc the MIT DB code is between "#if HAVE_DB1... #endif"
use the same check in the descriptor table

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2009-11-25 05:10:29 -08:00
Asanka Herath
caf8f87598 Make hdb build on windows
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2009-11-24 21:59:12 -08:00
Love Hornquist Astrand
c6bbdb545b First drop of Windows build infrastructure from Secure Endpoints 2009-11-24 12:12:53 -08:00
Love Hornquist Astrand
bf3b753298 less warnings 2009-11-22 14:37:45 -08:00
Love Hornquist Astrand
5813b0a4dd default master key version is 1 2009-11-22 12:53:56 -08:00
Love Hornquist Astrand
df69397c4a add hdb-mitdb.c 2009-11-22 12:53:16 -08:00
Love Hornquist Astrand
89b14e91c2 backend to read the MIT Kerberos databse file directly 2009-11-22 12:52:57 -08:00
Love Hornquist Astrand
7b42f760b8 add _hdb_keytab2hdb_entry 2009-11-22 12:52:08 -08:00
Love Hornquist Astrand
daa2048fd8 simplify? 2009-11-22 12:51:52 -08:00
Love Hornquist Astrand
4dc9ccf0cb add new database backends 2009-11-22 12:49:13 -08:00
Love Hornquist Astrand
570414c12c add hdb-keytab.c 2009-11-22 12:35:26 -08:00
Love Hornquist Astrand
a059382f79 why a large database, lets run the hdb out of the keytab 2009-11-22 12:34:40 -08:00
Love Hornquist Astrand
70835f3119 add hdb_get_realms 2009-11-22 06:34:29 -08:00
Love Hornquist Astrand
0510f7e0cd add more depencies 2009-11-21 23:14:20 -08:00
Love Hornquist Astrand
8ec686805b expose decode_Key 2009-11-17 13:10:04 -08:00
Love Hornquist Astrand
069acd2188 sort 2009-11-17 13:09:12 -08:00
Love Hornquist Astrand
610737fe90 don't shadow variables, from Matthias Wallnöfer 2009-10-21 20:23:19 -07:00
Andrew Bartlett
6243038c9f s4:heimdal A real fix for bug 6801
The issue was that we would free the entry after the database, not
knowing that the entry was a talloc child of the database.

Andrew Bartlett

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2009-10-13 21:44:22 -07:00
Love Hornquist Astrand
39a751d6fb expose hdb_interface_version 2009-10-13 09:35:39 -07:00
Love Hornquist Astrand
d36402a671 Don't assume ldap_bv2escaped_filter_value() is exported 2009-10-11 11:17:56 -07:00
Love Hornquist Astrand
ff87429593 Make LDAP code fetch less attributes from LDAP server when KDC is asking
Johan Gadsjö did a awesome analysis of the LDAP access pattens
and sent us a patch that reduced the calls the ldap server by 4
times as many. The patch was adopted and change to avoid compile
time depencies and make the determination runtime instead. Thanks!
2009-10-03 13:20:41 -07:00
Love Hornquist Astrand
3d7488398a abstract out depenecy tracking for tools 2009-09-16 05:40:55 -07:00
Love Hornquist Astrand
dc4e8669ea Abstract out asn1_compile and slc 2009-09-16 00:12:13 -07:00
Love Hornquist Astrand
8e8c155c50 Make example sane and make LDAP style backends work (slight better)
Fix the format example, parse the string backward to take of the
master key before passing the database name down into the HDB backend
layer.
2009-09-12 17:26:10 -07:00
Love Hornquist Astrand
36ea29599d there is no database 2009-09-12 16:48:51 -07:00
Love Hornquist Astrand
df00111aaf Don't try to print NULL, solaris printf wont have it
Reported in [HEIMDAL-635] by John Center
2009-09-03 09:16:37 -07:00
Love Hornquist Astrand
929559ab2c Switch to using krb5_config_get_list() instead of krb5_config_get() 2009-08-19 04:02:25 -07:00
Love Hornquist Astrand
c8175f83a3 drop __FUNCTION__ 2009-08-15 05:57:07 +02:00
Love Hornquist Astrand
0a92381e98 clean better 2009-08-06 10:19:28 +02:00
Andrew Bartlett
f8c121b282 Add support for user principal names in certificates [HEIMDAL-602]
This extends the PKINIT code in Heimdal to ask the HDB layer if the
User Principal Name name in the certificate is an alias (perhaps just
by case change) of the name given in the AS-REQ.  (This was a TODO in
the Heimdal KDC)

The testsuite is extended to test this behaviour, and the other PKINIT
certficate (using the standard method to specify a principal name in a
certificate) is updated to use a Administrator (not administrator).
(This fixes the kinit test).
2009-08-04 09:34:58 +02:00
Love Hornquist Astrand
e6c2a70678 Indent some more 2009-08-03 12:10:07 +02:00
Love Hornquist Astrand
b2129c0751 Indent the patch from Andrew and make it compile again 2009-08-03 10:54:44 +02:00
Love Hornquist Astrand
ada7c73176 Indent the patch from Andrew and make it compile again 2009-08-03 10:50:50 +02:00
Love Hornquist Astrand
788480d28a heimdal Extend the 'hdb as a keytab' code [HEIMDAL-600]
This extends the hdb_keytab code to allow enumeration of all the keys.

The plan is to allow ktutil's copy command to copy from Samba4's
hdb_samba4 into a file-based keytab used in wireshark.

From Andrew Bartlett
2009-08-03 10:43:22 +02:00
Love Hornquist Astrand
311ce98d85 (hdb_sqlite_rename): make rename work when there is a prefix 2009-07-19 18:42:02 -07:00
Love Hornquist Astrand
bd073cfd72 Limit maxinum retries of BUSY/BLOCK/LOCKED operations to MAX_RETRIES (default 10) 2009-07-19 18:01:51 -07:00
Love Hornquist Astrand
82150be255 allow loading sqlite 2009-07-19 17:58:53 -07:00
Love Hörnquist Åstrand
6a24e13678 Use hdb_get_dbinfo() to find the realms.
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25326 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-07-15 22:17:30 +00:00
Love Hörnquist Åstrand
d3f16452e0 make compile
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25320 ec53bebd-3082-4978-b11e-865c3cabbd6b
2009-07-05 05:20:10 +00:00