Commit Graph

1949 Commits

Author SHA1 Message Date
Love Hornquist Astrand
bff407bc9a add context to gss_context_query_attributes() 2009-11-22 12:30:24 -08:00
Love Hornquist Astrand
aa7f658e16 add more depencies 2009-11-21 23:09:50 -08:00
Love Hornquist Astrand
ab1b87b557 drop RCSID 2009-11-14 11:15:57 -08:00
Love Hornquist Astrand
de0102fa0c drop RCSID 2009-11-14 11:14:56 -08:00
Love Hornquist Astrand
a4881ea0d6 [HEIMDAL-646] malloc(0) checks for AIX 2009-10-11 18:04:43 -07:00
Love Hornquist Astrand
75a61b8842 krb5_build_authenticator is private 2009-10-05 22:09:23 -07:00
Love Hornquist Astrand
a132ffe757 Simplify krb5_build_authenticator and unexport 2009-10-05 19:52:28 -07:00
Love Hornquist Astrand
9e13b309d9 use krb5_make_principal 2009-10-04 11:29:43 -07:00
Love Hornquist Astrand
13d580409a Set default realm, makes test pass for hosts w/o default realm 2009-09-19 13:58:00 -07:00
Love Hornquist Astrand
914417c5c8 Remove unused structure 2009-09-19 13:55:34 -07:00
Stefan Metzmacher
103cc941eb gssapi/krb5: set cred_handle in _gsskrb5_import_cred
metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2009-09-18 14:29:50 -07:00
Love Hornquist Astrand
3d7488398a abstract out depenecy tracking for tools 2009-09-16 05:40:55 -07:00
Love Hornquist Astrand
dc4e8669ea Abstract out asn1_compile and slc 2009-09-16 00:12:13 -07:00
Love Hornquist Astrand
d890db78a8 Drop RCSID 2009-09-10 09:06:18 -07:00
Love Hornquist Astrand
a0b4f918a8 doxygen 2009-09-10 09:03:43 -07:00
Love Hornquist Astrand
16b4ddcf14 document gss_release_cred 2009-09-06 12:18:14 -07:00
Love Hornquist Astrand
0d60a7d0ae implement gss-wrap-iov and friends 2009-08-29 09:04:53 -07:00
Love Hornquist Astrand
c81b66aa0c init gm_flags for dynamic modules 2009-08-29 08:53:16 -07:00
Love Hornquist Astrand
8f376895ae drop export symbol 2009-08-29 08:51:00 -07:00
Stefan Metzmacher
2f1a370cd3 hack for gss-wrap-iov to it work
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2009-08-28 13:31:12 -07:00
Love Hornquist Astrand
f030b4e59a free context 2009-08-27 18:30:29 -07:00
Love Hornquist Astrand
9a4e91b1de don't reset handle twice 2009-08-27 18:30:28 -07:00
Love Hornquist Astrand
74538fc2af Plug memory leak in prf function 2009-08-27 18:30:28 -07:00
Love Hornquist Astrand
6c3f3fafa3 Don't leak kerberos credentials when trying dns canon 2009-08-27 18:30:28 -07:00
Love Hornquist Astrand
45cfe3f971 Fix server context client context order to match callee 2009-08-27 18:30:28 -07:00
Love Hornquist Astrand
1999c85670 Make mech glue layer aware of composite mechs that uses mech glue layer credentials
This make it possible to use krb5/ntlm credentials with SPNEGO.
Needs some more work to avoid double fetching credentials.
2009-08-27 12:12:44 -07:00
Love Hornquist Astrand
32ee735d73 drop RCSID 2009-08-26 23:15:35 -07:00
Love Hornquist Astrand
a2820df666 spelling 2009-08-26 22:53:38 -07:00
Love Hornquist Astrand
d18cdee577 don't reset EC 2009-08-26 22:52:26 -07:00
Love Hornquist Astrand
ebb2e72c61 make error message more unique 2009-08-26 22:43:25 -07:00
Love Hornquist Astrand
022e7d4319 Return unwrapped delegated credentials if the actual mech is not the called mech
Assumes that pseudo mechs are are of how mechglue credentails look like and
return credentials like that.

Pointed out on krbdev by Nicolas Williams
2009-08-26 22:32:50 -07:00
Love Hornquist Astrand
559103b218 if not trailer set, init EC to 0 2009-08-26 21:40:07 -07:00
Stefan Metzmacher
03998aeccb gsskrb5: fix test_context. after gss_wrap_iov changes
metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2009-08-25 23:34:38 -07:00
Stefan Metzmacher
40a6abd116 gsskrb5: make the check for dcestyle and conf_req_flag == 0 more explicit
metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2009-08-25 23:34:38 -07:00
Stefan Metzmacher
560cb0c132 gsskrb5: fix ec and padding handling in _gssapi_unwrap_cfx_iov()
metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2009-08-25 23:34:38 -07:00
Stefan Metzmacher
76f0fb9170 gsskrb5: fix ec and padding handling in _gssapi_wrap_cfx_iov()
metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2009-08-25 23:34:38 -07:00
Stefan Metzmacher
f286dd5d64 gsskrb5: fix _gssapi_wrap_iov_length_cfx() - there's more than just krb5 overhead...
metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2009-08-25 23:34:38 -07:00
Stefan Metzmacher
1a0423fd3d gsskrb5: make _gk_allocate_buffer() non static
metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2009-08-25 23:34:38 -07:00
Stefan Metzmacher
60725fd2f5 gsskrb5: add _gk_verify_buffers()
metze

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
2009-08-25 23:34:37 -07:00
Love Hornquist Astrand
9ccc79c5b6 Don't leak context if nsi_probe failes
Deduced from valgrind log produced by Markus Moeller
2009-08-22 10:52:22 -07:00
Love Hornquist Astrand
6618ca5ffc switch to EVP_MD_CTX_create() and thus make smaller 2009-08-21 07:22:49 -07:00
Love Hornquist Astrand
56f90c5b19 switch to EVP_MD_CTX_create() and thus make smaller 2009-08-21 07:16:28 -07:00
Love Hornquist Astrand
f465930be7 switch to EVP_MD_CTX_create() and thus make smaller 2009-08-21 07:16:19 -07:00
Love Hornquist Astrand
dfd40e4403 switch to EVP_MD_CTX_create() and thus make smaller 2009-08-21 07:16:09 -07:00
Love Hornquist Astrand
03cb3aa56b use EVP_MD_CTX_create 2009-08-20 17:13:09 -07:00
Love Hornquist Astrand
88d55a1d06 Make compile for weak crypto global (HEIM_WEAK_CRYPTO) and use it for GSSAPI too 2009-08-17 18:06:42 +02:00
Love Hornquist Astrand
fc702a97f5 switch to use EVP interface instead of old crypto interface 2009-08-17 17:30:59 +02:00
Love Hornquist Astrand
62433c844c switch to use EVP interface instead of old crypto interface 2009-08-17 16:02:45 +02:00
Love Hornquist Astrand
fcfa32b0b9 Use constant time memcmp 2009-08-17 12:04:51 +02:00
Love Hornquist Astrand
42cec58cb4 switch to use EVP interface instead of old crypto interface 2009-08-17 11:43:24 +02:00