Love Hornquist Astrand
a66a23bb45
Apply old patch from me that handles client's behind NAT
...
Tested by Harald Barth and bugfix by Ragnar Sundblad
2011-12-15 22:00:00 -08:00
Love Hornquist Astrand
b6f3ca6712
add heim_show, sort lines
2011-12-15 21:51:06 -08:00
Love Hornquist Astrand
8e1b58e923
move function pointer to last argument
2011-12-15 21:48:33 -08:00
Love Hornquist Astrand
b780dddb9b
add show
2011-12-15 21:48:20 -08:00
Love Hornquist Astrand
d05e64b967
move function pointer to last argument
2011-12-15 21:48:09 -08:00
Love Hornquist Astrand
8deda7a299
add show, move function pointer to last argument
2011-12-15 21:47:56 -08:00
Love Hornquist Astrand
9cfc014a66
name KRB5_PLUGIN_KUSEROK "kuserok-plugin"
2011-12-15 21:46:43 -08:00
Nicolas Williams
dd05873d0c
Fix regression in ASN.1 int type generation
...
The 64-bit integer support changed the logic for deciding when an
INTEGER should map to a signed or unsigned 32- or 64-bit integer
type. The upshot is that two places where we had {0, INT_MAX}
ranges needed to be changed to be {0, UINT_MAX}.
We need to tweak the integer type mapping logic to have a bias for
unsigned integer types. Unsigned is better.
2011-12-15 14:37:09 -06:00
Nicolas Williams
4630ef1bdc
Fix kuserok.c:check_owner_file(), make tests/kdc/check-authz run
2011-12-14 18:01:35 -06:00
Love Hornquist Astrand
fb26e41d06
to utf8
2011-12-14 08:46:05 -08:00
Love Hornquist Astrand
477738a80d
try w/o FAST if the KDC doesnt seem to handle it
2011-12-14 08:46:05 -08:00
Love Hörnquist Åstrand
2be0f1a1a4
check that we don't use negative size for arrays
2011-12-13 21:52:05 -08:00
Love Hörnquist Åstrand
2a551314a6
don't use negative size
2011-12-13 21:51:48 -08:00
Nicolas Williams
a222521e68
64-bit build fixes for ASN.1 compiler 64-bit integer support
2011-12-13 13:03:57 -06:00
Love Hornquist Astrand
449fb4775e
check length of TESTuint64
2011-12-12 23:13:56 -08:00
Love Hornquist Astrand
80fd2959b9
check length of TESTuint64
2011-12-12 23:13:47 -08:00
Love Hornquist Astrand
9a4f8c3da7
add missing dependency
2011-12-12 23:11:21 -08:00
Love Hornquist Astrand
b91258ccdc
better naming
2011-12-12 22:49:25 -08:00
Love Hornquist Astrand
a11ca3cb1b
add rk_getpwnam_r
2011-12-12 21:55:06 -08:00
Love Hornquist Astrand
d453899462
split user and dir, use rk_getpwnam_r
2011-12-12 21:53:41 -08:00
Love Hornquist Astrand
167084b3e7
ident
2011-12-12 21:28:52 -08:00
Love Hornquist Astrand
54ce0a776c
re-encode as utf8
2011-12-12 21:26:52 -08:00
Nicolas Williams
19d378f44d
Add 64-bit integer support to ASN.1 compiler
...
ASN.1 INTEGERs will now compile to C int64_t or uint64_t, depending
on whether the constraint ranges include numbers that cannot be
represented in 32-bit ints and whether they include negative
numbers.
Template backend support included. check-template is now built with
--template, so we know we're testing it.
Tests included.
2011-12-12 20:01:20 -06:00
Andrew Bartlett
0e7437ba2e
HEIMDAL: Supply krb5_context to _krb5_internal_hmac to allow logging
...
Without this, log messages from any abort are not printed to
the samba logs.
