oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
26,060 Commits 2 Branches 2 Tags
29603ecb161b4e7db0e80cb15d1ac3873a93adf0
Commit Graph

1429 Commits

Author SHA1 Message Date
Love Hörnquist Åstrand
fb086a0312 Adapt to the new sigature of _kdc_find_keys(). 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17906 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-08-24 08:33:53 +00:00
Love Hörnquist Åstrand
c97d034ed3 Handle session key etype separately from the tgt etype, now the krbtgt 
can be a aes-only key without the need to support not-as-good etypes
for the krbtgt.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17905 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-08-24 08:33:09 +00:00
Love Hörnquist Åstrand
599d3cf216 Change _kdc_db_fetch() to return the database pointer too if needed by 
the consumer.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17904 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-08-23 11:45:16 +00:00
Love Hörnquist Åstrand
615106f750 (_kdc_pk_check_client): make it not crash when there are no acl 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17831 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-07-13 18:37:58 +00:00
Love Hörnquist Åstrand
fea203a708 (_kdc_pk_check_client): use the acl in the kerberos database 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17830 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-07-13 18:32:45 +00:00
Love Hörnquist Åstrand
ce5ef410ee (tgs_build_reply): when checking for removed principals, check the 
second component of the krbtgt, otherwise cross realm wont work.
Prompted by report from Mattias Amnefelt.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17806 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-07-06 15:38:31 +00:00
Love Hörnquist Åstrand
5f62c460c3 (handle_vanilla_tcp): use unsigned integer for for length( 
(handle_tcp): if the high bit it set in the unknown case, send back a
KRB_ERR_FIELD_TOOLONG


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17798 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-07-05 12:00:16 +00:00
Love Hörnquist Åstrand
45067d5a62 Use enable_v4_per_principal and check the new hdb flag. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17647 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-14 18:27:28 +00:00
Love Hörnquist Åstrand
8e6754870a Add enable_v4_per_principal 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17646 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-14 18:26:18 +00:00
Love Hörnquist Åstrand
0f10ba4f2b (_kdc_as_rep): if kdc_time + config->kdc_warn_pwexpire is past pw_end, 
add expiration message. From Bernard Antoine.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17643 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-12 21:42:01 +00:00
Love Hörnquist Åstrand
c69e1634dc (krb5_kdc_default_config): set kdc_warn_pwexpire to 0 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17642 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-12 21:35:22 +00:00
Love Hörnquist Åstrand
12b46a7841 indent. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17641 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-12 21:31:23 +00:00
Love Hörnquist Åstrand
372b23bf06 constify 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17634 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-07 06:03:34 +00:00
Love Hörnquist Åstrand
fb9ab0b9d9 (tgs_build_reply): add constrained delegation. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17625 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-06 16:35:26 +00:00
Love Hörnquist Åstrand
a060a07f20 Add impersonation. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17622 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-06 15:07:46 +00:00
Love Hörnquist Åstrand
049a354efd (do_request): clean reply with krb5_data_zero 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17604 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-01 17:52:09 +00:00
Love Hörnquist Åstrand
e030c0d5e1 Split up the reverse cross krbtgt check and local clien must exists test. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17603 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-01 17:43:03 +00:00
Love Hörnquist Åstrand
23478bc157 Plug old memory leaks, unify all goto's. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17602 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-01 16:40:14 +00:00
Love Hörnquist Åstrand
cb7d1402f1 Split tgs_rep2 into tgs_parse_request and tgs_build_reply. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17600 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-01 13:17:42 +00:00
Love Hörnquist Åstrand
b0a3fd3a9c Add krb5tgs.c 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17599 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-01 11:19:59 +00:00
Love Hörnquist Åstrand
379d35fc8f split out krb5 tgs req to make it easier to reorganize the code. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17598 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-01 11:15:20 +00:00
Love Hörnquist Åstrand
1d2a17eca0 (tgs_rep2): check for memory alloc failure 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17597 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-06-01 10:55:28 +00:00
Love Hörnquist Åstrand
4c970b550e Avoid shadowing. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17579 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-13 21:22:55 +00:00
Love Hörnquist Åstrand
eeb100abe7 Don't call DH_check_pubkey, it doesn't exists in older OpenSSL. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17489 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-06 13:22:33 +00:00
Love Hörnquist Åstrand
652da91adb Rename u_intXX_t to uintXX_t 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17447 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-05 10:52:01 +00:00
Love Hörnquist Åstrand
30c1b8e531 Use the new unsigned integer storage types. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17429 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-04 09:51:22 +00:00
Love Hörnquist Åstrand
8faf263b83 Use the new unsigned integer storage types. Sprinkle some error handling. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17428 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-04 09:50:56 +00:00
Love Hörnquist Åstrand
b5cc2fa7aa (krb5_kdc_configuration): add pkinit_kdc_ocsp_file 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17413 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-03 12:03:29 +00:00
Love Hörnquist Åstrand
a276f37c56 read [kdc]pki-kdc-ocsp 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17412 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-03 12:02:55 +00:00
Love Hörnquist Åstrand
044719a5bd (_kdc_pk_mk_pa_reply): send back ocsp response if it seems to be 
valid, simplfy the pkinit-windows DH case (it doesn't exists).


