oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
19,677 Commits 2 Branches 2 Tags
4f34cd5a5254dbcbf54b1cc77d1e22a01abea56f
Commit Graph

88 Commits

Author SHA1 Message Date
Love Hörnquist Åstrand
97e369f300 don't check size since that currently leaks memory 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20430 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-04-19 10:33:30 +00:00
Love Hörnquist Åstrand
f37c85ba61 pass extra flags for detached signatures. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20171 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-02-03 22:47:25 +00:00
Love Hörnquist Åstrand
80ada635f1 (_kdc_as_rep): check if krb5_generate_random_keyblock failes. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19686 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2007-01-04 12:54:09 +00:00
Love Hörnquist Åstrand
c7d5dd6b32 Less verbose error message. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19304 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-10 01:12:00 +00:00
Love Hörnquist Åstrand
8300ee6ee2 (_kdc_add_inital_verified_cas): new function, adds an empty (for now) 
AD_INITIAL_VERIFIED_CAS to tell the clients that we vouches for the CA.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19261 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-06 21:21:11 +00:00
Love Hörnquist Åstrand
85bcc19262 (_kdc_pk_rd_padata): leak less memory for ExternalPrincipalIdentifiers 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19250 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-06 13:10:21 +00:00
Love Hörnquist Åstrand
24ce3844d0 update (c) 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19248 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-06 12:31:09 +00:00
Love Hörnquist Åstrand
a36abf458c Remove unused function. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19247 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-06 12:25:47 +00:00
Love Hörnquist Åstrand
528e4e53e7 Parse and use PA-PK-AS-REQ.trustedCertifiers 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19244 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-06 12:21:02 +00:00
Love Hörnquist Åstrand
65d743807c Add comment that the anchors in the signed data really should be the 
trust anchors of the client.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19241 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-12-06 10:42:41 +00:00
Love Hörnquist Åstrand
5b304e5f20 Need better code in the DH parameter rejection case, add comment to 
that effect.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19165 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-11-28 03:41:55 +00:00
Love Hörnquist Åstrand
480aff7f9b (_kdc_pk_rd_padata): Pick up supportedCMSTypes and pass in into 
hx509_cms_create_signed_1 via hx509_peer_info blob.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19125 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-11-26 16:38:51 +00:00
Love Hörnquist Åstrand
ddfe47e5e1 Update hx509_cms_create_signed_1. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19120 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-11-26 15:50:48 +00:00
Love Hörnquist Åstrand
61623b636c Make app pkinit options prefixed with pkinit_ 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19068 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-11-17 22:20:25 +00:00
Love Hörnquist Åstrand
204ec47405 (_kdc_pk_check_client): drop client_princ as an argument 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18984 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-11-10 03:37:43 +00:00
Love Hörnquist Åstrand
9956ae0200 Catch error string from hx509_cms_verify_signed. 
Check for id-pKKdcEkuOID and warn if its not there.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18933 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-11-07 17:24:57 +00:00
Love Hörnquist Åstrand
896bc81f54 Default to always print subject dn for pk-init authorization. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18874 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-10-24 17:51:33 +00:00
Love Hörnquist Åstrand
69883abf62 Prefix der primitives with der_. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18460 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-10-14 10:16:45 +00:00
Love Hörnquist Åstrand
ca35d60f1e (pk_mk_pa_reply_enckey): add missing break. From Olga Kornievskaia. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18427 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-10-12 20:00:25 +00:00
Love Hörnquist Åstrand
760f9f5bee Sign the request in the encKey case. 
Bug reported by Olga Kornievskaia of Umich.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@18220 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-10-04 20:54:25 +00:00
Love Hörnquist Åstrand
615106f750 (_kdc_pk_check_client): make it not crash when there are no acl 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17831 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-07-13 18:37:58 +00:00
Love Hörnquist Åstrand
fea203a708 (_kdc_pk_check_client): use the acl in the kerberos database 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17830 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-07-13 18:32:45 +00:00
Love Hörnquist Åstrand
4c970b550e Avoid shadowing. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17579 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-13 21:22:55 +00:00
Love Hörnquist Åstrand
eeb100abe7 Don't call DH_check_pubkey, it doesn't exists in older OpenSSL. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17489 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-06 13:22:33 +00:00
Love Hörnquist Åstrand
044719a5bd (_kdc_pk_mk_pa_reply): send back ocsp response if it seems to be 
valid, simplfy the pkinit-windows DH case (it doesn't exists).


