oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity
27,092 Commits 2 Branches 2 Tags
5b2d65fa2bc4cee683531c4d23c25349f8cc7b19
Commit Graph

4983 Commits

Author SHA1 Message Date
Love Hornquist Astrand
b6d5637b61 fill in more bits 2011-07-24 20:24:39 -07:00
Love Hornquist Astrand
7635eee8c4 simplify 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
04c7dd7cee start completion of KrbFastFinished 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
91df0a8120 add _krb5_fast_cf2 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
19e572db60 add krb5_process_last_request 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
b73d402a47 export process last request 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
01993e8d76 remove to strict usage 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
a01520cb50 validate KRB5_PADATA_REQ_ENC_PA_REP 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
adf772865c new use of _krb5_extract_ticket 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
aaf9594429 new use of _krb5_extract_ticket 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
f76cf44d82 add KRB5_ANON_REALM 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
d9b36b3155 add fast.c 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
7b398263da Partial FAST 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
0ca5e44955 shared key for _krb5_fast_armor_key 2011-07-24 20:24:38 -07:00
Love Hornquist Astrand
8e65528f84 disable none 2011-07-24 20:24:37 -07:00
Love Hornquist Astrand
2e8b550e7b punt if caller passed us a crypto object, we didn't find a keyed checksum type 2011-07-24 20:24:37 -07:00
Love Hornquist Astrand
7c55029060 Add fast armor bits 2011-07-24 20:24:37 -07:00
Love Hornquist Astrand
16d16588d2 move back init_as_req when building packet 2011-07-24 20:24:36 -07:00
Love Hornquist Astrand
7bc5fe72fb more keyusage 2011-07-24 20:24:36 -07:00
Love Hornquist Astrand
91fce795af add more key usage for fast 2011-07-24 20:24:35 -07:00
Love Hornquist Astrand
c148c2b432 unused key 2011-07-24 20:24:35 -07:00
Love Hornquist Astrand
580ba6aa72 KU bits for fast 2011-07-24 20:24:34 -07:00
Love Hörnquist Åstrand
1879af9e43 Break out fast state, shuffle around state so that as-req is inited earlier 2011-07-24 20:24:34 -07:00
Love Hörnquist Åstrand
04128ac081 Use reply_key from fast layer. 2011-07-24 20:24:34 -07:00
Love Hörnquist Åstrand
fd7c870550 add reply reply_key 2011-07-24 20:24:34 -07:00
Love Hörnquist Åstrand
a5e342f8ba Add fast_state. 2011-07-24 20:24:34 -07:00
Love Hörnquist Åstrand
8060a561db switch to KRB5_ENCTYPE 2011-07-24 16:02:22 -07:00
Love Hörnquist Åstrand
8fccb51d49 Merge pull request #12 from nicowilliams/krb5_admin_patches_2nd 
Krb5 admin patches 2nd

This has all the patches needed for krb5_admind to build and pass most tests, that includes:
- more kadm5 API compatibility (including very basic profile functionality)
- multi-kvno support (useful for key rollovers) (a test for this is included in tests/db/check-kdc)

Unfinished:
- password history (currently uses key history, needs to be separated and use digests)
- policies (only default policy allowed)
- mit kdb changes not tested yet


Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2011-07-24 15:41:36 -07:00
Love Hörnquist Åstrand
671e231d75 fix warning 2011-07-24 14:09:23 -07:00
Linus Nordberg
2e35198908 Add version-script.map to _DEPENDENCIES. 
Added to 11 out of 14 directories with map files.  Not lib/ntlm,
lib/hcrypto and kdc which have the map file as an explicit dependency
to _OBBJECTS.

Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2011-07-24 14:07:59 -07:00
Love Hörnquist Åstrand
f60ec15834 partly unify enctype/keytype since there is only enctypes 2011-07-24 14:03:08 -07:00
Andrew Bartlett
84bc108d8f lib/krb5: Allow any kvno to match when searching the keytab. 
Windows does not use a KVNO when it checks it's passwords, and MIT
doesn't check the KVNO when no acceptor identity is specified (looping
over all keys in the keytab).

