oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
26,916 Commits 2 Branches 2 Tags
3bebbe5323ef94219fe8baf43b0cc965836ff164
Commit Graph

48 Commits

Author SHA1 Message Date
Nicolas Williams
3bebbe5323 Fixes to make Heimdal -Wall -Werror clean 
These fixes make developer mode build, at least on Ubuntu.
 2011-11-02 21:42:08 -05:00
Love Hörnquist Åstrand
1124c4872d KVNOs are krb5uint32 in RFC4120, make it so 2011-07-24 14:23:45 -07:00
Nicolas Williams
c06d5ebfda Fixes to patches that add *use-strong* parameters. 
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2011-06-14 20:35:19 -07:00
Nicolas Williams
256cf6ea12 This patch adds support for a use-strongest-server-key krb5.conf kdc parameter that controls how the KDC (AS and TGS) selects a long-term key from a service principal's HDB entry. If TRUE the KDC picks the strongest supported key from the service principal's current keyset. If FALSE the KDC picks the first supported key from the service principal's current keyset. 
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2011-06-14 20:35:19 -07:00
Love Hornquist Astrand
0879b9831a remove trailing whitespace 2011-05-21 11:57:31 -07:00
Andrew Bartlett
10f9468f9d heimdal Return HDB_ERR_NOT_FOUND_HERE to the caller 
This means that no reply packet should be generated, but that instead
the user of the libkdc API should forward the packet to a real KDC,
that has a full database.

Andrew Bartlett

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-11-28 19:40:07 -08:00
Love Hornquist Astrand
4cdd645ff4 add backends implement hdb_fetch_kvno, use it 2010-11-28 11:35:41 -08:00
Andrew Bartlett
f469fc6d49 heimdal Add support for extracting a particular KVNO from the database 
This should allow master key rollover.

(but the real reason is to allow multiple krbtgt accounts, as used by
Active Directory to implement RODC support)

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
 2010-11-28 09:52:54 -08:00
Love Hornquist Astrand
dde9ae659b drop RCSID 2010-03-16 12:50:09 -07:00
Love Hornquist Astrand
aa292cd80b use krb5_get_error_message() 2009-11-03 23:51:11 -08:00
Love Hornquist Astrand
09f64eb7c5 Free ent on failure [CID-171] 2009-07-30 09:59:23 +02:00
Love Hörnquist Åstrand
ba04bad361 From Andrew Bartlet via heimdal-bugs@h5l.org 
s4:heimdal Allow KRB5_NT_ENTERPRISE names in all DB lookups

    The previous code only allowed an KRB5_NT_ENTERPRISE name (an e-mail
    list user principal name) in an AS-REQ.  Evidence from the wild
    (Win2k8 reportadely) indicates that this is instead valid for all
    types of requests.

    While this is now handled in heimdal/kdc/misc.c, a flag is now defined
    in Heimdal's hdb so that we can take over this handling in future (once we start
    using a system Heimdal, and if we find out there is more to be done
    here).

