oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
26,279 Commits 2 Branches 2 Tags
2bcacbd052cb88d7fa850798ce30a00442b87c64
Commit Graph

26279 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Love Hornquist Astrand
6cdf8104f7 do is deprecated, so lets stop using it 2010-10-02 12:05:41 -07:00
Love Hornquist Astrand
0789271ebb indent, return error code 2010-10-02 11:59:53 -07:00
Andrew Bartlett
7ea9ccf737 heimdal: added verbose logging of hemimdal crypto errors 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-10-02 11:56:26 -07:00
Andrew Bartlett
c434086ba0 Add error code to use when a secret is not in this database 
This will happen on an RODC, which has the entry, but not the full
secret.

Andrew Bartlett

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-10-02 11:52:28 -07:00
Andrew Bartlett
1d09e39d45 Don't segfault when in --one-file mode 
The problem is that on Linux, fclose() of a NULL pointer segfaults

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-10-02 11:51:42 -07:00
Buck Huppmann
799956e9b7 Check if we should enable weak crypto before parsing enctypes list 
This since the enctypes lists doesn't include weak crypto alg in the
resulting list.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-10-02 11:28:20 -07:00
Love Hornquist Astrand
0d64a7830b 1.5 items 2010-10-02 10:54:03 -07:00
Love Hornquist Astrand
6beb058640 Handle picky windows RODC servers 2010-10-01 17:49:05 -07:00
Patrik Lundin
d5e4619738 Fix order of arguments given to memchr(). 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-30 21:30:33 -07:00
Love Hornquist Astrand
3128a7a416 SHA384 2010-09-30 18:36:58 -07:00
Love Hornquist Astrand
b206aeb016 SHA384 2010-09-30 18:22:00 -07:00
Love Hornquist Astrand
1b48afda47 add sha512 2010-09-30 01:04:19 -07:00
Love Hornquist Astrand
9dbcb98f84 clue in sha512 in rsa signature 2010-09-30 01:00:42 -07:00
Love Hornquist Astrand
1072afd6bf Andrew Bartlet pointed out that the patch was incomplete, update and write doxygen. 2010-09-30 00:44:35 -07:00
Love Hornquist Astrand
6699b5e59a get padding size right 2010-09-30 00:20:52 -07:00
Love Hornquist Astrand
42727fc891 glue in sha512 2010-09-30 00:18:03 -07:00
Love Hornquist Astrand
150f1401d1 Add SHA512 2010-09-30 00:08:48 -07:00
Love Hornquist Astrand
b32651c830 SHA512 support 2010-09-29 23:41:15 -07:00
Love Hornquist Astrand
5fc132d888 add _der_gmtime, use and test it 2010-09-29 13:32:39 -07:00
Love Hornquist Astrand
f454f45fbf If the hostname contains a dot, assumes it's a FQAN and don't use 
search domains since that might be painfully slow when machine is
disconnected from that network.

Found by Tridge
 2010-09-28 22:37:01 -07:00
Love Hornquist Astrand
5410614330 free more bn that was allocated 2010-09-28 22:12:20 -07:00
Love Hornquist Astrand
97d939d9af don't allocate n twice, indent 2010-09-28 22:08:00 -07:00
Andrew Bartlett
76266ab5ac s4:heimdal Create a new PAC when impersonating a user with S4U2Self 
If we don't do this, the PAC is given for the machine accout, not the
account being impersonated.

Andrew Bartlett

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-26 15:15:18 -07:00
Karolin Seeger
035106be97 s4-krb5: Fix typos in comment. 
Karolin

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-26 15:12:09 -07:00
Andrew Bartlett
0e128912af s4:heimdal Add hooks to check with the DB before we allow s4u2self 
This allows us to resolve multiple forms of a name, allowing for
example machine$@REALM to get an S4U2Self ticket for
host/machine@REALM.

Andrew Bartlett

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-26 15:11:05 -07:00
Karolin Seeger
77a6204452 s4-heimdal: Fix typo in comment. 
Karolin

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-26 15:08:28 -07:00
Karolin Seeger
260e19ac09 s4-heimdal: Fix typo in comment. 
Karolin

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-26 15:06:58 -07:00
Love Hornquist Astrand
07e7cdd4f0 Support PADDING_NONE for encryption too 2010-09-23 11:11:00 -07:00
Love Hornquist Astrand
74e46d59c1 add back hx509_crypto_allow_weak 2010-09-22 15:00:13 -07:00
Love Hornquist Astrand
6f328a9194 add padding support via hx509_crypto_set_padding 2010-09-22 14:41:17 -07:00
Love Hornquist Astrand
2f9f212980 remove unused header file 2010-09-19 01:47:32 -07:00
Love Hornquist Astrand
686f2abe61 x 2010-09-19 01:14:07 -07:00
Love Hornquist Astrand
b5bc5c1d84 add PTHREAD_LIBADD 2010-09-19 00:55:36 -07:00
Love Hornquist Astrand
84f6409923 Move to a plugin cache, contributed from Secure Endpoints 2010-09-18 23:37:06 -07:00
Asanka C. Herath
cad554ad3d Generalize MSLSA ccache type to a plug-in based ccache type 2010-09-18 23:50:38 -04:00
Asanka C. Herath
a4be8fcd7e Windows: Add missing export for libhcrypto-exports.def 2010-09-18 23:41:53 -04:00
Love Hornquist Astrand
fea391eb96 remove prefix zeros 2010-09-18 14:45:33 -07:00
Love Hornquist Astrand
8668bfaefc less brokenness 2010-09-18 11:55:59 -07:00
Love Hornquist Astrand
8de6bccd50 add validate.obj 2010-09-18 11:33:09 -07:00
Simon Wilkinson
75df9577e7 Uses unsigned ints for lengths 
EVP_BytesToKey uses min() on a mixture of signed and unsigned
paramters. To avoid compiler warnings, use unsigned int for all
of the iv and key lengths in this function.

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-18 11:30:06 -07:00
Love Hornquist Astrand
9907781fa3 make address a full adress 2010-09-18 11:26:09 -07:00
Anton Lundin
057f139f6a Fix to build on aix. 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-17 12:21:58 -07:00
Anton Lundin
61bfc2997b Fix testing when compiled with --disable-afs-support 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-17 12:21:39 -07:00
Love Hornquist Astrand
4328f3980f make addresses not use compression in the middle since diffrent 
inet_ntop have diffrent way to format them
 2010-09-17 12:20:29 -07:00
Anton Lundin
eac56da073 Rename struct to not clash with aix header sys/proc.h 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-16 22:47:27 -07:00
Anton Lundin
46a4a64dfe ifdef away code to be able to build with --disable-krb4 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-16 22:47:14 -07:00
Love Hornquist Astrand
0bfd697f62 use krb5_unparse_name instead of krb5_unparse_name_short since that doesnt fail. From Zdenek Hatas 2010-09-16 20:59:35 -07:00
Love Hornquist Astrand
cf925c82b8 typecase to avoid warning 2010-09-15 22:47:52 -07:00
Love Hornquist Astrand
6a57e6a784 make test pass 2010-09-15 21:57:48 -07:00
Guillaume Rousse
bf208183dc add version-script.map to distributed files 
Signed-off-by: Guillaume Rousse <Guillaume.Rousse@inria.fr>
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-09-15 20:06:24 -07:00