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2011-07-24 10:37:40 -07:00
Love Hörnquist Åstrand
4bff0fbb31 check for NULL as argument to krb5_{prepend,set}_error_message functions 2011-07-23 12:06:01 -07:00
Love Hörnquist Åstrand
fb8c65a8c2 better logging 2011-07-23 11:44:42 -07:00
Love Hörnquist Åstrand
12403a31ce sprinkle more windows files 2011-07-23 11:18:21 -07:00
Nicolas Williams
6e04b05e9d Initial support for kadm5_randkey_principal_3(), needed by krb5_admin. 
NOT TESTED YET.
 2011-07-22 16:04:52 -05:00
Jeffrey Altman
c13deafcce Synchronize Windows export list with Unix 
Change-Id: Ic0ee3d1f4b49761fbd2676f4f9562f1bf906e382
 2011-07-21 11:50:45 -04:00
Love Hörnquist Åstrand
f79183821f sprinkle doxygen and kode more like the rest of the code base 2011-07-19 21:29:19 -07:00
Roland C. Dowdeswell
77c8ef2c06 krb5_free_default_realm() from mit_glue.c needs to be exported to be useful. 
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2011-07-19 21:25:47 -07:00
Roland C. Dowdeswell
3ef06de67b Fix a couple of bugs in krb5_c_valid_enctype(): 
1.  on errors, it appears to core dump, and

      2.  the sense of the return code is inverted from the
          MIT implementation.

Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2011-07-19 21:25:15 -07:00
Love Hörnquist Åstrand
7aaba443bc add NTMakefile and windows directories 2011-07-17 12:16:59 -07:00
Love Hörnquist Åstrand
9bff431435 sizeof is used incorrectly in DES3_random_to_key() 
from OpenBSD via Jonathan Gray <jsg@goblin.cx>
 2011-07-13 23:16:06 -07:00
Jeffrey Altman
49cead6a58 Merge pull request #11 from asankah/master 
Updates from Asanka to complete the Heimdal on Windows install package.  Plugins in Software/Heimdal; customizable 32-bit tools directory in multi-platform installer; Feature Tree view; and updated version number.
 2011-06-20 13:26:52 -07:00
Love Hörnquist Åstrand
5a25df7851 set HEIMDAL_LOCALEDIR for librfc3961.la too 2011-06-19 11:02:27 -07:00
Asanka C. Herath
3048545de3 Windows: Use Software/Heimdal registry key for Heimdal specific configuration 
The 'plugin_dir' value is Heimdal specific.  So keep it in the
Software/Heimdal registry key.  The Software/Kerberos registry key
will also be loaded and will contain generic Kerberos configuration.
 2011-06-15 01:55:19 -04:00
Love Hörnquist Åstrand
7dccddc6fb count number of enctypes too 2011-06-14 21:44:23 -07:00
Love Hörnquist Åstrand
0f489b7b28 unexport krb5_init_etype, remove duplicate code 2011-06-14 21:08:52 -07:00
Nicolas Williams
016193ac6a Added manpage documentation for krb5_{as, tgs}_enctypes. 
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2011-06-14 20:35:19 -07:00
Nicolas Williams
2fbad6432b Initial support for default_{as, tgs}_etypes. 
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2011-06-14 20:35:19 -07:00
Nicolas Williams
256cf6ea12 This patch adds support for a use-strongest-server-key krb5.conf kdc parameter that controls how the KDC (AS and TGS) selects a long-term key from a service principal's HDB entry. If TRUE the KDC picks the strongest supported key from the service principal's current keyset. If FALSE the KDC picks the first supported key from the service principal's current keyset. 
Signed-off-by: Love Hörnquist Åstrand <lha@h5l.org>
 2011-06-14 20:35:19 -07:00