oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
28,314 Commits 2 Branches 2 Tags
27d7939d74392459741c6c99690b74f193c269c7
Commit Graph

28314 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Stefan Metzmacher
8c8a39b0b7 heimdal:lib/krb5: let build_logon_name() use KRB5_PRINCIPAL_UNPARSE_DISPLAY 
An ENTERPRISE principal should result in 'administrator@S4XDOM.BASE'
instead of 'administrator\@S4XDOM.BASE'.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11142
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
 2015-06-17 17:41:27 -05:00
Stefan Metzmacher
2e6318f09a heimdal:lib/krb5: allow enterprise principals in verify_logonname() 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11142
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
 2015-06-17 17:41:26 -05:00
Volker Lendecke
02616866e5 heimdal: Fix the developer O3 build 
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
 2015-06-17 17:41:26 -05:00
Andrew Bartlett
c450abd01a heimdal: Ensure that HDB_ERR_NOT_FOUND_HERE, critical for the RODC, is not overwritten 
This change ensures that our RODC will correctly proxy when asked to provide
a ticket for a service or user where the keys are not on this RODC.

Signed-off-by: Garming Sam <garming@catalyst.net.nz>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2015-06-17 17:41:26 -05:00
Günther Deschner
0f19fdec83 s4-heimdal: fix krb5_get_init_creds_opt_set_process_last_req(). 
Most probably just a copy/paste error.

Guenther

Signed-off-by: Günther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
 2015-06-17 17:41:26 -05:00
Santosh Kumar Pradhan
e5144acab0 heimdal: Use krb5_free_default_realm() for free() 
The resource allocated by krb5_default_default_realm() should be
free()'d by krb5_free_default_realm() instead of plain free()
for better readability.

Signed-off-by: Santosh Kumar Pradhan <spradhan@redhat.com>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
 2015-06-17 17:41:26 -05:00
Andrew Bartlett
324ac13b32 heimdal: remove checking of KDC PAC signature, delegate to wdc plugin 
The checking of the KDC signature is more complex than it looks, it may be of a different
enc type to that which the ticket is encrypted with, and may even be prefixed
with the RODC number.

This is better handled in the plugin which can easily look up the DB for the
correct key to verify this with, and can also quickly determine if this is
an interdomain trust, which we cannot verify the PAC for.

Andrew Bartlett
 2015-06-17 17:41:26 -05:00
Andrew Bartlett
5c8e3c6108 Fix shell syntax in COVERITY_SCAN_BRANCH test 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2015-06-17 17:41:25 -05:00
Andrew Bartlett
95256a6129 kdc: Preserve error code from Pre Authentication .validate hook 
This is required to ensure the client still gets errors like KRB5KDC_ERR_PREAUTH_FAILED, rather than
KRB5KDC_ERR_PREAUTH_REQUIRED, which become a confusing KRB5_GET_IN_TKT_LOOP.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-with: Garming Sam <garming@catalyst.net.nz>
Signed-off-by: Garming Sam <garming@catalyst.net.nz>
 2015-06-17 17:41:25 -05:00
Andrew Bartlett
960fa481be Add test for incorrect password 
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
 2015-06-17 17:41:25 -05:00
Sergio Gelato
50e2a5ce95 (patch) man page syntax errors 
A few fixes for syntax errors in man pages, as reported by lintian:

Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2015-05-26 16:03:00 +02:00
Nicolas Williams
05a919b94b iprop slave: try incremental after complete xfer 
The following sequence of events results in slave B having a stale HDB:

 - slave A connects to master, master dumps HDB for the slave
 - kadm5 operations
 - slave B connects to master, master sends previously dumped HDB

slave B won't discover any updates until the next transaction.

The fix is simple: the slave should immediately call ihave() after
receiving a complete HDB.
 2015-05-20 10:07:52 -05:00
Nicolas Williams
4158ddbc25 Fix HDB rename/close order in iprop slave 2015-05-20 10:07:52 -05:00
Nicolas Williams
409501e5e4 Tolerate some time-travel by slaves 2015-05-20 10:07:51 -05:00
Nicolas Williams
854aaab182 iprop master: Don't ignore flock() result 2015-05-20 10:07:51 -05:00
Nicolas Williams
56b67ac2eb start-realm: don't write NUL 2015-05-20 10:07:51 -05:00
Jeffrey Altman
26c7affa70 roken: fix 0acef7729f 
Should have used -- instead of == in the prior commit.

Change-Id: I90f8886b754dda19970c6579ffa477634e8dc4a5
 2015-05-20 11:05:38 -04:00
Jeffrey Altman
0acef7729f roken: fix append_string "%.s" non-nul termination 
It should be possible to pass a format string of "%.s" to permit
a non-nul terminated string to be used as input.  The test of remaining
precision and the test for NUL needs to be reversed to permit this
behavior to function correctly.