Andrew Bartlett
Signed-off-by: Love Hornquist Astrand <lha@h5l.org >
2011-12-11 21:45:15 -08:00
Love Hornquist Astrand
c4d97ae93e
encode result code with right length, pointed out by Rangar Sundblad, thanks!
2011-12-11 18:22:29 -08:00
Love Hornquist Astrand
2eb0d6ec82
dont entrust sprintf to encode binary packets
2011-12-11 18:08:05 -08:00
Nicolas Williams
35e28dcd5d
Fix incomplete sentence in krb5.conf.5
2011-12-10 14:27:46 -06:00
Nicolas Williams
27ba7a5982
Address code review comments (use .Xr and .Pa macros in krb5.conf.5)
2011-12-10 14:06:16 -06:00
Nicolas Williams
e00b43a94b
Address code review comments (k5login/foo in EXTRA_DIST)
2011-12-10 14:06:15 -06:00
Nicolas Williams
3109770484
Address code review comments (use _krb5_homedir_access())
2011-12-10 14:06:09 -06:00
Nicolas Williams
8e04b6dce2
Address code review comments (use krb5_enomem())
2011-12-10 14:05:35 -06:00
Nicolas Williams
abd065be02
Add a test for krb5_kuserok()
2011-12-08 13:34:02 -06:00
Nicolas Williams
b9f8e6d956
Add DENY rule for krb5_kuserok() and update manpage
2011-12-08 13:34:02 -06:00
Nicolas Williams
8e63cff2cc
Document krb5_kuserok() configuration parameters
2011-12-08 13:34:01 -06:00
Nicolas Williams
ad7e54d698
Generalize token expansion to allow for context-specific tokens
2011-12-08 13:33:37 -06:00
Nicolas Williams
6aec02f979
Make krb5_kuserok() pluggable and add features (including MIT config compat)
2011-12-08 13:33:36 -06:00
Nicolas Williams
cfe7f6312a
Improve _krb5_plugin_run_f()
2011-12-08 13:33:36 -06:00
Love Hörnquist Åstrand
b8c710a130
some more status
2011-12-03 13:36:39 -08:00
Love Hörnquist Åstrand
0e6bd29e44
use right directory
2011-12-03 13:36:32 -08:00
Love Hörnquist Åstrand
01884ebf2f
fix argument order
2011-12-03 13:24:15 -08:00
Love Hörnquist Åstrand
fdeb7b2318
fix sizeof
2011-12-03 13:02:28 -08:00
Nicolas Williams
89bae59b49
Fix error clobbering bug and code review comments
2011-12-02 01:04:22 -06:00
Nicolas Williams
da14596f0e
Add a test for aname2lname
2011-12-02 01:03:31 -06:00
Nicolas Williams
f468ed4759
Make krb5_aname_to_localname() use the libheimbase binary search functions
2011-12-02 01:03:08 -06:00
Nicolas Williams
659c761213
Add private text file binary search API to libheimbase
2011-12-02 01:02:44 -06:00
Nicolas Williams
aea02876e7
Initial aname2lname plugin patch based on code from Love
...
Included is a default plugin that searches a sorted text file where
every line is of the form:
<unparsed-principal>[<whitespace><username>]
If the username is missing in a matching line then an error is
returned. If a matching line is not found then the next plugin will
be allowed to run, if any.
2011-12-02 00:58:26 -06:00
Nicolas Williams
d0abcebf80
Make _krb5_plugin_run_f() use krb5_plugin_register()ed plugins too
2011-12-02 00:58:26 -06:00
Love Hörnquist Åstrand
58329bc1a0
__HEIM_OCTET_STRING__
2011-11-30 00:35:51 -08:00
Love Hörnquist Åstrand
32aef60c6c
__HEIM_OCTET_STRING__
2011-11-30 00:34:50 -08:00
Love Hörnquist Åstrand
206b22c9f5
add data object
2011-11-29 23:40:28 -08:00