    Andrew

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25293 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-07-03 03:16:35 +00:00
Love Hörnquist Åstrand
6937d41a02 remove trailing whitespace 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23815 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 09:21:03 +00:00
Love Hörnquist Åstrand
e172367898 switch to utf8 encoding of all files 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23814 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 08:53:55 +00:00
Love Hörnquist Åstrand
7fcd266fdd use krb5_set_error_message 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23316 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-06-23 04:32:32 +00:00
Love Hörnquist Åstrand
30a0cc5d6a (_kdc_db_fetch): set error string for failures. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21106 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-06-18 10:18:11 +00:00
Love Hörnquist Åstrand
647c78fdc2 indent. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17951 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-08-28 14:41:49 +00:00
Love Hörnquist Åstrand
3ffb120454 (_kdc_get_preferred_key): new function, Use the order list of 
preferred encryption types and sort the available keys and return the
most preferred key.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17907 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-08-24 08:40:56 +00:00
Love Hörnquist Åstrand
599d3cf216 Change _kdc_db_fetch() to return the database pointer too if needed by 
the consumer.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17904 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-08-23 11:45:16 +00:00
Love Hörnquist Åstrand
5c9982831b pass down HDB_F_GET_ flags as appropriate 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17316 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-27 11:33:21 +00:00
Love Hörnquist Åstrand
83d3254750 (_kdc_db_fetch): Break out the that we request from principal from the 
entry and pass it in as a seprate argument.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17308 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-27 11:05:25 +00:00
Love Hörnquist Åstrand
6d3861991a (_kdc_db_fetch): use calloc to allocate the entry, from Andrew Bartlet. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16420 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-01-01 23:17:16 +00:00
Love Hörnquist Åstrand
0c2369acd0 Wrap hdb_entry with hdb_entry_ex, patch originally from Andrew Bartlet 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16378 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-12-12 12:40:12 +00:00
Love Hörnquist Åstrand
7a3fc5e663 Don't pollute namespace, generate public headerfile 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15532 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-06-30 01:54:49 +00:00
Love Hörnquist Åstrand
7132a9b084 Merge in the libkdc/kdc configuration split from Andrew Bartlet <abartlet@samba.org> 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15529 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-06-30 01:03:35 +00:00
Love Hörnquist Åstrand
0540f13b86 prefix all struct HDB elements with hdb_ 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@12880 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2003-09-19 00:25:35 +00:00
Assar Westerlund
4f287022ce (db_fetch): return better error code 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9615 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-01-30 03:54:21 +00:00
Assar Westerlund
ddb37f32c6 (db_fetch): HDB_ERR_NOENTRY makes more sense than ENOENT 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9614 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-01-30 03:27:09 +00:00
Assar Westerlund
03056efa09 (db_fetch): return an error code. change callers to look at this and 
try to print it in log messages


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9598 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2001-01-30 01:43:07 +00:00
Assar Westerlund
2032126e34 (db_fetch): check malloc 
(free_ent): new function


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@9030 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2000-09-10 14:13:51 +00:00
Johan Danielsson
c5b916ca6f remove advertising clause 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7464 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-12-02 17:05:13 +00:00
Johan Danielsson
53e2cee457 update for multi-database code 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@7335 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-11-09 18:04:03 +00:00
Johan Danielsson
0f9491fda4 add flags to fetch 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@6107 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1999-05-03 17:22:05 +00:00
Assar Westerlund
a0252085bc removed seal and unsealing functions 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3630 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-10-16 04:24:51 +00:00
Johan Danielsson
7aae890bf5 use new master key functions 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3369 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-09-03 20:15:08 +00:00
Johan Danielsson
fccad9f3ab Pass `database' to hdb_open. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3295 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-08-30 19:33:09 +00:00
Johan Danielsson
b57500fe40 use hdb_unseal_key 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2842 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-08-09 00:18:01 +00:00
Johan Danielsson
a0464f4b20 Make context global. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2701 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-08-04 18:20:36 +00:00
Johan Danielsson
584eb44cb9 Pass context to kdc_log. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2664 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-08-01 14:47:43 +00:00
Johan Danielsson
1b6b414c80 New functions set_master_key, unseal_key and free_key. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2597 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-24 07:41:44 +00:00
Johan Danielsson
58716deb97 Don't free principal. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2578 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-24 04:44:15 +00:00
Assar Westerlund
5b96029642 leak a little bit less memory 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2562 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-23 23:06:05 +00:00
Johan Danielsson
70923893dd Use ALLOC. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2522 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-23 02:09:20 +00:00
Assar Westerlund
c50ac57aee check result of hdb_open 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2432 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-18 15:33:35 +00:00
Johan Danielsson
5a32a5c8e7 Add copyright notice. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2389 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-16 21:40:05 +00:00
Johan Danielsson
b2e14e1b91 Make db_fetch take a krb5_principal. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2347 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-16 01:23:45 +00:00
Johan Danielsson
e1caece009 Update to reality. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2112 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-07-09 05:34:32 +00:00
Johan Danielsson
96f3cac1da Split into more files. Add support for TCP. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@1848 ec53bebd-3082-4978-b11e-865c3cabbd6b
 1997-06-07 17:35:53 +00:00