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17410 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-02 14:04:34 +00:00
Love Hörnquist Åstrand
36b923f56a (_kdc_pk_check_client): reorganize and make log when a SAN matches. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17348 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-29 14:30:01 +00:00
Love Hörnquist Åstrand
76ee5cb311 (tgs_rep2): check that the client exists in the kerberos database if 
its local request.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17317 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-27 12:01:09 +00:00
Love Hörnquist Åstrand
5c9982831b pass down HDB_F_GET_ flags as appropriate 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17316 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-27 11:33:21 +00:00
Love Hörnquist Åstrand
357ca89f2d (_kdc_db_fetch4): pass down flags though krb5_425_conv_principal_ext2 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17315 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-27 11:32:13 +00:00
Love Hörnquist Åstrand
83d3254750 (_kdc_db_fetch): Break out the that we request from principal from the 
entry and pass it in as a seprate argument.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17308 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-27 11:05:25 +00:00
Love Hörnquist Åstrand
61be59e8c7 make compile 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17290 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 18:53:52 +00:00
Love Hörnquist Åstrand
459f0648f1 Add option [kdc]pki-allow-proxy-certificate=bool to allow using proxy certificate. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17287 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 18:42:48 +00:00
Love Hörnquist Åstrand
d7bc1efbc8 (_kdc_pk_check_client): Use hx509_cert_get_base_subject to get subject 
name of the certificate, needed for proxy certificates.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17285 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 18:36:22 +00:00
Love Hörnquist Åstrand
f591c22c1f Now that find_keys speaks for it self, remove extra logging. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17265 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 15:27:25 +00:00
Love Hörnquist Åstrand
f9d85a2590 (find_keys): add client_name and server_name argument and use them, 
and adapt callers.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17264 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 15:22:57 +00:00
Love Hörnquist Åstrand
2edcff9efa Catch the case where the client sends no encryption types or no pa-types. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17232 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-25 12:23:04 +00:00
Love Hörnquist Åstrand
313fa917d5 Adapt to change in hx509_cms_create_signed_1. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17171 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-22 12:10:16 +00:00
Love Hörnquist Åstrand
1b73708904 (_kdc_pk_rd_padata): use hx509_cms_unwrap_ContentInfo. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17117 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-20 19:55:09 +00:00
Love Hörnquist Åstrand
538658a4e5 unbreak 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17113 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-20 18:17:16 +00:00
Love Hörnquist Åstrand
2ad7b45365 Handle diffrences between libhcrypto and libcrypto. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17111 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-20 18:15:48 +00:00
Love Hörnquist Åstrand
45fd105a52 Rename pki-chain to pki-pool to match rest of code. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17106 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-20 17:00:18 +00:00
Love Hörnquist Åstrand
6815452550 Added certificate revoke information from configuration file. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17054 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-12 13:21:46 +00:00
Love Hörnquist Åstrand
1082824558 (v4_prop_dump): close FILE handle f when done. 
Fixes Coverity NetBSD CID#1956


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17023 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-09 17:41:47 +00:00
Love Hörnquist Åstrand
8f297fdb5c (_kdc_do_524): Handle memory allocation failure 
Coverity, NetBSD CID#2752


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17015 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-07 22:12:28 +00:00
Love Hörnquist Åstrand
5800a9f897 (main): make sure type doesn't need to be set 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17012 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-07 21:41:14 +00:00