oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
26,473 Commits 2 Branches 2 Tags
40a53bae5f4732fc5ac152b83a94e22ddccf7f02
Commit Graph

170 Commits

Author SHA1 Message Date
Love Hornquist Astrand
0879b9831a remove trailing whitespace 2011-05-21 11:57:31 -07:00
Jeffrey Altman
6850d6a65f avoid uninit variable and unreachable code warnings 
most of these warnings are not problems because of ample
use of abort() calls.  However, the large number of warnings
makes it difficult to identify real problems.  Initialize
the variables to shut up the compilers.

Change-Id: I8477c11b17c7b6a7d9074c721fdd2d7303b186a8
 2011-05-17 12:02:16 -04:00
Love Hornquist Astrand
f5f9014c90 Warning fixes from Christos Zoulas 
- shadowed variables
- signed/unsigned confusion
- const lossage
- incomplete structure initializations
- unused code
 2011-04-29 20:25:05 -07:00
Love Hornquist Astrand
42f9c644cf Also try key usage 8 for tgs-rep subkey 
If the is Windows 2000 DC, we need to retry with key usage 8 when doing ARCFOUR.

Thanks to Andrew and Tridge that helped me debug this using their systems.
 2010-11-29 11:19:24 -08:00
Love Hornquist Astrand
c6d0dea6be remove dup prototype, fix the ok_as_delegate protocol 2010-11-25 11:21:05 -08:00
Asanka C. Herath
35ac353f73 Add forward declaration of get_cred_kdc_capth() 2010-11-24 15:33:14 -05:00
Love Hornquist Astrand
6184422fef compare the value of the client realm now that it might not be the same pointer 
fixes the check-delegate test that the new direct hop patch broke
 2010-11-01 13:46:56 -07:00
Love Hornquist Astrand
a16f7ea0ab add missing 
prototype
 2010-10-31 01:09:24 -07:00
Asanka C. Herath
a73d30e619 get_cred_kdc_capath() always try direct cross-realm first 2010-10-31 01:04:27 -07:00
Asanka Herath
5dcc605f6b Fix calling conventions for Windows 2010-08-20 13:14:10 -04:00
Love Hornquist Astrand
4a6a9d026b Plug double frees, patch orignally from Matthias Dieter Wallnöfer 2010-06-29 08:12:55 -07:00
Love Hornquist Astrand
03262460dd use krb5_principal_is_krbtgt 2010-03-07 01:01:32 -08:00
Love Hornquist Astrand
687db64c56 Patch from Secure Endpoints/Asanka Herath for windows support 2009-12-21 08:45:28 +01:00
Love Hornquist Astrand
dab6e078b2 more logging, track kdc offset better 2009-11-22 12:24:58 -08:00
Love Hornquist Astrand
ae56d6eede unused variable 2009-11-17 15:51:41 -08:00
Love Hornquist Astrand
316fc6ff8f Simplify subkey usage for tgs-req, don't rewrite tgs-rep-sub-key keyuage for arcfour, its correct 2009-11-15 21:31:25 -08:00
Love Hornquist Astrand
977acdd84d Always send subkey and assume reply is encrypted using subkey 2009-10-11 09:12:01 -07:00
Love Hornquist Astrand
8e08aa0a15 Use krb5_free_keyblock() 2009-10-11 08:45:51 -07:00
Love Hornquist Astrand
57b40643b9 use server name for referral decision 2009-10-06 07:38:29 -07:00
Love Hornquist Astrand
6d1d17efed don't canonicalize names that are short then 2 name element 
Since KDC will probably guess wrong on them, and doing
afs@CLIENT-REALM have too large change of actually working.
 2009-10-05 22:07:47 -07:00
Love Hornquist Astrand
753e2cc925 Check that enctypes are valid/enabled before trying to request them 2009-10-05 19:17:11 -07:00
Love Hornquist Astrand
dc31556b7d use krb5_generate_subkey_extended 2009-10-04 11:12:43 -07:00
Love Hornquist Astrand
9211c47a30 Deprecate krb5_get_cred_from_kdc{,_opt} since they are replacement functions 2009-07-17 20:38:32 -07:00
Love Hornquist Astrand
80021f5e05 Make get_cred_kdc_any a private function. 2009-07-17 20:36:42 -07:00
Love Hornquist Astrand
de5110c05a (krb5_get_kdc_cred): make sure that out_creds points to NULL on failure 2009-07-16 23:54:54 -07:00
Love Hörnquist Åstrand
942a821fab remove RCSID 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25171 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-05-04 06:17:40 +00:00
Love Hörnquist Åstrand
6adab55480 rename S4U2SELF to FOR_USER 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@25046 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-04-03 04:04:54 +00:00
Love Hörnquist Åstrand
f1a7da6a55 Patch from Riverbed (Derrick Pallas) under the license of the files they are in: 
memory leak in krb5_get_creds_opt->ticket