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17410 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-05-02 14:04:34 +00:00
Love Hörnquist Åstrand
36b923f56a (_kdc_pk_check_client): reorganize and make log when a SAN matches. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17348 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-29 14:30:01 +00:00
Love Hörnquist Åstrand
61be59e8c7 make compile 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17290 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 18:53:52 +00:00
Love Hörnquist Åstrand
459f0648f1 Add option [kdc]pki-allow-proxy-certificate=bool to allow using proxy certificate. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17287 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 18:42:48 +00:00
Love Hörnquist Åstrand
d7bc1efbc8 (_kdc_pk_check_client): Use hx509_cert_get_base_subject to get subject 
name of the certificate, needed for proxy certificates.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17285 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-26 18:36:22 +00:00
Love Hörnquist Åstrand
313fa917d5 Adapt to change in hx509_cms_create_signed_1. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17171 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-22 12:10:16 +00:00
Love Hörnquist Åstrand
1b73708904 (_kdc_pk_rd_padata): use hx509_cms_unwrap_ContentInfo. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17117 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-20 19:55:09 +00:00
Love Hörnquist Åstrand
2ad7b45365 Handle diffrences between libhcrypto and libcrypto. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17111 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-20 18:15:48 +00:00
Love Hörnquist Åstrand
6815452550 Added certificate revoke information from configuration file. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17054 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-04-12 13:21:46 +00:00
Love Hörnquist Åstrand
945efb8a96 Add pool of certificates to help certificate path building for clients 
sending incomplete path in the signedData.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16854 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-28 19:57:25 +00:00
Love Hörnquist Åstrand
cd6acf1200 Allow passing in related certificates used to build the chain. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16850 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-28 04:38:14 +00:00
Love Hörnquist Åstrand
56057ad91b (pk_mk_pa_reply_dh): encode the DH public key with asn1 wrapping 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16822 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-27 02:27:59 +00:00
Love Hörnquist Åstrand
b6350decc0 (_kdc_pk_check_client): More logging. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16821 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-27 02:15:12 +00:00
Love Hörnquist Åstrand
f024392e81 Switch to hx509. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16814 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-03-26 23:55:17 +00:00
Love Hörnquist Åstrand
5290184954 update to new paChecksum definition, use hdb_entry_ex 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16733 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2006-02-13 11:48:21 +00:00
Love Hörnquist Åstrand
3bfded2697 (get_dh_param): Pass down config so this function can check pkinit_dh_min_bits 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16210 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-21 17:14:19 +00:00
Love Hörnquist Åstrand
1ef128fbff Removing PK-INIT-19 support. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16141 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-07 11:00:05 +00:00
Love Hörnquist Åstrand
b1fffa7079 Save DH group name and print it on success. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16139 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-07 10:40:00 +00:00
Love Hörnquist Åstrand
776512783d Check dh group parameters from client. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16137 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-10-07 08:57:51 +00:00
Love Hörnquist Åstrand
61b1ea80de The public DH key is encoded as an INTEGER in subjectPublicKey. 
Don't verify OID's for now.


git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16098 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-25 15:18:14 +00:00
Love Hörnquist Åstrand
f498bc66ae Implement correct DH for -27, now working with client. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16088 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-22 13:41:01 +00:00
Love Hörnquist Åstrand
28d0ef8d96 Move DH support from -19 to -27. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16086 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-21 00:40:32 +00:00
Love Hörnquist Åstrand
39b04f72d8 Support PK-INIT-27 DH (and remove -19) 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@16080 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-09-20 19:10:29 +00:00
Love Hörnquist Åstrand
aa0dc9b533 Switch over logging and comments to -27. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15923 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-08-12 09:21:40 +00:00
Love Hörnquist Åstrand
761074d9a4 (pk_mk_pa_reply_enckey): add missing break; 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15922 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-08-12 09:14:52 +00:00
Love Hörnquist Åstrand
9c7e1cc84a Make compile. 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@15920 ec53bebd-3082-4978-b11e-865c3cabbd6b
 2005-08-12 08:58:10 +00:00