Change-Id: I200f9c2886419dc4c3870f5f44bc10e81245f56c
 2015-05-20 10:27:12 -04:00
Love Hörnquist Åstrand
e51c2126e6 Merge pull request #128 from kiransj/patch-1 
Fix compilation error in dlfcn.h
 2015-04-30 00:25:30 -07:00
Kiran S J
a350c5265a Fix compilation error when in dlfcn.h 
When dlfcn.h is included from a C++ file causes a compilation error due to missing '{'.
 2015-04-30 12:30:28 +05:30
Love Hörnquist Åstrand
4c98e27eda call hdb_auth_status when password is wrong in the ENC-CHAL case too, thanks Andrew Bartlett for pointing this out 2015-04-28 08:54:24 -07:00
Love Hörnquist Åstrand
3d469d7386 Merge pull request #124 from Sp1l/master 
Fix build when OpenSSL has no EGD support
 2015-04-28 08:36:43 -07:00
Love Hörnquist Åstrand
532d1166fd remove always true condition 2015-04-28 08:20:39 -07:00
vdukhovni
beb187b9ac Merge pull request #127 from jelmer/typo-fixes 
Typo: enviroment -> environment.
 2015-04-25 13:58:46 -04:00
Jelmer Vernooij
9eb31585c0 Typo: enviroment -> environment. 2015-04-25 17:37:17 +00:00
Jeffrey Altman
832ee39994 YFS Coverity 11034 
Change-Id: I5037b7e6d804e6a61e02258927f06d24cc0b2051
 2015-04-21 22:18:09 -04:00
Jeffrey Altman
1e85577f93 YFS Coverity 11631 
Change-Id: I0848303e123ec07ac8c552c736510e7be2dd5598
 2015-04-21 21:59:42 -04:00
Jeffrey Altman
2de3d14937 YFS Coverity 11745 
Change-Id: I4172f81a187cf398c4538de36067ae19eb2534e3
 2015-04-21 21:57:23 -04:00
Jeffrey Altman
7b17e3015b YFS Coverity 11475 
Change-Id: I3b6cde99859979e5db866c3f707f194144251ee1
 2015-04-21 21:50:43 -04:00
Jeffrey Altman
afd946149f YFS Coverity 11738 
Change-Id: I553c310afbefb50521d90e0aa7121cae359ee311
 2015-04-21 21:47:48 -04:00
Jeffrey Altman
bcb92ceaa7 YFS Coverity 11694 
Change-Id: If43c93b8dc1088710a0cd48987cb9e69acb6ec23
 2015-04-21 21:22:15 -04:00
Jeffrey Altman
2b168c8be2 YFS Coverity 11525 
Change-Id: I1e0a33ee1ae1a61dbdecc731451852590aa3883c
 2015-04-21 21:14:54 -04:00
Bernard Spil
858480145b Refactor EGD conditional support 
As per Jeremy's request in #124
Windows does not define HAVE_RAND_EGD resulting in the same conditional
support for EGD.
 2015-04-21 10:04:08 +02:00
Nicolas Williams
8cdd54c997 coverity 1164162 2015-04-19 15:04:16 -05:00
Nicolas Williams
e8563aeae5 coverity 1164093 2015-04-19 14:39:10 -05:00
Nicolas Williams
41524590be fixup coverity 1164099 2015-04-19 14:03:59 -05:00
Nicolas Williams
e7b5efb103 coverity 1164091 2015-04-18 23:19:26 -05:00
Nicolas Williams
528b6d093c coverity 1164092 2015-04-18 23:19:25 -05:00
Nicolas Williams
0e524f3acb coverity 1164099 2015-04-18 23:19:25 -05:00
Nicolas Williams
e010254cc2 coverity 745495 2015-04-18 23:19:25 -05:00
Nicolas Williams
73c4db7269 coverity 745505 2015-04-18 23:19:25 -05:00
Nicolas Williams
b6e4d25d0d coverity 1164086 2015-04-18 23:19:24 -05:00
Love Hörnquist Åstrand
f1fca8be14 less make 2015-04-18 17:21:56 -07:00
Love Hörnquist Åstrand
a26007cebc (keychain_init): free ctx on error 2015-04-18 17:08:09 -07:00
Love Hörnquist Åstrand
9c4d304fb2 spelling 2015-04-18 15:51:15 -07:00
Love Hörnquist Åstrand
bab271854b go back to apt-get install 2015-04-18 15:36:34 -07:00
Love Hörnquist Åstrand
4b7600ebf0 spelling 2015-04-18 15:29:39 -07:00
Love Hörnquist Åstrand
4d40d1f578 use apt addon 2015-04-18 15:09:21 -07:00
Love Hörnquist Åstrand
7f03fe5d58 skip installing 2015-04-18 14:45:25 -07:00
Love Hörnquist Åstrand
76c29daad7 restructure 2015-04-18 14:19:48 -07:00