oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
29,310 Commits 2 Branches 2 Tags
5716b51c184b10600955f3a75dd1b396d06cdace
Commit Graph

405 Commits

Author SHA1 Message Date
Nicolas Williams
1826106ff4 When asking for the strongest key, get it right 2013-07-27 17:29:54 -05:00
Nicolas Williams
1f147f0fa6 Check all three DES types 2013-07-27 16:51:01 -05:00
Nicolas Williams
f4f89ac8e0 Fix bug with use strongest session key feature 2013-07-27 03:21:12 -05:00
Love Hornquist Astrand
bf69625424 spelling 2013-07-19 00:26:28 +02:00
Love Hornquist Astrand
a21f1f384a We always say we support FAST/enc-pa-rep 2013-07-19 00:24:43 +02:00
Love Hornquist Astrand
efe81b12ef allow the non preauth case again 2013-07-11 15:56:04 +02:00
Roland C. Dowdeswell
0da84c0c3a Add require-pwchange flag to HDB and honour it if present in mit-db:. 2012-02-27 10:19:54 +00:00
Roland C. Dowdeswell
e8779d5d4a Add -Wshadow and deal with the warnings. 2012-02-21 11:17:55 +00:00
Nicolas Williams
c757eb7fb0 Rename and fix as/tgs-use-strongest-key config parameters 
Different ticket session key enctype selection options should
    distinguish between target principal type (krbtgt vs. not), not
    between KDC request types.
 2011-11-25 17:21:04 -06:00
Nicolas Williams
c9609cdb37 Initial patch for dealing with AD x-realm key rollover 
AD issues x-realm TGTs with kvno 0.  On key x-realm trust key change
    we need to be able to try current and previous keys for trust, else
    we will have some failures.
 2011-11-15 21:53:33 -06:00
Nicolas Williams
3bebbe5323 Fixes to make Heimdal -Wall -Werror clean 
These fixes make developer mode build, at least on Ubuntu.
 2011-11-02 21:42:08 -05:00
Love Hörnquist Åstrand
1a1bd736c0 merge support for FAST in as-req codepath 2011-10-28 19:25:48 -07:00
Stefan Metzmacher
83a22ce18f kdc: pass down HDB_F_FOR_AS_REQ and HDB_F_FOR_TGS_REQ to the hdb layer 
metze

Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2011-07-30 11:56:46 -07:00
Love Hörnquist Åstrand
61f69ea5b1 spelling 2011-07-24 22:36:27 -07:00
Love Hörnquist Åstrand
5a31cf1a52 spelling 2011-07-24 22:36:21 -07:00
Love Hörnquist Åstrand
46f285bcc9 encode fast state in the fast cookie 2011-07-24 21:16:42 -07:00
Love Hörnquist Åstrand
721c5634d5 make compile after rebase 2011-07-24 20:24:39 -07:00
Love Hörnquist Åstrand
6b942e6ec2 free fast cookie 2011-07-24 20:24:39 -07:00
Love Hornquist Astrand
b00f1ceeb9 should use hide_client_names 2011-07-24 20:24:39 -07:00
Love Hornquist Astrand
57b96a269e different logging 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
b6e56322f3 Check if message too large 2011-07-24 20:24:37 -07:00
Love Hornquist Astrand
035afb17db use et, ek from r-> 2011-07-24 20:24:37 -07:00
Love Hornquist Astrand
4d63c98125 Break out PAC generation 2011-07-24 20:24:37 -07:00
Love Hornquist Astrand
94157d4410 dont pass req buffer to _kdc_encode_reply 2011-07-24 20:24:37 -07:00
Love Hornquist Astrand
b8c168e565 check return length 2011-07-24 20:24:37 -07:00
Love Hornquist Astrand
9a21fddb70 use kdc_request_t for add_enc_pa_req 2011-07-24 20:24:37 -07:00
Love Hornquist Astrand
6319f31ecf break out KRB5_PADATA_REQ_ENC_PA_REP 2011-07-24 20:24:37 -07:00
Love Hornquist Astrand
1e048065c1 switch to _kdc_r_log 2011-07-24 20:24:37 -07:00
Love Hornquist Astrand
68bd6f63e8 move PKINIT to a preauth mech too 2011-07-24 20:24:37 -07:00
Love Hornquist Astrand
07342aa138 Add and use _kdc_set_e_text() 2011-07-24 20:24:37 -07:00
Love Hornquist Astrand
13eeb30a1d Create a request structure 2011-07-24 20:24:37 -07:00
Love Hornquist Astrand
0332787e0f Hide client name of privacy reasons 2011-07-24 20:24:36 -07:00
Love Hornquist Astrand
17d5f8d19e make AS work with FAST 2011-07-24 20:24:36 -07:00
Love Hornquist Astrand
6c31f5a95f free ac after its used 2011-07-24 20:24:36 -07:00
Love Hornquist Astrand
a2bcf8bbdd break out mk_error 2011-07-24 20:24:36 -07:00
Love Hornquist Astrand
04983dfd94 Preserve outer error 2011-07-24 20:24:36 -07:00
Love Hornquist Astrand
4561012998 fix up to update kdc_db_fetch 2011-07-24 20:24:36 -07:00
Love Hornquist Astrand
79703dc3cc memory management 2011-07-24 20:24:36 -07:00
Love Hornquist Astrand
8eb256ea00 send enc challange in KDC reply 2011-07-24 20:24:36 -07:00
Love Hornquist Astrand
7151d4e66c partial handling of ENC-CHALLANGE 2011-07-24 20:24:36 -07:00
Love Hornquist Astrand
7d1a059f9e comment why we add cookie 2011-07-24 20:24:36 -07:00
Love Hornquist Astrand
1fac725de4 send cookie on error and send right error message 2011-07-24 20:24:36 -07:00
Love Hornquist Astrand
deed0642d0 Handle ticket checksum 2011-07-24 20:24:35 -07:00
Love Hornquist Astrand
bcbcc67ab7 try handle finished message, ticket processing missing 2011-07-24 20:24:35 -07:00
Love Hornquist Astrand
35d4b23a22 start error codes finish message 2011-07-24 20:24:35 -07:00
Love Hornquist Astrand
c6a9bdb140 spelling 2011-07-24 20:24:35 -07:00
Love Hornquist Astrand
6a74bba8f9 move out generic fast packet building into fast.c 2011-07-24 20:24:35 -07:00
Love Hornquist Astrand
e372cc6b8a re-shuffle to make c90 compatible 2011-07-24 20:24:35 -07:00
Love Hornquist Astrand
1af9487bff got fetch armor key 2011-07-24 20:24:35 -07:00
Love Hornquist Astrand
a1feab396e more ticket bits 2011-07-24 20:24:35 -07:00