	The function krb5_get_creds_opt_set_ticket copies a Ticket
	into a krb5_get_cred_opt structure. However,
	krb5_get_creds_opt_free does not clean up this Ticket, even
	thought he manual pages indicate that it should.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24945 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2009-03-25 15:37:42 +00:00
Love Hörnquist Åstrand
7f51de4922 check that length > 0, not that data is a pointer, cid#143 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24107 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-12-11 05:00:49 +00:00
Love Hörnquist Åstrand
60d35f97bc use asn1 decoder function directly 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@24060 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-12-11 04:50:58 +00:00
Love Hörnquist Åstrand
03babea1e3 switch to krb5_clear_error_message 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23911 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-10-14 02:55:39 +00:00
Love Hörnquist Åstrand
44c8e64262 split long lines 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23870 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-28 05:14:55 +00:00
Love Hörnquist Åstrand
11ffd80c63 Strip of ok-as-delegate for the tgt/service if the cross ticket didn't 
have one.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23846 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-20 11:16:33 +00:00
Love Hörnquist Åstrand
6937d41a02 remove trailing whitespace 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23815 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 09:21:03 +00:00
Love Hörnquist Åstrand
e172367898 switch to utf8 encoding of all files 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23814 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-13 08:53:55 +00:00
Love Hörnquist Åstrand
e8a185dbf5 N_()ify 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23759 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-09-07 21:17:02 +00:00
Love Hörnquist Åstrand
d542833a1f use krb5_set_error_message 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23280 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-06-23 03:26:18 +00:00
Love Hörnquist Åstrand
e46ef6c72a Try both kdc server referral and the old client chasing mode. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22770 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:09:29 +00:00
Love Hörnquist Åstrand
2523a24965 Don't do canonicalize by default, make add_cred() sane, make loop 
detection in credential fetching better.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22768 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:09:21 +00:00
Love Hörnquist Åstrand
526b428c75 Make work for constrained delegation and impersonation. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22758 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:08:43 +00:00
Love Hörnquist Åstrand
e33ec47aaf Try moving referrals checking into _krb5_extract_ticket(). 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22743 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:07:46 +00:00
Love Hörnquist Åstrand
1da2a3782e Add code to check PA_ServerReferralData. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22737 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:07:22 +00:00
Love Hörnquist Åstrand
d6845ca8a4 kill trailing whitespace 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22734 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:07:09 +00:00
Love Hörnquist Åstrand
a86c4ec9ab Insecure tgs referrals. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22723 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:06:26 +00:00
Love Hörnquist Åstrand
756ead1cd9 Find_cred to try krb5_cc_retrieve_cred first, remove comment. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22719 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:06:08 +00:00
Love Hörnquist Åstrand
92e7251a36 Refactor code to flatten the call-tree. 
Make the ticket request in the TGS-REQ inherit the address-ness of the
krbtgt if the address is not specified in the function call.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22717 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:06:00 +00:00
Love Hörnquist Åstrand
e5baf09800 Dont try key usage KRB5_KU_AP_REQ_AUTH for TGS-REQ. This drop 
compatibility with pre 0.3d KDCs.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22714 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:05:49 +00:00
Love Hörnquist Åstrand
829360b3f6 Catch KRB5_GC_CANONICALIZE. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22708 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-03-24 12:05:26 +00:00
Love Hörnquist Åstrand
fd82ee85e7 Remove support for [libdefaults]capath (not [libdefaults] capaths though). 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@22530 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2008-01-27 11:48:16 +00:00
Love Hörnquist Åstrand
b3ce2858da Make krb5_get_renewed_creds work, from Gunther Deschner. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@21668 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-07-22 11:28:05 +00:00